[Pkg-puppet-devel] Puppet security fix for squeeze-backports
Russ Allbery
rra at debian.org
Wed Jul 3 18:02:55 UTC 2013
micah <micah at debian.org> writes:
> I tried to do this backport, but have been unable to succeed, primarily
> because the new version that fixes this issue has a new dependency on
> ruby-rspec. ruby-rspec is not in squeeze, and backporting it is very
> painful (there are unsatisfied requirements on some thorny things like
> specific ruby1.9.1 versions that also aren't in squeeze).
> I'm not sure what to do about this.
> The ruby-rspec build-dep was removed a few days ago by Stig as it wasn't
> necessary for the newer versions, but it is still there in the Wheezy
> security upload.
Ah! Thank you. Okay, it sounds like I should plan to upgrade all of my
Puppet masters to wheezy.
Does anyone know if the Puppet CA is also affected by this vulnerability?
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-puppet-devel
mailing list