Package "salt"
Name: |
salt
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Generic, modular network access system
- public cloud VM management system
- shared libraries that salt requires for all packages
- additional documentation for salt, the distributed remote execution system
|
Latest version: |
2015.8.8+ds-1ubuntu0.1 |
Release: |
xenial (16.04) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "salt" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
salt (2015.8.8+ds-1ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Command injection vulnerabilities in salt-api and
salt-master caused by improper sanitized input.
- debian/patches/CVE-2019-17361.patch: various netapi fixes and tests.
- debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization.
- debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes.
- CVE-2019-17361
- CVE-2020-11651
- CVE-2020-11652
-- Paulo Flabiano Smorigo <email address hidden> Thu, 06 Aug 2020 16:52:58 +0000
|
CVE-2019-17361 |
In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticat |
CVE-2020-11651 |
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate |
CVE-2020-11652 |
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some meth |
|
About
-
Send Feedback to @ubuntu_updates