Ubuntu Update for Linux kernel vulnerabilities USN-1238-2
Please Install the Updated Packages.
USN-1238-1 fixed vulnerabilities in Puppet. The upstream patch introduced a regression in Ubuntu 11.04 when executing certain commands. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Puppet incorrectly handled the non-default " certdnsnames" option when generating certificates. If this setting was added to puppet.conf, the puppet master’ s DNS alt names were added to the X.509 Subject Alternative Name field of all certificates, not just the puppet master’ s certificate. An attacker that has an incorrect agent certificate in his possession can use it to impersonate the puppet master in a man-in-the-middle attack.
puppet on Ubuntu 11.04
Updated on 2015-03-25