CVE-2014-7170

NameCVE-2014-7170
DescriptionRace condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs830904

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
puppetserverITP830904

Notes

https://puppet.com/security/cve/cve-2014-7170
Is actually a packaging bug in upstream provided packages fixed in 0.2.0.

Search for package or bug name: Reporting problems