CVE 2012-3867 Hotfixes

CVSS 3 Base Score:

Posted On:

August 6, 2012

Assessed Risk Level:

None

Version 2.0.x

Debian

• 2.0/debian/lenny/all/pe-puppet-agent_2.7.9-1puppet7_all.deb
• 2.0/debian/lenny/all/pe-puppet-common_2.7.9-1puppet7_all.deb
• 2.0/debian/lenny/all/pe-puppet-master_2.7.9-1puppet7_all.deb
• 2.0/debian/lenny/pe-puppet_2.7.9-1puppet7.dsc
• 2.0/debian/lenny/source/pe-puppet_2.7.9-1puppet7_amd64.build
• 2.0/debian/lenny/source/pe-puppet_2.7.9-1puppet7.diff.gz
• 2.0/debian/lenny/source/pe-puppet_2.7.9-1puppet7_i386.changes
• 2.0/debian/lenny/source/pe-puppet_2.7.9.orig.tar.gz
• 2.0/debian/squeeze/all/pe-puppet-agent_2.7.9-1puppet7_all.deb
• 2.0/debian/squeeze/all/pe-puppet-common_2.7.9-1puppet7_all.deb
• 2.0/debian/squeeze/all/pe-puppet-master_2.7.9-1puppet7_all.deb
• 2.0/debian/squeeze/pe-puppet_2.7.9-1puppet7.dsc
• 2.0/debian/squeeze/source/pe-puppet_2.7.9-1puppet7_amd64.build
• 2.0/debian/squeeze/source/pe-puppet_2.7.9-1puppet7.diff.gz
• 2.0/debian/squeeze/source/pe-puppet_2.7.9-1puppet7_i386.changes
• 2.0/debian/squeeze/source/pe-puppet_2.7.9.orig.tar.gz

Enterprise Linux

• 2.0/el/4/i386/pe-puppet-2.7.9-5.pe.el4.noarch.rpm
• 2.0/el/4/i386/pe-puppet-server-2.7.9-5.pe.el4.noarch.rpm
• 2.0/el/4/SRPMS/pe-puppet-2.7.9-5.pe.el4.src.rpm
• 2.0/el/4/x86_64/pe-puppet-2.7.9-5.pe.el4.noarch.rpm
• 2.0/el/4/x86_64/pe-puppet-server-2.7.9-5.pe.el4.noarch.rpm
• 2.0/el/5/i386/pe-puppet-2.7.9-5.pe.el5.noarch.rpm
• 2.0/el/5/i386/pe-puppet-server-2.7.9-5.pe.el5.noarch.rpm
• 2.0/el/5/SRPMS/pe-puppet-2.7.9-5.pe.el5.src.rpm
• 2.0/el/5/x86_64/pe-puppet-2.7.9-5.pe.el5.noarch.rpm
• 2.0/el/5/x86_64/pe-puppet-server-2.7.9-5.pe.el5.noarch.rpm
• 2.0/el/6/i386/pe-puppet-2.7.9-5.pe.el6.noarch.rpm
• 2.0/el/6/i386/pe-puppet-server-2.7.9-5.pe.el6.noarch.rpm
• 2.0/el/6/SRPMS/pe-puppet-2.7.9-5.pe.el6.src.rpm
• 2.0/el/6/x86_64/pe-puppet-2.7.9-5.pe.el6.noarch.rpm
• 2.0/el/6/x86_64/pe-puppet-server-2.7.9-5.pe.el6.noarch.rpm

SLES

• 2.0/sles/11/i386/pe-puppet-2.7.9-5.pe.noarch.rpm
• 2.0/sles/11/i386/pe-puppet-server-2.7.9-5.pe.noarch.rpm
• 2.0/sles/11/SRPMS/pe-puppet-2.7.9-5.pe.src.rpm
• 2.0/sles/11/x86_64/pe-puppet-2.7.9-5.pe.noarch.rpm
• 2.0/sles/11/x86_64/pe-puppet-server-2.7.9-5.pe.noarch.rpm

