Please Install the Updated Packages.

It was discovered that Puppet agents incorrectly handled certain kick connections in a non-default configuration. An attacker on an authenticated client could use this issue to possibly execute arbitrary code. (CVE-2013-1653) It was discovered that Puppet incorrectly handled certain catalog requests. An attacker on an authenticated client could use this issue to possibly execute arbitrary code on the master. (CVE-2013-1640) It was discovered that Puppet incorrectly handled certain client requests. An attacker on an authenticated client could use this issue to possibly perform unauthorized actions. (CVE-2013-1652) It was discovered that Puppet incorrectly handled certain SSL connections. An attacker could use this issue to possibly downgrade connections to SSLv2. (CVE-2013-1654) It was discovered that Puppet incorrectly handled serialized attributes. An attacker on an authenticated client could use this issue to possibly cause a denial of service, or execute arbitrary. (CVE-2013-1655) It was discovered that Puppet incorrectly handled submitted reports. An attacker on an authenticated node could use this issue to possibly submit a report for any other node. (CVE-2013-2275)

puppet on Ubuntu 12.10 , Ubuntu 12.04 LTS , Ubuntu 11.10