Ubuntu Update for Linux kernel vulnerabilities USN-1238-1
Please Install the Updated Packages.
It was discovered that Puppet incorrectly handled the non-default " certdnsnames" option when generating certificates. If this setting was added to puppet.conf, the puppet master’ s DNS alt names were added to the X.509 Subject Alternative Name field of all certificates, not just the puppet master’ s certificate. An attacker that has an incorrect agent certificate in his possession can use it to impersonate the puppet master in a man-in-the-middle attack.
puppet on Ubuntu 11.04 , Ubuntu 10.10 , Ubuntu 10.04 LTS
Updated on 2015-03-25