2017/10/GHSA-92v7-pq4h-58j5 facter, hiera, mcollective-client, and puppet affected by untrusted search path vulnerability