Bug 791002 (CVE-2012-1054)
Summary: | CVE-2012-1054 Puppet 2.6.13 Klogin File Handling Issue | ||||||
---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Kurt Seifried <kseifried> | ||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||
Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | unspecified | CC: | katello-internal, orion, security-response-team, tkramer, tmz | ||||
Target Milestone: | --- | Keywords: | Security | ||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2012-04-17 21:50:54 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | 790898, 790917, 801972, 801974, 809594 | ||||||
Bug Blocks: | 742180, 767031 | ||||||
Attachments: |
|
Description
Kurt Seifried
2012-02-15 22:09:31 UTC
This is embargoed, no release date has been set yet, I have contacted PuppetLabs and requested more information. Created attachment 562349 [details] Patch for CVE-2012-1053 and CVE-2012-1054 Per conversation with Michael Stahnke at Puppet Labs, the release that was planned for tonight has been pushed to tomorrow. I noticed a minor regression in the 2.6.14 packages we'll be using, so they're going to fix that up before release. External Reference: http://puppetlabs.com/security/cve/cve-2012-1054/ Created puppet tracking bugs for this issue Affects: fedora-all [bug 801972] Created puppet tracking bugs for this issue Affects: epel-all [bug 801974] puppet-2.6.14-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. puppet-2.6.14-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. puppet-2.6.14-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. puppet-2.6.14-1.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. puppet-2.6.14-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report. |