Security update for rubygem-puppet
This update for rubygem-puppet fixes the following issues:
- CVE-2017-10689: Reset permissions when unpacking tar in PMT. When
using minitar, files are unpacked with whatever permissions are in the
tarball. This is potentially unsafe, as tarballs can be easily created
with weird permissions (boo#1080288)
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#1080288
VUL-1: CVE-2017-10689: puppet: Unpacking tarballs in tar/mini.rb can create files with insecure permissions