Solaris

• 2.0/solaris/patches/001-pe-puppet-modify-default-confdir_279.patch
• 2.0/solaris/patches/002-pe-puppet-modify-version-string_279.patch
• 2.0/solaris/patches/003-pe-puppet-rundir-perms.patch
• 2.0/solaris/patches/004-11414_Save_execute_changes_on_versions_of_Augeas.patch
• 2.0/solaris/patches/005-CVE-2012-1053-and-CVE-2012-1054.patch
• 2.0/solaris/patches/006-CVE-2012-1906-and-1986-1989.patch
• 2.0/solaris/patches/007-June-2012-CVE.patch
• 2.0/solaris/pup-puppet-2.7.9-4.i386.pkg.gz
• 2.0/solaris/pup-puppet-2.7.9-4.sparc.pkg.gz
• 2.0/solaris/source/puppet-2.7.9.tar.gz

Ubuntu

• 2.0/ubuntu/lucid/all/pe-puppet-agent_2.7.9-1puppet7_all.deb
• 2.0/ubuntu/lucid/all/pe-puppet-common_2.7.9-1puppet7_all.deb
• 2.0/ubuntu/lucid/all/pe-puppet-master_2.7.9-1puppet7_all.deb
• 2.0/ubuntu/lucid/pe-puppet_2.7.9-1puppet7.dsc
• 2.0/ubuntu/lucid/source/pe-puppet_2.7.9-1puppet7_amd64.build
• 2.0/ubuntu/lucid/source/pe-puppet_2.7.9-1puppet7.diff.gz
• 2.0/ubuntu/lucid/source/pe-puppet_2.7.9-1puppet7_i386.changes
• 2.0/ubuntu/lucid/source/pe-puppet_2.7.9.orig.tar.gz

Version 1.2.x

Debian

• 1.2/debian/lenny/all/pe-puppet-agent_2.6.9-1puppet8_all.deb
• 1.2/debian/lenny/all/pe-puppet-common_2.6.9-1puppet8_all.deb
• 1.2/debian/lenny/all/pe-puppet-master_2.6.9-1puppet8_all.deb
• 1.2/debian/lenny/pe-puppet_2.6.9-1puppet8.dsc
• 1.2/debian/lenny/source/pe-puppet_2.6.9-1puppet8_amd64.build
• 1.2/debian/lenny/source/pe-puppet_2.6.9-1puppet8.diff.gz
• 1.2/debian/lenny/source/pe-puppet_2.6.9-1puppet8_i386.changes
• 1.2/debian/lenny/source/pe-puppet_2.6.9.orig.tar.gz
• 1.2/debian/squeeze/all/pe-puppet-agent_2.6.9-1puppet8_all.deb
• 1.2/debian/squeeze/all/pe-puppet-common_2.6.9-1puppet8_all.deb
• 1.2/debian/squeeze/all/pe-puppet-master_2.6.9-1puppet8_all.deb
• 1.2/debian/squeeze/pe-puppet_2.6.9-1puppet8.dsc
• 1.2/debian/squeeze/source/pe-puppet_2.6.9-1puppet8_amd64.build
• 1.2/debian/squeeze/source/pe-puppet_2.6.9-1puppet8.diff.gz
• 1.2/debian/squeeze/source/pe-puppet_2.6.9-1puppet8_i386.changes
• 1.2/debian/squeeze/source/pe-puppet_2.6.9.orig.tar.gz

Enterprise Linux

• 1.2/el/4/i386/pe-puppet-2.6.9-9.pe.el4.noarch.rpm
• 1.2/el/4/i386/pe-puppet-server-2.6.9-9.pe.el4.noarch.rpm
• 1.2/el/4/SRPMS/pe-puppet-2.6.9-9.pe.el4.src.rpm
• 1.2/el/4/x86_64/pe-puppet-2.6.9-9.pe.el4.noarch.rpm
• 1.2/el/4/x86_64/pe-puppet-server-2.6.9-9.pe.el4.noarch.rpm
• 1.2/el/5/i386/pe-puppet-2.6.9-9.pe.el5.noarch.rpm
• 1.2/el/5/i386/pe-puppet-server-2.6.9-9.pe.el5.noarch.rpm
• 1.2/el/5/SRPMS/pe-puppet-2.6.9-9.pe.el5.src.rpm
• 1.2/el/5/x86_64/pe-puppet-2.6.9-9.pe.el5.noarch.rpm
• 1.2/el/5/x86_64/pe-puppet-server-2.6.9-9.pe.el5.noarch.rpm
• 1.2/el/6/i386/pe-puppet-2.6.9-9.pe.el6.noarch.rpm
• 1.2/el/6/i386/pe-puppet-server-2.6.9-9.pe.el6.noarch.rpm
• 1.2/el/6/SRPMS/pe-puppet-2.6.9-9.pe.el6.src.rpm
• 1.2/el/6/x86_64/pe-puppet-2.6.9-9.pe.el6.noarch.rpm
• 1.2/el/6/x86_64/pe-puppet-server-2.6.9-9.pe.el6.noarch.rpm

