Ubuntu Security Notice 1419-1 – It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files.
Originally posted here:
Ubuntu Security Notice USN-1419-1