14 DAY TRIAL // In a security notice, Canonical published details about a Puppet vulnerability in its Ubuntu 13.10, Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.
According to the company, Puppet could have been made to overwrite files.
It has been discovered that Puppet incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions.
For a more detailed description of the problems, you can see Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest puppet-common package specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes, but this time a system restart will be necessary to implement them.