[Pkg-puppet-devel] Bug#712745: Re: Bug#712745: Bug#7712745: puppet: CVE-2013-3567

Chris Boot crb at tiger-computing.co.uk
Wed Jul 31 15:43:29 UTC 2013


On 25/06/13 17:36, Raphael Geissert wrote:
> On 21 June 2013 17:07, Raphael Geissert <geissert at debian.org> wrote:
>> As promised via IRC, attached patch is a version that actually works.
> 
> And now a patch to be applied on top of it to restore the
> compatibility of the reports.

This patch isn't part of 2.7.18-5, which is currently in wheezy. We've
had to roll our own update internally that includes the patch in order
to correctly process reports from other servers.

Are there any plans to push out a 2.7.18-6 update that includes
CVE-2013-3567.fixup-for-v3.patch? Would a source debdiff to do this be
welcome?

Best regards,
Chris

-- 
Chris Boot
Tiger Computing Ltd
"Linux for Business"

Tel: 01600 483 484
Web: http://www.tiger-computing.co.uk
Follow us on Facebook: http://www.facebook.com/TigerComputing

Registered in England. Company number: 3389961
Registered address: Wyastone Business Park,
 Wyastone Leys, Monmouth, NP25 3SR



More information about the Pkg-puppet-devel mailing list