CVE-2009-3564

Puppet CVE-2009-3564 affects Puppet (puppetmasterd) where supplementary groups are not dropped when switching users, enabling local access to restricted files. Affected: Puppet up to version 0.24.6 (noted in the Ubuntu USN-917-1 advisory); remediation: upgrade to the patched release (e.g., Puppet...