Security update for puppet (important)

2012-03-06T22:08:33
ID SUSE-SU-2012:0325-1
Type suse
Reporter Suse
Modified 2012-03-06T22:08:33

Description

This update of puppet fixes two vulnerabilities that could potentially be exploited by local attackers to escalate privileges due to improper privilege dropping and file handling issues (symlink flaws) in puppet (CVE-2012-1053, CVE-2012-1054).