Announce: Puppet 3.2.2 Available [ Security Release ]

136 views
Skip to first unread message

Matthaus Owens

unread,
Jun 18, 2013, 1:07:50 PM6/18/13
to puppet...@googlegroups.com, puppe...@googlegroups.com, puppet-...@googlegroups.com
Puppet 3.2.2 is now available. 3.2.2 addresses a security
vulnerability discovered in the 3.x series of Puppet. This
vulnerability has been assigned Mitre CVE number CVE-2013-3567.

All users of Puppet 3.2.1 and earlier are strongly encouraged to
upgrade to 3.2.2.

For more information on this vulnerability, please visit
http://puppetlabs.com/security/cve/cve-2013-3567.

Thanks to Ben Murphy, for discovering and responsibly disclosing the
vulnerability.

Downloads are available at:
* Source https://downloads.puppetlabs.com/puppet/puppet-3.2.2.tar.gz

Windows package is available at
https://downloads.puppetlabs.com/windows/puppet-3.2.2.msi

RPMs are available at https://yum.puppetlabs.com/el or /fedora

Debs are available at https://apt.puppetlabs.com

Mac package is available at
https://downloads.puppetlabs.com/mac/puppet-3.2.2.dmg

Gems are available via rubygems at
https://rubygems.org/downloads/puppet-3.2.2.gem or by using `gem
install puppet --version=3.2.2`

See the Verifying Puppet Download section at:
https://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet

Please report feedback via the Puppet Labs Redmine site, using an
affected puppet version of 3.2.2:
http://projects.puppetlabs.com/projects/puppet/

## Changelog ##

Matthaus Owens (1):
a6c08f9 (packaging) Update PUPPETVERSION to 3.2.2

Patrick Carlisle (6):
81eeace Add acceptance test for report processing
6a29171 Add vendoring system into puppet
40f2744 Fix installation of vendored libs
6f1b979 Vendor safe_yaml 0.9.2
ce50d4a (#20584) Only deserialize expected objects from YAML
d06e1df Remove acceptance test for yaml parsing that was no longer valid
Reply all
Reply to author
Forward
Message has been deleted
0 new messages