SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for puppet-2.6.17-29.1.i586.rpm :
Sat Mar 30 13:00:00 2013 borisAATTsteki.net
CVEs:
- Fix bnc#809839 VUL-0: puppet: Multiple vulnerabilities in puppet
framework versions not vulnerable 2.6.18 2.7.21 3.1.1

Wed Jul 11 14:00:00 2012 vdziewieckiAATTsuse.com
CVEs:
-Fix bnc#770828 - VUL-0: CVE-2012-3864: puppet: authenticated clients can read arbitrary files via a flaw in puppet master
-Fix bnc#770829 - VUL-0: CVE-2012-3865: puppet: arbitrary file delete / Denial of Service on Puppet Master by authenticated clients
-Fix bnc#770833 - VUL-1: CVE-2012-3867: puppet: insufficient input validation for agent certificate names
-I used the new stable version, 2.6.17, which only receives security fixes.
-Removed runlevel 4.

Wed Jun 20 14:00:00 2012 vdziewieckiAATTsuse.com
-Fixed bnc#747657 VUL-0: puppet: CVE-2012-1053, CVE-2012-1054:
improper privilege dropping, file handling flaws
-This was done by updating to the new version in stable branch.
-The stable branch receives only security fixes and this update
does not provide any new features.

Tue Jun 19 14:00:00 2012 vdziewieckiAATTsuse.com
-Fixed bnc#755869 VUL-0: CVE-2012-1988: puppet: Filebucket arbitrary code execution
-Fixed bnc#755872 CVE-2012-1986 – Arbitrary File Read
-Fixed bnc#755870 CVE-2012-1987 – Denial of Service
-Fixed bnc#755871 CVE-2012-1989 – Arbitrary File Write

Wed Jan 11 13:00:00 2012 vcizekAATTsuse.com
- correct ownership of dirs in /var (bnc#739361)

Tue Nov 8 13:00:00 2011 vcizekAATTsuse.com
- added remediation toolkit for CVE-2011-3872 (bnc#72637)

Tue Nov 1 13:00:00 2011 vcizekAATTsuse.com
- fix for CVE-2011-3872 (bnc#726372)

Mon Oct 31 13:00:00 2011 vcizekAATTsuse.com
- fixes for several security bugs:
CVE-2011-3869, CVE-2011-3870, CVE-2011-3871
(bnc#727024, bnc#727025)

Tue Oct 4 14:00:00 2011 vcizekAATTsuse.com
- Resist directory traversal attacks through indirections
CVE-2011-3848 (bnc#721139)

Fri May 20 14:00:00 2011 vcizekAATTnovell.com
- fix logging setting (bnc#683441)

Fri May 20 14:00:00 2011 vcizekAATTnovell.com
- using correct port for puppet in the firewall rules (bnc#694825)

Fri Jan 28 13:00:00 2011 vcizekAATTnovell.com
- update to 2.6.4

* bugfixes: bnc#667867
Ship auth.conf as part of installing from source

Tue Oct 5 14:00:00 2010 anickaAATTsuse.cz
- update to 2.6.1

* bugfixes, manpage fixes

Thu Aug 19 14:00:00 2010 anickaAATTsuse.cz
- update to 2.6.0

* major release with many new configuration options and new
language features

Mon Aug 16 14:00:00 2010 anickaAATTsuse.cz
- respect sysconfig settings (bnc#620808)

Tue Jul 20 14:00:00 2010 anickaAATTsuse.cz
- create puppet user not only for server package (bnc#623884)

Tue Mar 2 13:00:00 2010 anickaAATTsuse.cz
- update to 0.25.4

* bugfixes
- create user puppet (fixes bnc#576453)

Wed Apr 15 14:00:00 2009 mantelAATTsuse.de
- update to 0.24.8

Mon Apr 6 14:00:00 2009 mantelAATTsuse.de
- add zypper.rb plugin by Leo Eraly


  
ICM