[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[BSA-065] Security Update for puppet



Micah Anderson uploaded new packages for puppet which fixed the
following security problems: CVE-2012-1053 and CVE-2012-1054

    CVE-2012-1053

    Puppet runs execs with an unintended group privileges, potentially leading to privilege escalation.

    CVE-2012-1054

    The k5login type writes to untrusted locations, enabling local users to escalate their privileges if the k5login type is used.

For the squeeze-backports distribution the problems have been fixed in
version 2.7.11-1~bpo60+1.



-- 

Attachment: pgpONfjlufcVJ.pgp
Description: PGP signature


Reply to: