[Pkg-puppet-devel] [DSA 2715-1] puppet security update & squeeze-backports
Hoshi Hoshimoto
hoshi.hoshimoto at googlemail.com
Wed Jul 10 08:24:42 UTC 2013
Am 09.07.2013 18:43, schrieb Russ Allbery:
> Hoshi Hoshimoto <hoshi.hoshimoto at googlemail.com> writes:
>
>> I take it from your answer and the description of DSA-2715-1, that
>> upgrading the Puppetmaster is enough to be safe?
>
> I'm not sure whether you also need to upgrade the Puppet CA. I don't
> *think* so from the description, since the vulnerability involves
> interpreting data from the client, and I wouldn't think the Puppet CA
> would do that. But I've not seen any confirmation there.
>
> You shouldn't need to upgrade the clients.
>
Well, out of curiosity I went forward and also upgraded my
(test-)clients, again without any issues.
Therefore I also did the upgrade on the productive Puppetmaster and its
clients. Works abolutely fine so far.
So for anybody interested in this, the current Puppet packages from
wheezy (2.7.18-5) seem to work perfectly fine on squeeze.
Regards,
Hoshi
More information about the Pkg-puppet-devel
mailing list