From 530ced208cac89d6811d88c97a2defcb3f7d09cb Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@brief.schottelius.org>
Date: Wed, 23 May 2012 16:09:55 +0200
Subject: [PATCH] cdist security bugfix release

Signed-off-by: Nico Schottelius <nico@brief.schottelius.org>
---
 blog/cdist-2.0.11-security-bugfix-release.mdwn | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 blog/cdist-2.0.11-security-bugfix-release.mdwn

diff --git a/blog/cdist-2.0.11-security-bugfix-release.mdwn b/blog/cdist-2.0.11-security-bugfix-release.mdwn
new file mode 100644
index 00000000..d6c54afe
--- /dev/null
+++ b/blog/cdist-2.0.11-security-bugfix-release.mdwn
@@ -0,0 +1,17 @@
+[[!meta title="Cdist 2.0.11 released"]]
+
+This is a security bugfix release:
+Cdist has so far used whatever umask has been setup on the local and remote
+system. This may have lead to 
+**/var/lib/cdist** being accessable by others, 
+including data from explorers.
+
+This release fixes this bug and setups a **umask of 077** within cdist.
+That means if you are using the **__file** type without the **--mode**
+parameter, your files may now have "more secure permissions" than you
+would like.
+
+It is recommended to update as soon as possible.
+For more information visit the [[cdist homepage|software/cdist]].
+
+[[!tag config unix]]