UbuntuUpdates.org

Package "salt-syndic"

Name: salt-syndic

Description:

master-of-masters for salt, the distributed remote execution system

Latest version: 2017.7.4+dfsg1-1ubuntu18.04.2
Release: bionic (18.04)
Level: security
Repository: universe
Head package: salt
Homepage: http://saltstack.org/

Links


Download "salt-syndic"


Other versions of "salt-syndic" in Bionic

Repository Area Version
base universe 2017.7.4+dfsg1-1
updates universe 2017.7.4+dfsg1-1ubuntu18.04.2

Changelog

Version: 2017.7.4+dfsg1-1ubuntu18.04.2 2020-08-13 21:06:55 UTC

  salt (2017.7.4+dfsg1-1ubuntu18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Directory traversal vulnerabilities in salt-api
    - debian/patches/CVE-2018-15750_15751.patch: Ensure that tokens are hex
      to avoid hanging/errors.
    - CVE-2018-15750
    - CVE-2018-15751
  * SECURITY UPDATE: Command injection vulnerabilities in salt-api and
    salt-master caused by improper sanitized input.
    - debian/patches/CVE-2019-17361.patch: various netapi fixes and tests.
    - debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization.
    - debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes.
    - CVE-2019-17361
    - CVE-2020-11651
    - CVE-2020-11652

 -- Paulo Flabiano Smorigo <email address hidden> Wed, 05 Aug 2020 19:59:01 +0000

CVE-2018-15750 Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine whi
CVE-2018-15751 SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-a
CVE-2019-17361 In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticat
CVE-2020-11651 An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate
CVE-2020-11652 An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some meth



About   -   Send Feedback to @ubuntu_updates