Date: Thu, 23 Nov 2017 14:41:00 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 223821] sysutils/py-salt: Update to 2017.7.2 Message-ID: <bug-223821-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D223821 Bug ID: 223821 Summary: sysutils/py-salt: Update to 2017.7.2 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: woodsb02@freebsd.org CC: christer.edwards@gmail.com CC: christer.edwards@gmail.com Flags: maintainer-feedback?(christer.edwards@gmail.com) Created attachment 188217 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D188217&action= =3Dedit Patch to update sysutils/py-salt to 2017.7.2 sysutils/py-salt: Update to 2017.7.2 Changes this release: https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html This update includes 2 security fixes: CVE-2017-14695 Directory traversal vulnerability in minion id validation in SaltStack. Allows remote minions with incorrect credentials to authenticate= to a master via a crafted minion ID. Credit for discovering the security flaw = goes to: Julian Brost (julian@0x4a42.net) CVE-2017-14696 Remote Denial of Service with a specially crafted authentica= tion request. Credit for discovering the security flaw goes to: Julian Brost (julian@0x4a42.net) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-223821-13>