Mandriva: 2013:186: puppet

LinuxSecurity.com: Updated puppet packages fix remote code execution vulnerability
When making REST api calls, the puppet master takes YAML from
an untrusted client, deserializes it, and then calls methods on
the resulting object. A YAML payload can be crafted to cause the
[More...]