Canonical Fixes Puppet Exploits in All Supported Ubuntu OSes

view story

http://news.softpedia.com – On August 15, Canonical published details about Puppet vulnerabilities for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems. According to Canonical, several security issues have been fixed in Puppet. It has been discovered that Puppet incorrectly handled the resource_type service. A local attacker on the master could use this issue to execute arbitrary Ruby files. Also, Puppet incorrectly handled permissions on the modules it install... (read more) (IT news)