[Pkg-puppet-devel] Bug#850968: CVE-2016-2788
Christian Hofstaedtler
zeha at debian.org
Sat Jan 21 23:17:09 UTC 2017
* Moritz Muehlenhoff <jmm at debian.org> [170121 23:16]:
> Source: mcollective
>
> Please see https://puppet.com/security/cve/cve-2016-2788
Looks like the fix is in this commit/merge:
https://github.com/puppetlabs/marionette-collective/commit/4918a0f136aea04452b48a1ba29eb9aabcf5c97d
I've checked the 2.6.x branch and it appears to have the vulnerable
code too.
--
christian hofstaedtler <zeha at debian.org>
More information about the Pkg-puppet-devel
mailing list