Debian Security Advisory DSA 2352-1 (puppet)

Summary
The remote host is missing an update to puppet announced via advisory DSA 2352-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202352-1
Insight
It was discovered that Puppet, a centralized configuration management solution, misgenerated certificates if the certdnsnames option was used. This could lead to man in the middle attacks. More details are available at http://puppetlabs.com/security/cve/cve-2011-3872/ For the oldstable distribution (lenny), this problem has been fixed in version 0.24.5-3+lenny2. For the stable distribution (squeeze), this problem has been fixed in version 2.6.2-5+squeeze3. For the unstable distribution (sid), this problem has been fixed in version 2.7.6-1. We recommend that you upgrade your puppet packages.