Author: fgeek-guest
Date: 2012-07-16 10:28:01 +0000 (Mon, 16 Jul 2012)
New Revision: 19743
Modified:
data/CVE/list
Log:
Stig Sandbeck Mathisen said CVE-2012-3408, CVE-2012-3864, CVE-2012-3865,
CVE-2012-3866 and CVE-2012-3867 are fixed in puppet 2.7.18-1 unstable and
2.6.2-5+squeeze6. DSA does not contain information of CVE-2012-3408 nor does the
changelog.
Modified: data/CVE/list
==================================================================---
data/CVE/list 2012-07-15 18:45:08 UTC (rev 19742)
+++ data/CVE/list 2012-07-16 10:28:01 UTC (rev 19743)
@@ -323,19 +323,19 @@
CVE-2012-3867
RESERVED
{DSA-2511-1}
- - puppet <unfixed>
+ - puppet 2.7.18-1
CVE-2012-3866
RESERVED
{DSA-2511-1}
- - puppet <unfixed>
+ - puppet 2.7.18-1
CVE-2012-3865
RESERVED
{DSA-2511-1}
- - puppet <unfixed>
+ - puppet 2.7.18-1
CVE-2012-3864
RESERVED
{DSA-2511-1}
- - puppet <unfixed>
+ - puppet 2.7.18-1
CVE-2012-3862
RESERVED
CVE-2012-3861
@@ -1267,7 +1267,8 @@
RESERVED
CVE-2012-3408 [Puppet allows agents with certnames of IP addresses to be
impersonated]
RESERVED
- TODO: is puppet affected?
+ {DSA-2511-1}
+ - puppet 2.7.18-1 (medium)
NOTE: http://puppetlabs.com/security/cve/cve-2012-3408/
CVE-2012-3407
RESERVED