Security update for puppet (important)

ID SUSE-SU-2014:0510-1
Type suse
Reporter Suse
Modified 2014-04-10T19:04:13


The deployment framework puppet received an update for a security issue in January.

The backport of this security issue was however incomplete and broke existing setups. As the scope of the problem is limited to local scenarios where an attacker likely has access already, and backporting is not trivial, this update reverts the fix for now.

We are evaluating the possibility of an update to puppet 2.7 in the future.