——————————————————————————–
Fedora Update Notification
FEDORA-2014-0850
2014-01-15 04:31:36
——————————————————————————–
Name : puppet
Product : Fedora 19
Version : 3.4.2
Release : 1.fc19
URL : http://puppetlabs.com
Summary : A network tool for managing many disparate systems
Description :
Puppet lets you centrally manage every important aspect of your system using a
cross-platform specification language that manages all the separate elements
normally aggregated in different files, like users, cron jobs, and hosts,
along with obviously discrete elements like packages, services, and files.
——————————————————————————–
Update Information:
Update to 3.4.2 to mitigate CVE-2013-4969
——————————————————————————–
ChangeLog:
* Tue Jan 14 2014 Sam Kottler <skottler@fedoraproject.org> – 3.4.2-1
– Update to 3.4.2 to mitigate CVE-2013-4969 (BZ#1047792)
* Fri Oct 25 2013 Sam Kottler <skottler@fedoraproject.org> – 3.3.1-1
– Update to 3.3.1 (BZ# 1023527)
* Fri Sep 13 2013 Sam Kottler <skottler@fedoraproject.org> – 3.3.0-1
– Update to 3.3.0 and remove the rundir-perms patch since it’s no longer needed
* Fri Aug 30 2013 Sam Kottler <skottler@fedoraproject.org> – 3.2.4-1
– Update to 3.2.4 to fix CVE-2013-4761 and CVE-2013-4956
* Thu Aug 29 2013 Sam Kottler <skottler@fedoraproject.org> – 3.2.2-1
– Update to 3.2.2
* Wed Aug 7 2013 Sam Kottler <skottler@fedoraproject.org> – 3.1.1-6
– Add tar as an installation requirement
* Tue Jul 30 2013 Orion Poplawski <orion@cora.nwra.com> – 3.1.1-5
– Use systemd semantics and name in NM dispatcher script
* Fri Jul 26 2013 Sam Kottler <skottler@fedoraproject.org> – 3.1.1-5
– Add hard dependency on ruby
——————————————————————————–
References:
[ 1 ] Bug #1047792 – CVE-2013-4969 Puppet: Unsafe use of Temp files in File type [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1047792
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update puppet’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
——————————————————————————–
Fedora Update Notification
FEDORA-2014-0825
2014-01-15 04:30:39
——————————————————————————–
Name : puppet
Product : Fedora 20
Version : 3.4.2
Release : 1.fc20
URL : http://puppetlabs.com
Summary : A network tool for managing many disparate systems
Description :
Puppet lets you centrally manage every important aspect of your system using a
cross-platform specification language that manages all the separate elements
normally aggregated in different files, like users, cron jobs, and hosts,
along with obviously discrete elements like packages, services, and files.
——————————————————————————–
Update Information:
Update to 3.4.2 to mitigate CVE-2013-4969
——————————————————————————–
ChangeLog:
* Tue Jan 14 2014 Sam Kottler <skottler@fedoraproject.org> – 3.4.2-1
– Update to 3.4.2 to mitigate CVE-2013-4969 (BZ#1047792)
* Mon Nov 18 2013 Sam Kottler <skottler@fedoraproject.org> – 3.3.2-1
– Update to 3.3.2 (BZ#1031810)
* Sat Nov 16 2013 Sam Kottler <skottler@fedoraproject.org> – 3.3.1-3
– Add patch to convert nil resource parameter values to undef (BZ#1028930)
* Fri Nov 1 2013 Lukas Zapletal <lzap+rpm[@]redhat.com> – 3.3.1-2
– Added SELinux wrappers for daemon processes
* Mon Oct 7 2013 Orion Poplawski <orion@cora.nwra.com> – 3.3.1-1
– Update to 3.3.1
* Fri Sep 13 2013 Sam Kottler <skottler@fedoraproject.org> – 3.3.0-1
– Update to 3.3.0 and remove the rundir-perms patch since it’s no longer needed
——————————————————————————–
References:
[ 1 ] Bug #1047792 – CVE-2013-4969 Puppet: Unsafe use of Temp files in File type [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1047792
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update puppet’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce