V2EX = way to explore
V2EX 是一个关于分享和探索的地方
Sign Up Now
For Existing Member Sign In
Puppet 安装
› Puppet 官方开源版本安装说明
Puppet Reading List
› http://terokarvinen.com/2012/puppet-reading-list
PuppetMaster on Ubuntu 12.04
› http://terokarvinen.com/2012/puppetmaster-on-ubuntu-12-04
Puppet Enterprise 2.7 Quick Start
› http://docs.puppetlabs.com/pe/2.7/quick_start.html
Puppet Forge
› http://forge.puppetlabs.com/
Puppet APT Repositories
› APT Enterprise
› APT
Puppet Techniques
› http://docs.puppetlabs.com/guides/techniques.html
Puppet Dashboard
http://docs.puppetlabs.com/dashboard/manual/1.2/
http://docs.puppetlabs.com/dashboard/manual/1.2/maintaining.html
PuppetDB
› http://docs.puppetlabs.com/puppetdb/latest/index.html
This topic created in 4632 days ago, the information mentioned may be changed or developed.
_______________________________________________________________________
Package : puppet
Date : August 27, 2013
_______________________________________________________________________
Problem Description:
Updated puppet and puppet3 package fix security vulnerabilities:
It was discovered that Puppet incorrectly handled the resource_type
service. A local attacker on the master could use this issue to
execute arbitrary Ruby files (CVE-2013-4761).
It was discovered that Puppet incorrectly handled permissions on the
modules it installed. Modules could be installed with the permissions
that existed when they were built, possibly exposing them to a local
attacker (CVE-2013-4956).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
http://advisories.mageia.org/MGASA-2013-0259.html
_______________________________________________________________________
Package : puppet
Date : August 27, 2013
_______________________________________________________________________
Problem Description:
Updated puppet and puppet3 package fix security vulnerabilities:
It was discovered that Puppet incorrectly handled the resource_type
service. A local attacker on the master could use this issue to
execute arbitrary Ruby files (CVE-2013-4761).
It was discovered that Puppet incorrectly handled permissions on the
modules it installed. Modules could be installed with the permissions
that existed when they were built, possibly exposing them to a local
attacker (CVE-2013-4956).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
http://advisories.mageia.org/MGASA-2013-0259.html
_______________________________________________________________________
No Comments Yet
Select Language