Source: puppet Version: 3.7.2-1 Severity: grave Tags: upstream security patch
Hi, the following vulnerability was published for puppet. CVE-2017-2295[0]: Unsafe YAML deseralization If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-2295 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2295 [1] https://puppet.com/security/cve/cve-2017-2295 [2] https://github.com/puppetlabs/puppet/commit/06d8c51367ca932b9da5d9b01958cfc0adf0f2ea Regards, Salvatore