USN-1506-1: Puppet vulnerabilities

12 July 2012

Several security issues were fixed in Puppet.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • puppet - Centralized configuration management

Details

It was discovered that Puppet incorrectly handled certain HTTP GET
requests. An attacker could use this flaw with a valid client certificate
to retrieve arbitrary files from the Puppet primary server.
(CVE-2012-3864)

It was discovered that Puppet incorrectly handled Delete requests. If a
Puppet primary server were reconfigured to allow the "Delete" method, an
attacker on an authenticated host could use this flaw to delete arbitrary
files from the Puppet server, leading to a denial of service.
(CVE-2012-3865)

It was discovered that Puppet incorrectly set file permissions on the
last_run_report.yaml file. An attacker could use this flaw to access
sensitive information. This issue only affected Ubuntu 11.10 and Ubuntu
12.04 LTS. (CVE-2012-3866)

It was discovered that Puppet incorrectly handled agent certificate names.
An attacker could use this flaw to create a specially crafted certificate
and trick an administrator into signing a certificate that can then be used
to machine-in-the-middle agent nodes. (CVE-2012-3867)

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04

In general, a standard system update will make all the necessary changes.