Puppet is vulnerable to a symlink attack. When an authenticated users with an authorized SSL key and certain permissions on the puppet master sends a REST request for a file in a filebucket, arbitrary files are exposed to the user to read using a symlink.
lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
projects.puppetlabs.com/issues/13511
projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
puppetlabs.com/security/cve/cve-2012-1986/
secunia.com/advisories/48743
secunia.com/advisories/48748
secunia.com/advisories/48789
secunia.com/advisories/49136
ubuntu.com/usn/usn-1419-1
www.debian.org/security/2012/dsa-2451
www.securityfocus.com/bid/52975
access.redhat.com/security/updates/classification/#moderate
exchange.xforce.ibmcloud.com/vulnerabilities/74794
hermes.opensuse.org/messages/14523305
hermes.opensuse.org/messages/15087408
rhn.redhat.com/errata/RHSA-2012-1542.html