MGASA-2014-0084

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0084.html

Import Source

https://advisories.mageia.org/MGASA-2014-0084.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2014-0084

Related

CVE-2013-4969

Published

2014-02-19T21:15:34Z

Modified

2014-02-19T21:14:42Z

Summary

Updated puppet & puppet3 packages fix CVE-2013-4969 and a regression

Details

Updated puppet and puppet3 packages fix security vulnerability:

An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system (CVE-2013-4969).

This update also corrects an upstream regression, see references for details.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:3 / puppet

Package

Name: puppet
Purl: pkg:rpm/mageia/puppet?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.23-1.2.mga3

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / puppet3

Package

Name: puppet3
Purl: pkg:rpm/mageia/puppet3?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.2.4-1.2.mga3

Ecosystem specific

{
    "section": "core"
}