Greetings.
I have updated the puppet-server on lockbox01 with a build patched to fix http://puppetlabs.com/security/cve/cve-2013-3567/ Since this was a security issue, I went ahead and just did it.
Hopefully we will see updated epel rpms soon, but this should hold us for now. Please do report any issues you see with puppet after this update.
Thanks
kevin
On Wed, 19 Jun 2013 11:24:50 -0600 Kevin Fenzi kevin@scrye.com wrote:
Greetings.
I have updated the puppet-server on lockbox01 with a build patched to fix http://puppetlabs.com/security/cve/cve-2013-3567/ Since this was a security issue, I went ahead and just did it.
Hopefully we will see updated epel rpms soon, but this should hold us for now. Please do report any issues you see with puppet after this update.
Thanks
kevin
What could possibly go wrong? ;)
+1 -sv
Hi Kevin,
Kevin Fenzi wrote:
I have updated the puppet-server on lockbox01 with a build patched to fix http://puppetlabs.com/security/cve/cve-2013-3567/ Since this was a security issue, I went ahead and just did it.
Hopefully we will see updated epel rpms soon, but this should hold us for now. Please do report any issues you see with puppet after this update.
As I haven't had any time yet to work on backporting the patches, I'd be curious to know how well the patching went and if you can post the patch somewhere (perhaps even in the bugzilla entry for others that want to apply it before we get packages into EPEL)?
Thanks,
infrastructure@lists.fedoraproject.org