Package "salt-doc"
| Name: |
salt-doc
|
Description: |
additional documentation for salt, the distributed remote execution system
|
| Latest version: |
2017.7.4+dfsg1-1ubuntu18.04.2 |
| Release: |
bionic (18.04) |
| Level: |
security |
| Repository: |
universe |
| Head package: |
salt |
| Homepage: |
http://saltstack.org/ |
Links
Download "salt-doc"
Other versions of "salt-doc" in Bionic
Changelog
|
salt (2017.7.4+dfsg1-1ubuntu18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerabilities in salt-api
- debian/patches/CVE-2018-15750_15751.patch: Ensure that tokens are hex
to avoid hanging/errors.
- CVE-2018-15750
- CVE-2018-15751
* SECURITY UPDATE: Command injection vulnerabilities in salt-api and
salt-master caused by improper sanitized input.
- debian/patches/CVE-2019-17361.patch: various netapi fixes and tests.
- debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization.
- debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes.
- CVE-2019-17361
- CVE-2020-11651
- CVE-2020-11652
-- Paulo Flabiano Smorigo <email address hidden> Wed, 05 Aug 2020 19:59:01 +0000
|
| CVE-2018-15750 |
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine whi |
| CVE-2018-15751 |
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-a |
| CVE-2019-17361 |
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticat |
| CVE-2020-11651 |
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate |
| CVE-2020-11652 |
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some meth |
|
About
-
Send Feedback to @ubuntu_updates
