[ubuntu/bionic-updates] salt 2017.7.4+dfsg1-1ubuntu18.04.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Aug 13 19:58:14 UTC 2020
salt (2017.7.4+dfsg1-1ubuntu18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Directory traversal vulnerabilities in salt-api
- debian/patches/CVE-2018-15750_15751.patch: Ensure that tokens are hex
to avoid hanging/errors.
- CVE-2018-15750
- CVE-2018-15751
* SECURITY UPDATE: Command injection vulnerabilities in salt-api and
salt-master caused by improper sanitized input.
- debian/patches/CVE-2019-17361.patch: various netapi fixes and tests.
- debian/patches/CVE-2020-11651_11652_1.patch: Checks and sanitization.
- debian/patches/CVE-2020-11651_11652_2.patch: Adding in missing fixes.
- CVE-2019-17361
- CVE-2020-11651
- CVE-2020-11652
Date: 2020-08-13 17:51:14.594085+00:00
Changed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/salt/2017.7.4+dfsg1-1ubuntu18.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list