SLES

• 1.2/sles/11/i386/pe-puppet-2.6.9-9.pe.noarch.rpm
• 1.2/sles/11/i386/pe-puppet-server-2.6.9-9.pe.noarch.rpm
• 1.2/sles/11/SRPMS/pe-puppet-2.6.9-9.pe.src.rpm
• 1.2/sles/11/x86_64/pe-puppet-2.6.9-9.pe.noarch.rpm
• 1.2/sles/11/x86_64/pe-puppet-server-2.6.9-9.pe.noarch.rpm

Solaris

• 1.2/solaris/patches/001-pe-puppet-rundir-perms.patch
• 1.2/solaris/patches/002-pe-puppet-modify-default-confdir.patch
• 1.2/solaris/patches/003-pe-puppet-modify-version-string.patch
• 1.2/solaris/patches/004-2.6.x-9791-TOCTOU-in-ssh-auth-keys-type.patch
• 1.2/solaris/patches/005-2.6.x-9792-Predictable-temporary-filename-in-ralsh.patch
• 1.2/solaris/patches/006-2.6.x-9793-secure-indirector-file-backed-terminus-base-cla.patch
• 1.2/solaris/patches/007-2.6.x-9794-k5login-can-overwrite-arbitrary-files-as-root.patch
• 1.2/solaris/patches/008-CVE-2011-3872_PE_1.2_puppet2.6.9.patch
• 1.2/solaris/patches/009-pe-puppet-Resist-directory-traversal.patch
• 1.2/solaris/patches/010-CVE-2012-1053-and-CVE-2012-1054.patch
• 1.2/solaris/patches/011-CVE-2012-1906-and-1986-1989.patch
• 1.2/solaris/patches/012-pe-puppet-june-2012-cve.patch
• 1.2/solaris/pup-puppet-2.6.9-7.i386.pkg.gz
• 1.2/solaris/pup-puppet-2.6.9-7.sparc.pkg.gz
• 1.2/solaris/source/puppet-2.6.9.tar.gz

Ubuntu

• 1.2/ubuntu/lucid/all/pe-puppet-agent_2.6.9-1puppet8_all.deb
• 1.2/ubuntu/lucid/all/pe-puppet-common_2.6.9-1puppet8_all.deb
• 1.2/ubuntu/lucid/all/pe-puppet-master_2.6.9-1puppet8_all.deb
• 1.2/ubuntu/lucid/pe-puppet_2.6.9-1puppet8.dsc
• 1.2/ubuntu/lucid/source/pe-puppet_2.6.9-1puppet8_amd64.build
• 1.2/ubuntu/lucid/source/pe-puppet_2.6.9-1puppet8.diff.gz
• 1.2/ubuntu/lucid/source/pe-puppet_2.6.9-1puppet8_i386.changes
• 1.2/ubuntu/lucid/source/pe-puppet_2.6.9.orig.tar.gz

Versions 1.0 and 1.1

Debian

• 1.1/debian/lenny/all/pe-puppet-agent_2.6.4-1puppet20_all.deb
• 1.1/debian/lenny/all/pe-puppet-common_2.6.4-1puppet20_all.deb
• 1.1/debian/lenny/all/pe-puppet-master_2.6.4-1puppet20_all.deb
• 1.1/debian/lenny/pe-puppet_2.6.4-1puppet20.dsc
• 1.1/debian/lenny/source/pe-puppet_2.6.4-1puppet20_amd64.build
• 1.1/debian/lenny/source/pe-puppet_2.6.4-1puppet20.diff.gz
• 1.1/debian/lenny/source/pe-puppet_2.6.4-1puppet20_i386.changes

