puppet 2.6.4-2ubuntu2.3 source package in Ubuntu

Changelog

puppet (2.6.4-2ubuntu2.3) natty-security; urgency=low

  * SECURITY UPDATE: k5login can overwrite arbitrary files as root
    - debian/patches/CVE-2011-3869.patch: adjust type/k5login.rb to securely
      open the file before writing to it as root
    - CVE-2011-3869
  * SECURITY UPDATE: didn't drop privileges before creating and changing
    permissions on SSH keys
    - debian/patches/CVE-2011-3870.patch: adjust ssh_authorized_key/parsed.rb
      to drop privileges before creating the ssh directory and setting
      permissions
    - CVE-2011-3870
  * SECURITY UPDATE: fix predictable temporary filename in ralsh
    - debian/patches/CVE-2011-3871.patch: adjust application/resource.rb to
      use an unpredictable filename
    - CVE-2011-3871
  * SECURITY UPDATE: file indirector injection, similar to CVE-2011-3848
    - secure-indirector-file-backed-terminus-base-cla.patch: Since the
      indirector file backed terminus base class is only used by the test
      suite, remove it and update test cases to use a continuing class.
 -- Jamie Strandboge <email address hidden>   Fri, 30 Sep 2011 08:50:31 -0500

Upload details

Uploaded by:
Jamie Strandboge on 2011-09-30
Uploaded to:
Natty
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
all
Section:
admin
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Natty: [FULLYBUILT] i386

Downloads

File Size MD5 Checksum
puppet_2.6.4.orig.tar.gz 1.5 MiB a673965b860a62084a8995f776a1c3ba
puppet_2.6.4-2ubuntu2.3.debian.tar.gz 40.3 KiB 989af13d7390e0e943f7d3817d1b6c69
puppet_2.6.4-2ubuntu2.3.dsc 2.2 KiB f34d0c6cc184e0bb6c1171ca6432be8e

View changes file

Binary packages built by this source

puppet: No summary available for puppet in ubuntu natty.

No description available for puppet in ubuntu natty.

puppet-common: No summary available for puppet-common in ubuntu natty.

No description available for puppet-common in ubuntu natty.

puppet-el: No summary available for puppet-el in ubuntu natty.

No description available for puppet-el in ubuntu natty.

puppet-testsuite: No summary available for puppet-testsuite in ubuntu natty.

No description available for puppet-testsuite in ubuntu natty.

puppetmaster: No summary available for puppetmaster in ubuntu natty.

No description available for puppetmaster in ubuntu natty.

puppetmaster-common: No summary available for puppetmaster-common in ubuntu natty.

No description available for puppetmaster-common in ubuntu natty.

puppetmaster-passenger: No summary available for puppetmaster-passenger in ubuntu natty.

No description available for puppetmaster-passenger in ubuntu natty.

vim-puppet: No summary available for vim-puppet in ubuntu natty.

No description available for vim-puppet in ubuntu natty.