Date: Wed, 05 Feb 2020 17:21:27 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 243908] sysutils/py-salt: Update to 2019.2.3 Message-ID: <bug-243908-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D243908 Bug ID: 243908 Summary: sysutils/py-salt: Update to 2019.2.3 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: christer.edwards@gmail.com Created attachment 211383 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D211383&action= =3Dedit patch This patch updates sysutils/py-salt to 2019.2.3. Version 2019.2.3 is a CVE-fix release for 2019.2.0. CVE-2019-17361 With the Salt NetAPI enabled in addition to having a SSH roster defined, unauthenticated access is possible when specifying the client as SSH. Additionally, when the raw_shell option is specified any arbitrary command = may be run on the Salt master when specifying SSH options. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-243908-7788>