[Pkg-puppet-devel] [DSA 2715-1] puppet security update & squeeze-backports
Russ Allbery
rra at debian.org
Tue Jul 9 16:43:46 UTC 2013
Hoshi Hoshimoto <hoshi.hoshimoto at googlemail.com> writes:
> I take it from your answer and the description of DSA-2715-1, that
> upgrading the Puppetmaster is enough to be safe?
I'm not sure whether you also need to upgrade the Puppet CA. I don't
*think* so from the description, since the vulnerability involves
interpreting data from the client, and I wouldn't think the Puppet CA
would do that. But I've not seen any confirmation there.
You shouldn't need to upgrade the clients.
--
Russ Allbery (rra at debian.org) <http://www.eyrie.org/~eagle/>
More information about the Pkg-puppet-devel
mailing list