Enterprise Linux

• 1.1/el/4/i386/pe-puppet-2.6.4-15.pe.el4.noarch.rpm
• 1.1/el/4/i386/pe-puppet-server-2.6.4-15.pe.el4.noarch.rpm
• 1.1/el/4/SRPMS/pe-puppet-2.6.4-15.pe.el4.src.rpm
• 1.1/el/4/x86_64/pe-puppet-2.6.4-15.pe.el4.noarch.rpm
• 1.1/el/4/x86_64/pe-puppet-server-2.6.4-15.pe.el4.noarch.rpm
• 1.1/el/5/i386/pe-puppet-2.6.4-15.pe.el5.noarch.rpm
• 1.1/el/5/i386/pe-puppet-server-2.6.4-15.pe.el5.noarch.rpm
• 1.1/el/5/SRPMS/pe-puppet-2.6.4-15.pe.el5.src.rpm
• 1.1/el/5/x86_64/pe-puppet-2.6.4-15.pe.el5.noarch.rpm
• 1.1/el/5/x86_64/pe-puppet-server-2.6.4-15.pe.el5.noarch.rpm
• 1.1/el/6/i386/pe-puppet-2.6.4-15.pe.el6.noarch.rpm
• 1.1/el/6/i386/pe-puppet-server-2.6.4-15.pe.el6.noarch.rpm
• 1.1/el/6/SRPMS/pe-puppet-2.6.4-15.pe.el6.src.rpm
• 1.1/el/6/x86_64/pe-puppet-2.6.4-15.pe.el6.noarch.rpm
• 1.1/el/6/x86_64/pe-puppet-server-2.6.4-15.pe.el6.noarch.rpm

SLES

• 1.1/sles/11/i386/pe-puppet-2.6.4-17.pe.noarch.rpm
• 1.1/sles/11/i386/pe-puppet-server-2.6.4-17.pe.noarch.rpm
• 1.1/sles/11/SRPMS/pe-puppet-2.6.4-17.pe.src.rpm
• 1.1/sles/11/x86_64/pe-puppet-2.6.4-17.pe.noarch.rpm
• 1.1/sles/11/x86_64/pe-puppet-server-2.6.4-17.pe.noarch.rpm

Solaris

• 1.1/solaris/patches/001-pe-puppet-modify-default-confdir.patch
• 1.1/solaris/patches/002-pe-puppet-modify-version-string.patch
• 1.1/solaris/patches/003-pe-puppet-rundir-perms.patch
• 1.1/solaris/patches/004-CVE-2011-3872_2.6.4_PE.patch
• 1.1/solaris/patches/005-pe-puppet-Resist-directory-traversal.patch
• 1.1/solaris/patches/006-2.6.x-9791-TOCTOU-in-ssh-auth-keys-type.patch
• 1.1/solaris/patches/007-2.6.x-9792-Predictable-temporary-filename-in-ralsh.patch
• 1.1/solaris/patches/008-2.6.x-9793-secure-indirector-file-backed-terminus-base-cla.patch
• 1.1/solaris/patches/009-2.6.x-9794-k5login-can-overwrite-arbitrary-files-as-root.patch
• 1.1/solaris/patches/010-CVE-2012-1053-and-CVE-2012-1054.patch
• 1.1/solaris/patches/011-CVE-2012-1906-and-1986-1989.patch
• 1.1/solaris/patches/012-June-2012-CVEs.patch
• 1.1/solaris/pup-puppet-2.6.4-8.i386.pkg
• 1.1/solaris/pup-puppet-2.6.4-8.sparc.pkg
• 1.1/solaris/source/puppet-2.6.4.tar.gz

Ubuntu

• 1.1/ubuntu/lucid/all/pe-puppet-agent_2.6.4-1puppet20_all.deb
• 1.1/ubuntu/lucid/all/pe-puppet-common_2.6.4-1puppet20_all.deb
• 1.1/ubuntu/lucid/all/pe-puppet-master_2.6.4-1puppet20_all.deb
• 1.1/ubuntu/lucid/pe-puppet_2.6.4-1puppet20.dsc
• 1.1/ubuntu/lucid/source/pe-puppet_2.6.4-1puppet20_amd64.build
• 1.1/ubuntu/lucid/source/pe-puppet_2.6.4-1puppet20.diff.gz
• 1.1/ubuntu/lucid/source/pe-puppet_2.6.4-1puppet20_i386.changes

Status: