Overview
Request 127662 accepted
-Update to 2.7.18
CVEs fixed:
-bnc#770828 - VUL-0: CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master
-bnc#770829 - VUL-0: CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients
-bnc#770827 - VUL-1: CVE-2012-3866: puppet: last_run_report.yaml left world-readable
-bnc#770833 - VUL-1: CVE-2012-3867: puppet: insufficient input validation for agent certificate names (forwarded request 127661 from vdziewiecki)
- Created by vdziewiecki
- In state accepted
Request History
vdziewiecki created request
-Update to 2.7.18
CVEs fixed:
-bnc#770828 - VUL-0: CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master
-bnc#770829 - VUL-0: CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients
-bnc#770827 - VUL-1: CVE-2012-3866: puppet: last_run_report.yaml left world-readable
-bnc#770833 - VUL-1: CVE-2012-3867: puppet: insufficient input validation for agent certificate names (forwarded request 127661 from vdziewiecki)
factory-auto added a reviewer
Please review sources
a_jaeger approved review
ok
namtrac accepted request
checkin
licensedigger accepted review
{"approve": "preliminary, version number changed"}
factory-auto accepted review
Builds for repo openSUSE_Factory
a_jaeger accepted review
ok