Advisories ยป MGASA-2018-0199

Updated puppet packages fix security vulnerability

Publication date: 13 Apr 2018
Modification date: 13 Apr 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-10689

Description

It was discovered that Puppet incorrectly handled permissions when
unpacking certain tarballs. A local user could possibly use this issue
to execute arbitrary code (CVE-2017-10689).
                

References

SRPMS

5/core

6/core