-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 30 Sep 2011 21:23:53 -0400
Source: puppet
Binary: puppet puppetmaster puppet-common vim-puppet puppet-el puppet-testsuite
Architecture: source all
Version: 2.6.2-5+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Puppet Package Maintainers <pkg-puppet-devel@lists.alioth.debian.org>
Changed-By: Micah Anderson <micah@debian.org>
Description: 
 puppet     - Centralized configuration management - agent startup and compatib
 puppet-common - Centralized configuration management
 puppet-el  - syntax highlighting for puppet manifests in emacs
 puppet-testsuite - Centralized configuration management - test suite
 puppetmaster - Centralized configuration management - master startup and compati
 vim-puppet - syntax highlighting for puppet manifests in vim
Changes: 
 puppet (2.6.2-5+squeeze1) stable-security; urgency=high
 .
   * Resist directory traversal attacks (CVE-2011-3848)
   * Fix SSH authorized_keys symlink attack (CVE-2011-3870)
   * Fix K5login content attack (CVE-2011-3869)
   * Fix predictable temp file using RAL (CVE-2011-3871)
   * Fix file indirector injection (low risk)
Checksums-Sha1: 
 4d9139e955b1c44f14bf3d1dc367adb9b8308ea2 2172 puppet_2.6.2-5+squeeze1.dsc
 5fcf378aa45b80aaf318110ec6ead7c0e253a4a0 1541056 puppet_2.6.2.orig.tar.gz
 2f3ad54e0e8e5b586a566749a4b848f546c34e00 41693 puppet_2.6.2-5+squeeze1.debian.tar.gz
 be0d0bf5b140656547aa3857a977147f27261b9d 209212 puppet_2.6.2-5+squeeze1_all.deb
 5c738d62f235375ff48d5c4ed3a0c6354158083d 212114 puppetmaster_2.6.2-5+squeeze1_all.deb
 151b24d013153a8c4ec8062f4ca08983583fda69 750976 puppet-common_2.6.2-5+squeeze1_all.deb
 52402ce7919db37cf52c7804c771be73b37d76c6 200596 vim-puppet_2.6.2-5+squeeze1_all.deb
 0d5d67e9ec0dba17372537629de510bda7c76bcb 202562 puppet-el_2.6.2-5+squeeze1_all.deb
 9baa1b0adeec168e0b3a7672287cd818cdba7297 886954 puppet-testsuite_2.6.2-5+squeeze1_all.deb
Checksums-Sha256: 
 f4989e913ac59c08055da2333e0971084253c2faead71a529883304751ac628c 2172 puppet_2.6.2-5+squeeze1.dsc
 7c13cfa32718101b594ede10e07e212c08d41a2c26e607cf7c7a7da9a4076245 1541056 puppet_2.6.2.orig.tar.gz
 f3f107f260e84b9f89abc00252487cd11da9f918d8325d5c5afa6d274b786180 41693 puppet_2.6.2-5+squeeze1.debian.tar.gz
 0fdeeeb4ebf795c0fd4fb481f72efcfdd3ebb20bb4d50f96d8f4f52222cf5a8f 209212 puppet_2.6.2-5+squeeze1_all.deb
 e636a58e12fda8e9a5fbc7514632d5902087caca33c48214e6343f194acdba88 212114 puppetmaster_2.6.2-5+squeeze1_all.deb
 49721ce75fe1faa7dc159252edd546e9d1c08abaf2945709614d73c5c8849ffb 750976 puppet-common_2.6.2-5+squeeze1_all.deb
 4ca334f41379a2a834ed9da44229cb3f44e1f13a6aeeb8827bbdcc11187655dc 200596 vim-puppet_2.6.2-5+squeeze1_all.deb
 8a945b1b19de0f4bdab7236b1dcd67cd9e6fa08ee52d5ab7e45d2909c3a334c4 202562 puppet-el_2.6.2-5+squeeze1_all.deb
 e9f28f8f4296bbf440495f9d8a0c75388afbe8771b6f49846200688266354704 886954 puppet-testsuite_2.6.2-5+squeeze1_all.deb
Files: 
 247ec836e9cdbb3f7c01bc0a8c5c1baa 2172 admin optional puppet_2.6.2-5+squeeze1.dsc
 004791c57f029d299366849fea6820ed 1541056 admin optional puppet_2.6.2.orig.tar.gz
 c2a83b22df0cd93da7a3d88ecf40ece8 41693 admin optional puppet_2.6.2-5+squeeze1.debian.tar.gz
 4895612fb29f8c2057eebb5663d0a4aa 209212 admin optional puppet_2.6.2-5+squeeze1_all.deb
 9e1e47468537b7847115b033a4896ec2 212114 admin optional puppetmaster_2.6.2-5+squeeze1_all.deb
 3fb02543b7e604247864974b65026c62 750976 admin optional puppet-common_2.6.2-5+squeeze1_all.deb
 d77c35d02f06a1d741c10aec90b44628 200596 admin optional vim-puppet_2.6.2-5+squeeze1_all.deb
 7d87bcb8b3503db72c9c16fc943530ec 202562 admin optional puppet-el_2.6.2-5+squeeze1_all.deb
 ac1750368b891f10efe4356e4abe7344 886954 admin optional puppet-testsuite_2.6.2-5+squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJOicpaAAoJEIy/mjIoYaeQB1sP/29RiVogFGKPMKDhyJ7LgeTP
skDuR4qOpdRHjgjDWURzJ5zEiYEVr8A+VPXrgNBxjrRrYty6KaNgmdh3kCaXRVXx
zit1AMVqW7QF+qLa95sWgbIycbVKLUg5HXUulMvrzXTdF8V85lAAHwvM2K6SGgiM
OoomBk2/mFNgJYOpfPWs0480kFvKtbdl1mKWu4+W6aJpxmMQIQuiuFjO6HO4EVT3
+hrjM7B1d+wpjFEV3T1073x2+r+lmpjo0ATW5hLHMcoeF+9eoasHWwzS/iJ/UHo7
qPULmRpXdQ7T3hHXd5cN65XyIt7xqmLLvQ+8zFcZWk/7tL2n7h3cPZCiFGpnBavz
aR7Xw+FQguyXuDZ4J7HLpjPoFim3NIjykSTfvwD7zZcF4r1x+Df2MNpTf/4lRR2I
4FIntSSuRSDMr7RaTqAc/TD5u0yZTJGcwoiC0bC0HtfM5jGHkmHFWjkywEgM/M04
MVIsfq+9vXlT8rLHlkzyXGNaCiWnYd2zx3ki7bGynQcXVqdvpUALM8jhrnwQGeU5
gnL55/+/Ak3HgLUm9mMW8FOL8PzicWlMRddOBgfXjR32upoS7UaruhMX3APzYCup
luhf1MlFQuiGuObv1yb7xrWHGFhauUn2dOaKn+I02gittPkoOZZj+2n4P0uKqyPE
xy9btGKayGPTIl22X98E
=tek3
-----END PGP SIGNATURE-----