Puppet Forge Vulnerability Fix
Posted October 21, 2014
Puppet Labs has identified and fixed a potential security vulnerability in the Puppet Forge. In theory, the vector could have allowed potential account hijacking. However, log analysis revealed no evidence that the vulnerability was ever exploited.
We have updated the Puppet Forge to address the issue.