[Bug 1023931]
sorry for delay.
2.7.18 in cvs. please mark stable 2.7.18.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
(In reply to comment #3)
> sorry for delay.
> 2.7.18 in cvs. please mark stable 2.7.18.
Thanks.
Arches, please test and mark stable:
=app-admin/puppet-2.7.18
Target Keywords: "amd64 hppa ppc sparc x86"
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
x86 stable
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
Stable for HPPA.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
amd64 stable
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
CVE-2012-3867 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3867):
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x
before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly
restrict the characters in the Common Name field of a Certificate Signing
Request (CSR), which makes it easier for user-assisted remote attackers to
trick administrators into signing a crafted agent certificate via ANSI
control sequences.
CVE-2012-3866 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3866):
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise
before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows
local users to obtain sensitive configuration information by leveraging
access to the puppet master server to read this file.
CVE-2012-3865 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3865):
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet
before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2,
when Delete is enabled in auth.conf, allows remote authenticated users to
delete arbitrary files on the puppet master server via a .. (dot dot) in a
node name.
CVE-2012-3864 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3864):
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before
2.5.2, allows remote authenticated users to read arbitrary files on the
puppet master server by leveraging an arbitrary user's certificate and
private key in a GET request.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
are you sure its stable?
vv@crusader /var/db/pkg $ emerge -pvt puppet
These are the packages that would be merged, in reverse order:
Calculating dependencies |
!!! Problem resolving dependencies for app-admin/puppet
... done!
!!! The ebuild selected to satisfy "puppet" has unmet requirements.
- app-admin/puppet-2.7.18::gentoo USE="-augeas -diff -doc -emacs -ldap -minimal
-rrdtool (-selinux) -shadow -sqlite3 -test -vim-syntax -xemacs"
RUBY_TARGETS="-ruby18"
The following REQUIRED_USE flag constraints are unsatisfied:
ruby_targets_ruby18
The above constraints are a subset of the following complete expression:
any-of ( ruby_targets_ruby18 )
vv@crusader /var/db/pkg $
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
(In reply to comment #9)
> are you sure its stable?
>
>
> vv@crusader /var/db/pkg $ emerge -pvt puppet
>
> These are the packages that would be merged, in reverse order:
>
> Calculating dependencies |
>
> !!! Problem resolving dependencies for app-admin/puppet
> ... done!
>
> !!! The ebuild selected to satisfy "puppet" has unmet requirements.
> - app-admin/puppet-2.7.18::gentoo USE="-augeas -diff -doc -emacs -ldap
> -minimal -rrdtool (-selinux) -shadow -sqlite3 -test -vim-syntax -xemacs"
> RUBY_TARGETS="-ruby18"
>
> The following REQUIRED_USE flag constraints are unsatisfied:
> ruby_targets_ruby18
>
> The above constraints are a subset of the following complete expression:
> any-of ( ruby_targets_ruby18 )
>
> vv@crusader /var/db/pkg $
same with all puppet ebuilds.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
stable does not mean what you say and viceversa.
THe error is clear:
> The following REQUIRED_USE flag constraints are unsatisfied:
> ruby_targets_ruby18
So you need to enable ruby18
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
(In reply to comment #11)
> stable does not mean what you say and viceversa.
>
> THe error is clear:
> > The following REQUIRED_USE flag constraints are unsatisfied:
> > ruby_targets_ruby18
>
> So you need to enable ruby18
I had to read emerge messages carefully. Sorry for bothering all crowd
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
ppc stable.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
sparc stable
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
Thanks, folks. GLSA Vote: no.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931]
GLSA vote: no.
Closing noglsa.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] [NEW] (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
*** This bug is a security vulnerability ***
Public security bug reported:
http://projects.puppetlabs.com/projects/puppet/wiki/Release_Notes#2.7.18
This is a security release in the 2.7.x branch.
CVE-2012-3864 Arbitrary file read on the puppet master from
authenticated clients (high)
It is possible to construct an HTTP get request from an authenticated
client with a valid certificate that will return the contents of an arbitrary
file on the Puppet master that the master has read-access to.
CVE-2012-3865 Arbitrary file delete/D.O.S on Puppet Master from
authenticated clients (high)
Given a Puppet master with the "Delete" directive allowed in auth.conf
for an authenticated host, an attacker on that host can send a specially
crafted Delete request that can cause an arbitrary file deletion on the
Puppet master, potentially causing a denial of service attack. Note that
this vulnerability does *not* exist in Puppet as configured by default.
CVE-2012-3866 last_run_report.yaml is world readable (medium)
The most recent Puppet run report is stored on the Puppet master
with world-readable permissions. The report file contains the context
diffs of any changes to configuration on an agent, which may contain
sensitive information that an attacker can then access. The last run
report is overwritten with every Puppet run.
Arbitrary file read on the Puppet master by an agent (medium)
This vulnerability is dependent upon CVE-2012-3866 "last_run_report.yml
is world readable" above. By creating a hard link of a Puppet-managed
file to an arbitrary file that the Puppet master can read, an attacker forces
the contents to be written to the puppet run summary. The context diff is
stored in last_run_report.yaml, which can then be accessed by the
attacker.
