1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
Candidate: CVE-2015-1029
PublicDate: 2015-01-16
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1029
http://puppetlabs.com/security/cve/cve-2015-1029
http://secunia.com/advisories/62328
Description:
The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before
4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to
gain privileges or obtain sensitive information by prepopulating the fact
cache.
Ubuntu-Description:
Notes:
Bugs:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775535
Priority: medium
Discovered-by: Faidon Liambotis
Assigned-to:
Patches_puppet-module-puppetlabs-stdlib:
upstream_puppet-module-puppetlabs-stdlib: released (4.5.1)
lucid_puppet-module-puppetlabs-stdlib: DNE
precise_puppet-module-puppetlabs-stdlib: DNE
precise/esm_puppet-module-puppetlabs-stdlib: DNE
trusty_puppet-module-puppetlabs-stdlib: needed
utopic_puppet-module-puppetlabs-stdlib: ignored (reached end-of-life)
vivid_puppet-module-puppetlabs-stdlib: ignored (reached end-of-life)
vivid/stable-phone-overlay_puppet-module-puppetlabs-stdlib: DNE
vivid/ubuntu-core_puppet-module-puppetlabs-stdlib: DNE
wily_puppet-module-puppetlabs-stdlib: ignored (reached end-of-life)
xenial_puppet-module-puppetlabs-stdlib: needed
yakkety_puppet-module-puppetlabs-stdlib: ignored (reached end-of-life)
zesty_puppet-module-puppetlabs-stdlib: needed
devel_puppet-module-puppetlabs-stdlib: needed
|