关键漏洞信息 CVE Identifier CVE-2013-4761 CVE-2013-4956 Vulnerabilities 1. CVE-2013-4761 - The 'resource_type' service, disabled by default, could be used to make Puppet load arbitrary Ruby code from Puppet master's file system. 2. CVE-2013-4956 - Modules installed with the Puppet Module Tool might be installed with weak permissions, potentially allowing local users to read or modify them. Affected Distributions and Patches wheezy (stable): Updated to version 2.7.33. squeeze (oldstable): Not updated; no fix for CVE-2013-4761 and not affected by CVE-2013-4956. jessie (testing) and sid (unstable): Updated to version 3.2.4-1. Recommendations Upgrade your Puppet packages. Refer to Debian Security Advisories for more information: http://www.debian.org/security/