CVE-2012-3867 Insufficient input validation for agent hostnames (low)
An attacker could trick the administrator into signing an attacker's
certificate rather than the intended one by constructing specially
crafted certificate requests containing specific ANSI control sequences.
It is possible to use the sequences to rewrite the order of text displayed
to an administrator such that display of an invalid certificate and valid
certificate are transposed. If the administrator signs the attacker's
certificate, the attacker can then man-in-the-middle the agent.
CVE-2012-3408 Agents with certnames of IP addresses can be impersonated
(low)
If an authenticated host with a certname of an IP address changes IP
addresses, and a second host assumes the first host's former IP
address, the second host will be treated by the puppet master as the
first one, giving the second host access to the first host's catalog.
Note: This will not be fixed in Puppet versions prior to the forthcoming
3.x. Instead, with this Puppet 2.7.18, IP-based authentication in
Puppet < 3.x is deprecated, and a warning will be issued when used.
Hotfixes
http://puppetlabs.com/security/cve/cve-2012-3408/hotfixes/
** Affects: puppet (Ubuntu)
Importance: Undecided
Status: New
** Affects: gentoo
Importance: Unknown
Status: Unknown
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3408
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3864
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3865
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3866
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-3867
** Bug watch added: Gentoo Bugzilla #425112
https://bugs.gentoo.org/show_bug.cgi?id=425112
** Also affects: gentoo via
https://bugs.gentoo.org/show_bug.cgi?id=425112
Importance: Unknown
Status: Unknown
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
http://puppetlabs.com/security/cve/cve-2012-3864/hotfixes/
http://puppetlabs.com/security/cve/cve-2012-3865/hotfixes/
http://puppetlabs.com/security/cve/cve-2012-3866/hotfixes/
http://puppetlabs.com/security/cve/cve-2012-3867/hotfixes/
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
cated host with a certname of an IP address changes IP
addresses, and a second host assumes the first host's former IP
address, the second host will be treated by the puppet master as the
first one, giving the second host access to the first host's catalog.
Note: This will not be fixed in Puppet versions prior to the forthcoming
3.x. Instead, with this announcement IP-based authentication in
Puppet < 3.x is deprecated.
# Commits in Fixes #
These commits will be in the 2.7.x and 2.6.x branches, respectively.
2.7.x
=
qfd44bf5 Tighten permissions on classfile, resourcefile, lastrunfile, and
lastrunreport.
4d7c9fd Use "inspect" when listing certificates
bd2820e Don't allow the creation of SSL objects with invalid certnames
f341962 Validate CSR CN and provided certname before signing
38c5a4e Add specs for selector terminuses of file_{content,metadata}
9e920a8 Fix whitespace inside parentheses
2d01c2b Use head method to determine if file is in file bucket
40ee670 Always use the local file_bucket on master
d881b4b Fail more gracefully when finding module files if no file is
specified
20ab0e9 Reject file requests containing ..
10f6cb8 Add Selector terminus for file_content/file_metadata
ab9150b Deprecate IP-based authentication
d804782 Reject directory traversal in store report processor
2.6.x
=
554eefc Reject directory traversal in store report processor
9607bd7 Use "inspect" when listing certificates
0144e68 Don't allow the creation of SSL objects with invalid certnames
dfedaa5 Validate CSR CN and provided certname before signing
8eb0cd8 Add specs for selector terminuses of file_{content,metadata}
828c16a Fix whitespace inside parentheses
e7ef153 Always use the local file_bucket on master
29ae87d Fail more gracefully when finding module files if no file is
specified
c872619 Reject file requests containing ..
c3c7462 Add Selector terminus for file_content/file_metadata
If you have any questions or need additional clarification on
anything, please respond to distro-maintain...@puppetlabs.com.
Thank you,
Moses Mendoza
Release Engineer, Puppet Labs
Reply at:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/comments/0
On 2012-07-11T21:52:19+00:00 Ackle wrote:
Thanks for the report, Matthew.
Reply at:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/comments/1
On 2012-07-11T21:54:18+00:00 Ackle wrote:
*** Bug 425846 has been marked as a duplicate of this bug. ***
Reply at:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/comments/2
** Changed in: gentoo
Importance: Unknown => Low
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
http://www.ubuntu.com/usn/usn-1506-1/
** Also affects: puppet (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Natty)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Quantal)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: puppet (Ubuntu Precise)
Importance: Undecided
Status: New
** Changed in: puppet (Ubuntu Natty)
Status: New => Fix Released
** Changed in: puppet (Ubuntu Quantal)
Status: New => Confirmed
** Changed in: puppet (Ubuntu Quantal)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: puppet (Ubuntu Precise)
Status: New => Fix Released
** Changed in: puppet (Ubuntu Oneiric)
Status: New => Fix Released
** Changed in: puppet (Ubuntu Lucid)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
This is fixed in quantal now too.
** Changed in: puppet (Ubuntu Quantal)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
** Branch linked: lp:ubuntu/puppet
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1023931] Re: (CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and earlier releases (CVE-(2012-{3408, 3864, 3865, 3866, 3867})
** Changed in: gentoo
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in Ubuntu.
https://bugs.launchpad.net/bugs/1023931
Title:
(CVE-2012-3864) puppet: multiple vulnerabilities for 2.7.17 and
earlier releases (CVE-(2012-{3408,3864,3865,3866,3867})
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/1023931/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
