SuSE 11.2 Security Update : puppet (SAT Patch Number 7526)

High Nessus Plugin ID 65796


The remote SuSE 11 host is missing one or more security updates.


puppet has been updated to fix 2.6.18 multiple vulnerabilities and bugs.

- (#19391) Find the catalog for the specified node name

- Don't assume master supports SSLv2

- Don't require openssl client to return 0 on failure

- Display SSL messages so we can match our regex

- Don't assume puppetbindir is defined

- Remove unnecessary rubygems require

- Run openssl from windows when trying to downgrade master

- Separate tests for same CVEs into separate files

- Fix order-dependent test failure in rest_authconfig_spec

- Always read request body when using Rack

- (#19392) (CVE-2013-1653) Fix acceptance test to catch unvalidated model on 2.6

- (#19392) (CVE-2013-1653) Validate indirection model in save handler

- Acceptance tests for CVEs 2013 (1640, 1652, 1653, 1654, 2274, 2275)

- (#19531) (CVE-2013-2275) Only allow report save from the node matching the certname

- (#19391) Backport Request#remote? method

- (#8858) Explicitly set SSL peer verification mode.

- (#8858) Refactor tests to use real HTTP objects

- (#19392) (CVE-2013-1653) Validate instances passed to indirector

- (#19391) (CVE-2013-1652) Disallow use_node compiler parameter for remote requests

- (#19151) Reject SSLv2 SSL handshakes and ciphers

- (#14093) Restore access to the filename in the template

- (#14093) Remove unsafe attributes from TemplateWrapper


Apply SAT patch number 7526.

See Also

Plugin Details

Severity: High

ID: 65796

File Name: suse_11_puppet-130320.nasl

Version: $Revision: 1.2 $

Type: local

Agent: unix

Published: 2013/04/04

Modified: 2013/10/25

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:11:puppet, p-cpe:/a:novell:suse_linux:11:puppet-server, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2013/03/20

Reference Information

CVE: CVE-2013-1640, CVE-2013-1652, CVE-2013-1653, CVE-2013-1654, CVE-2013-1655, CVE-2013-2274, CVE-2013-2275