Debian users:
apt-get --only-upgrade install ruby-kafo
rm -f /tmp/default_values.yaml

Description

When Kafo (used in the Foreman installer) runs, a
/tmp/default_values.yaml file is written to and created with world
readable permissions. This is prone to race-condition attacks and
contains default values for all parameters, such as autogenerated passwords.

More information at Foreman :: Security

–
Dominic Cleal
Red Hat Engineering