Matthew Thode

**Name of the Vulnerable Software and Affected Versions** Puppet Enterprise versions 2015.3.3 and 2016.x before 2016.4.0 Puppet Agent versions 1.3.6 through 1.7.0 **Description** The issue allows remote attackers to bypass a host whitelist protection mechanism and execute arbitrary code on nodes via vectors related to command validation. **Recommendations** For Puppet Enterprise versions 2015.3.3 and 2016.x before 2016.4.0, update to version 2016.4.0 or later to resolve the issue. For Puppet Agent versions 1.3.6 through 1.7.0, update to version 1.7.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.13.4 SUSE Linux Enterprise kernel-pae-devel (affected versions not specified) SUSE Linux Enterprise kernel-xen-devel (affected versions not specified) SUSE Linux Enterprise gfs2-kmp-xen (affected versions not specified) SUSE Linux Enterprise kernel-ec2-devel (affected versions not specified) **Description** The issue allows local users to cause a denial of service by leveraging the CAP MAC ADMIN capability to set a zero-length security context. Multiple vulnerabilities in SUSE Linux Enterprise packages may lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. **Recommendations** For Linux kernel versions prior to 3.13.4, update to version 3.13.4 or later to resolve the issue. For SUSE Linux Enterprise kernel-pae-devel, kernel-xen-devel, gfs2-kmp-xen, and kernel-ec2-devel, at the moment, there is no information about a newer version that contains a fix for this vulnerability.