Format: 1.8 Date: Tue, 10 Apr 2012 11:47:14 -0500 Source: puppet Binary: puppet puppetmaster puppet-common vim-puppet puppet-el puppet-testsuite Architecture: all Version: 0.25.4-2ubuntu6.7 Distribution: lucid Urgency: low Maintainer: Ubuntu/i386 Build Daemon Changed-By: Tyler Hicks Description: puppet - centralised configuration management for networks puppet-common - common files for puppet and puppetmaster puppet-el - Emacs syntax highlighting for puppet manifests puppet-testsuite - centralized configuration management control for networks puppetmaster - centralised configuration management control daemon vim-puppet - Vim syntax highlighting for puppet manifests Changes: puppet (0.25.4-2ubuntu6.7) lucid-security; urgency=low . * SECURITY UPDATE: Arbitrary file writes via predictable filename usage in appdmg and pkgdmg providers - lib/puppet/provider/package/{appdmg.rb,pkgdmg.rb}: Use mktmpdir when downloading packages. Based on upstream patch. - CVE-2012-1906 * SECURITY UPDATE: Arbitrary file reads via Filebucket REST requests - lib/puppet/network/http/api/v1.rb: Fix for bucket_path security vulnerability. Based on upstream patch. - CVE-2012-1986 * SECURITY UPDATE: Denial of service via Filebucket text/marshall support - lib/puppet/network/formats.rb: Removed text/marshal support. Based on upstream patch. - CVE-2012-1987 * SECURITY UPDATE: Arbitrary code execution via Filebucket requests - lib/puppet/network/http/api/v1.rb: Fix for bucket_path security vulnerability. Based on upstream patch. - CVE-2012-1988 * spec/unit/property/keyvalue.rb: Fix testsuite failure caused by hash randomization in Ruby. Based on upstream patch. - 765036c707a29077107674ad5c6277df6e637b28 Checksums-Sha1: 5e2b68812fc8238c1d803bc595613edf535a6e48 195488 puppet_0.25.4-2ubuntu6.7_all.deb ab94b52522668f7f2f484480011ed9872ef4609f 179912 puppetmaster_0.25.4-2ubuntu6.7_all.deb 870a793213f9887aec5264598762a368246b2fa4 682178 puppet-common_0.25.4-2ubuntu6.7_all.deb 09ed0759ad67cd0c580962451ff00efcf30a3f5b 169256 vim-puppet_0.25.4-2ubuntu6.7_all.deb 0514061b88e439428a23c68fa338a5d7f68a561d 171696 puppet-el_0.25.4-2ubuntu6.7_all.deb c91c6b7f2a3f83331830af01e083e69d2fb83d97 828532 puppet-testsuite_0.25.4-2ubuntu6.7_all.deb Checksums-Sha256: a7a40f9199155693fee5501a76b4fc3a2efd59d483fa9c301653b6cbed341809 195488 puppet_0.25.4-2ubuntu6.7_all.deb 57258a61b08667e354b591ced92c6ec43eb7e899ab1cc8f3c19feb052e283bc9 179912 puppetmaster_0.25.4-2ubuntu6.7_all.deb 22010cbfd906f4dcdffa60cdca0ddb3d038ecdb4620ee06f28f311502902671e 682178 puppet-common_0.25.4-2ubuntu6.7_all.deb c4ad562e6bf318f2965ff6306064225a3e14343348dccbc0465d0a7008f81311 169256 vim-puppet_0.25.4-2ubuntu6.7_all.deb fb4b558a2b75b1e550f1b95d09dc1992ef016416950d5d5236a41417eb012c28 171696 puppet-el_0.25.4-2ubuntu6.7_all.deb 138fa30cac8bab902949be49d95418c878ba4e730e63b9e701b095e5701407ff 828532 puppet-testsuite_0.25.4-2ubuntu6.7_all.deb Files: 6a607dfda79bbf822c0eaf90b507663e 195488 admin optional puppet_0.25.4-2ubuntu6.7_all.deb 5156e1ff80102da282a36216318f0932 179912 admin optional puppetmaster_0.25.4-2ubuntu6.7_all.deb 689087a9f739c11cd7ef9a409e59689a 682178 admin optional puppet-common_0.25.4-2ubuntu6.7_all.deb e305ed793b3e7c3d03935d8dd9103504 169256 admin optional vim-puppet_0.25.4-2ubuntu6.7_all.deb 62133fb091d33cb76495bfda032adb6f 171696 admin optional puppet-el_0.25.4-2ubuntu6.7_all.deb c58c3a6f7e9bafe90d1b47eb43755d8b 828532 admin optional puppet-testsuite_0.25.4-2ubuntu6.7_all.deb Original-Maintainer: Puppet Package Maintainers