Security update for puppet SUSE Patch security@suse.de SUSE Security Team SUSE-RU-2015:0696-1 Final 1 1 2014-06-30T15:48:55Z current 2014-06-30T15:48:55Z 2014-06-30T15:48:55Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for puppet Puppet was updated to fix the following security issues: * Unsafe use of temporary files. (CVE-2013-4969) * Arbitrary code execution with required social engineering. (CVE-2014-3248, CVE-2014-3250) Security Issues references: * CVE-2014-3248 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3248> * CVE-2013-4969 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4969> * CVE-2014-3250 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3250> The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sledsp3-puppet,slessp3-puppet Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ Link for SUSE-RU-2015:0696-1 https://lists.suse.com/pipermail/sle-updates/2015-April/002875.html E-Mail link for SUSE-RU-2015:0696-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/825878 SUSE Bug 825878 https://bugzilla.suse.com/835122 SUSE Bug 835122 https://bugzilla.suse.com/835848 SUSE Bug 835848 https://bugzilla.suse.com/835891 SUSE Bug 835891 https://bugzilla.suse.com/853982 SUSE Bug 853982 https://bugzilla.suse.com/856843 SUSE Bug 856843 https://bugzilla.suse.com/864082 SUSE Bug 864082 https://bugzilla.suse.com/879913 SUSE Bug 879913 https://bugzilla.suse.com/913078 SUSE Bug 913078 https://www.suse.com/security/cve/CVE-2013-3567/ SUSE CVE CVE-2013-3567 page https://www.suse.com/security/cve/CVE-2013-4761/ SUSE CVE CVE-2013-4761 page https://www.suse.com/security/cve/CVE-2013-4969/ SUSE CVE CVE-2013-4969 page https://www.suse.com/security/cve/CVE-2014-3248/ SUSE CVE CVE-2014-3248 page https://www.suse.com/security/cve/CVE-2014-3250/ SUSE CVE CVE-2014-3250 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3 puppet-2.6.18-0.16.1 puppet-server-2.6.18-0.16.1 puppet-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Desktop 11 SP3 puppet-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 puppet-server-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server 11 SP3 puppet-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA puppet-server-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA puppet-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 puppet-server-2.6.18-0.16.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. CVE-2013-3567 SUSE Linux Enterprise Desktop 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-server-2.6.18-0.16.1 moderate 9 AV:N/AC:L/Au:S/C:C/I:C/A:C 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ https://www.suse.com/security/cve/CVE-2013-3567.html CVE-2013-3567 https://bugzilla.suse.com/1040151 SUSE Bug 1040151 https://bugzilla.suse.com/825878 SUSE Bug 825878 https://bugzilla.suse.com/880224 SUSE Bug 880224 Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service. NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master. CVE-2013-4761 SUSE Linux Enterprise Desktop 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-server-2.6.18-0.16.1 moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ https://www.suse.com/security/cve/CVE-2013-4761.html CVE-2013-4761 https://bugzilla.suse.com/835122 SUSE Bug 835122 https://bugzilla.suse.com/836962 SUSE Bug 836962 https://bugzilla.suse.com/880224 SUSE Bug 880224 Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files. CVE-2013-4969 SUSE Linux Enterprise Desktop 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-server-2.6.18-0.16.1 moderate 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ https://www.suse.com/security/cve/CVE-2013-4969.html CVE-2013-4969 https://bugzilla.suse.com/856843 SUSE Bug 856843 Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine. CVE-2014-3248 SUSE Linux Enterprise Desktop 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-server-2.6.18-0.16.1 moderate 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ https://www.suse.com/security/cve/CVE-2014-3248.html CVE-2014-3248 https://bugzilla.suse.com/879913 SUSE Bug 879913 The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. CVE-2014-3250 SUSE Linux Enterprise Desktop 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3-TERADATA:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server 11 SP3:puppet-server-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-2.6.18-0.16.1 SUSE Linux Enterprise Server for SAP Applications 11 SP3:puppet-server-2.6.18-0.16.1 moderate 4 AV:N/AC:L/Au:S/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150696-1/ https://www.suse.com/security/cve/CVE-2014-3250.html CVE-2014-3250 https://bugzilla.suse.com/879913 SUSE Bug 879913