Mandriva: 2013:222: puppet

LinuxSecurity.com: Updated puppet and puppet3 package fix security vulnerabilities:
It was discovered that Puppet incorrectly handled the resource_type
service. A local attacker on the master could use this issue to
execute arbitrary Ruby files (CVE-2013-4761).
[More...]