[Pkg-puppet-devel] puppet_2.6.2-5+squeeze6_amd64.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Thu Jul 12 22:49:46 UTC 2012
Notes:
Mapping stable-security to proposed-updates.
Accepted:
puppet-common_2.6.2-5+squeeze6_all.deb
to main/p/puppet/puppet-common_2.6.2-5+squeeze6_all.deb
puppet-el_2.6.2-5+squeeze6_all.deb
to main/p/puppet/puppet-el_2.6.2-5+squeeze6_all.deb
puppet-testsuite_2.6.2-5+squeeze6_all.deb
to main/p/puppet/puppet-testsuite_2.6.2-5+squeeze6_all.deb
puppet_2.6.2-5+squeeze6.debian.tar.gz
to main/p/puppet/puppet_2.6.2-5+squeeze6.debian.tar.gz
puppet_2.6.2-5+squeeze6.dsc
to main/p/puppet/puppet_2.6.2-5+squeeze6.dsc
puppet_2.6.2-5+squeeze6_all.deb
to main/p/puppet/puppet_2.6.2-5+squeeze6_all.deb
puppetmaster_2.6.2-5+squeeze6_all.deb
to main/p/puppet/puppetmaster_2.6.2-5+squeeze6_all.deb
vim-puppet_2.6.2-5+squeeze6_all.deb
to main/p/puppet/vim-puppet_2.6.2-5+squeeze6_all.deb
Changes:
puppet (2.6.2-5+squeeze6) stable-security; urgency=high
.
* Add patch to fix puppet master vulnerabilities (CVE-2012-3864,
CVE-2012-3865, CVE-2012-3866, CVE-2012-3867)
- CVE-2012-3864: Arbitrary file read on the puppet master from
authenticated clients (high)
- CVE-2012-3865: Arbitrary file delete/D.O.S on Puppet Master from
authenticated clients (high)
- CVE-2012-3866: last_run_report.yaml is world readable (medium)
- CVE-2012-3867: Insufficient input validation for agent hostnames (low)
Override entries for your package:
puppet-common_2.6.2-5+squeeze6_all.deb - optional admin
puppet-el_2.6.2-5+squeeze6_all.deb - optional admin
puppet-testsuite_2.6.2-5+squeeze6_all.deb - optional admin
puppet_2.6.2-5+squeeze6.dsc - source admin
puppet_2.6.2-5+squeeze6_all.deb - optional admin
puppetmaster_2.6.2-5+squeeze6_all.deb - optional admin
vim-puppet_2.6.2-5+squeeze6_all.deb - optional admin
Announcing to debian-changes at lists.debian.org
Thank you for your contribution to Debian.
More information about the Pkg-puppet-devel
mailing list