[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Pkg-puppet-devel] Wheezy update of puppet?

Dear Ola,

On 22:53 Sun 21 May     , Ola Lundqvist wrote:
> Dear maintainer(s),
> 
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of puppet:
> https://security-tracker.debian.org/tracker/CVE-2017-2295
> 
> Would you like to take care of this yourself?
> 
> If yes, please follow the workflow we have defined here:
> https://wiki.debian.org/LTS/Development
> 
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
> 
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.

Thanks for bringing the issue to our attention!

I'll address the issue soon for Sid/Stretch and Jessie, and will try to 
fix Wheezy as well. Unfortunately, it looks like the fix for wheezy 
might not be trivial; we need to check if the agent will still be able 
to send facts to the server, as PSON is not the default format in Puppet 
2.7.

Regards,
Apollon
Reply to: