-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2011-09-28 08:26:38 UTC
-
Revision ID:
package-import@ubuntu.com-20110928082638-t8ntk3m72k24o8p5
Tags: 2.6.4-2ubuntu2.2
* SECURITY UPDATE: unauthenticated directory traversal allows writing of
arbitrary files as puppet master
- debian/patches/CVE-2011-3848.patch: update lib/puppet/indirector.rb,
lib/puppet/indirector/ssl_file.rb, lib/puppet/indirector/yaml.rb,
spec/unit/indirector/ssl_file.rb and spec/unit/indirector/yaml.rb to
perform proper input validation.
- CVE-2011-3848
- LP: #861182
* debian/patches/fix-rake-spec-missing-require.patch: allow 'rake spec'
to run again