UbuntuUpdates.org

Package "salt-cloud"

Name: salt-cloud

Description:

public cloud VM management system

Latest version: 2015.8.8+ds-1ubuntu0.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: salt
Homepage: http://saltstack.org/

Links


Download "salt-cloud"


Other versions of "salt-cloud" in Xenial

Repository Area Version
base universe 2015.8.8+ds-1
security universe 2015.8.8+ds-1ubuntu0.1

Changelog

Version: 2015.8.8+ds-1ubuntu0.1 2020-08-13 22:06:22 UTC

  salt (2015.8.8+ds-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Command injection vulnerabilities in salt-api and
    salt-master caused by improper sanitized input.
    - debian/patches/CVE-2019-17361.patch: various netapi fixes and tests.
    - debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization.
    - debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes.
    - CVE-2019-17361
    - CVE-2020-11651
    - CVE-2020-11652

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 06 Aug 2020 16:52:58 +0000

CVE-2019-17361 In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticat
CVE-2020-11651 An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate
CVE-2020-11652 An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some meth



About   -   Send Feedback to @ubuntu_updates