[CentOS] puppet, repos, security
ignasr at vault13.lt
ignasr at vault13.ltThu Oct 31 07:30:31 UTC 2013
- Previous message: [CentOS] yum fails in FIPS mode
- Next message: [CentOS] puppet, repos, security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello list, I am using puppet 2.7.20 from rpmforge, with a build date of Wed 20 Mar 2013. EPEL has an even older version. Then I see this: http://puppetlabs.com/security/cve/cve-2013-3567 that was posted on the month of July 2013. Do I understand correctly, that my puppet-master is vulnerable to remote code execution by every node that has access to master's port tcp/8140? If so, then the only option to use puppet while being safe is to use puppetlabs repo, or build puppet myself? Thank you Ignas
- Previous message: [CentOS] yum fails in FIPS mode
- Next message: [CentOS] puppet, repos, security
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list