Overview
Request 127980 accepted
-Fixed bnc#747657 VUL-0: puppet: CVE-2012-1053, CVE-2012-1054:
improper privilege dropping, file handling flaws
-This was done by updating to the new version in stable branch.
-The stable branch receives only security fixes and this update
does not provide any new features.
-Fixed bnc#755869 VUL-0: CVE-2012-1988: puppet: Filebucket arbitrary code execution
-Fixed bnc#755872 CVE-2012-1986 – Arbitrary File Read
-Fixed bnc#755870 CVE-2012-1987 – Denial of Service
-Fixed bnc#755871 CVE-2012-1989 – Arbitrary File Write
- correct ownership of dirs in /var (bnc#739361)
(bnc#727024, bnc#727025)
CVE-2011-3848 (bnc#721139)
- fix logging setting (bnc#683441)
- using correct port for puppet in the firewall rules (bnc#694825)
- update to 2.6.4
* bugfixes: bnc#667867
Ship auth.conf as part of installing from source
- update to 2.6.1
* bugfixes, manpage fixes
Request History
lijews created request
-Fixed bnc#747657 VUL-0: puppet: CVE-2012-1053, CVE-2012-1054:
improper privilege dropping, file handling flaws
-This was done by updating to the new version in stable branch.
-The stable branch receives only security fixes and this update
does not provide any new features.
-Fixed bnc#755869 VUL-0: CVE-2012-1988: puppet: Filebucket arbitrary code execution
-Fixed bnc#755872 CVE-2012-1986 – Arbitrary File Read
-Fixed bnc#755870 CVE-2012-1987 – Denial of Service
-Fixed bnc#755871 CVE-2012-1989 – Arbitrary File Write
- correct ownership of dirs in /var (bnc#739361)
(bnc#727024, bnc#727025)
CVE-2011-3848 (bnc#721139)
- fix logging setting (bnc#683441)
- using correct port for puppet in the firewall rules (bnc#694825)
- update to 2.6.4
* bugfixes: bnc#667867
Ship auth.conf as part of installing from source
- update to 2.6.1
* bugfixes, manpage fixes
lijews accepted request
