[ubuntu/jammy-proposed] salt 3004.1+dfsg-1 (Accepted)
Benjamin Drung
bdrung at posteo.de
Sat Apr 16 10:40:08 UTC 2022
salt (3004.1+dfsg-1) unstable; urgency=medium
* New upstream security/bugfix release. (Closes: #1008945)
- Sign authentication replies to prevent MiTM (CVE-2022-22935)
- Prevent job and fileserver replays (CVE-2022-22936)
- Sign pillar data to prevent MiTM attacks. (CVE-2202-22934)
- Fixed targeting bug, especially visible when using syndic and user auth.
(CVE-2022-22941) (#60413)
- Fix denial of service in junos ifconfig output parsing.
* d/watch: Drop number from repack suffix
* Refresh patches
* Mark test_list_available_packages requiring network
* Rely on pytest-skip-markers 1.1.0-3 that supports NO_INTERNET
* Don't rely on importlib.metadata, it's still not ready for our usage
(Closes: #1008896)
* test_aptpkg.py: Fix UnboundLocalError: local variable 'test_repo'
(Closes: #1006036)
* Update my email address to @debian.org
Date: 2022-04-16 10:34:58.589408+00:00
Signed-By: Benjamin Drung <bdrung at posteo.de>
https://launchpad.net/ubuntu/+source/salt/3004.1+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list