Hi Tim, Puppet itself is not affected by the libxslt security issue. We package libxslt as a convenience for those who wish to install additional packages that depend on it, like nokogiri, in a puppet-agent environment.
On Tue, Apr 30, 2019 at 1:41 PM Tim Skirvin <[email protected]> wrote: > The primary purpose of this last puppet release (6.4.2, etc) seems > to be to address a libxslt critical security bug. Can somebody comment > on how this bug affects puppet itself? I want to know how to explain the > need to patch to my management. > > https://tickets.puppetlabs.com/browse/PA-2667 > https://puppet.com/docs/puppet/6.4/release_notes_puppet.html > > - Tim Skirvin ([email protected]) > -- > HPC Systems Administrator / Developer > http://www.linkedin.com/in/tskirvin > USCMS-T1 Collaboration Fermilab ECF > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/20190430204147.GA5630%40fnal.gov > . > For more options, visit https://groups.google.com/d/optout. > -- *Molly Waggett* she/her/hers Release Engineer @ Puppet, Inc. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAFOE68BB6qwoz3CWZfrrHOnRF4WmaAtWPTW4BVt7K-7RxddBmw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
