A security issue affects the following Ubuntu releases:
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
In general, a standard system upgrade is sufficient to effect the
It was discovered that Puppet did not drop supplementary groups when being
run as a different user. A local user may be able to use this flaw to
bypass security restrictions and gain access to restricted files.
It was discovered that Puppet did not correctly handle temporary files. A
local user can exploit this flaw to bypass security restrictions and
overwrite arbitrary files. (CVE-2010-0156)