Date: Wed, 24 Oct 2018 22:18:28 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 232663] sysutils/py-salt: update to 2018.3.3 (CVE-2018-15751, CVE-2018-15750) Message-ID: <bug-232663-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D232663 Bug ID: 232663 Summary: sysutils/py-salt: update to 2018.3.3 (CVE-2018-15751, CVE-2018-15750) Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ports-bugs@FreeBSD.org Reporter: christer.edwards@gmail.com Created attachment 198605 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D198605&action= =3Dedit patch We are pleased to announce the 2018.3.3 release of Salt! Release notes can be found here: https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html Sources are available on PyPI: https://pypi.python.org/pypi/salt/2018.3.3 2018.3.3 is a security release. The following CVE's were fixed as part of t= his release: CVE-2018-15751 Remote command execution and incorrect access control when u= sing salt-api. CVE-2018-15750 Directory traversal vulnerability when using salt-api. Allow= s an attacker to determine what files exist on a server when querying /run or /events. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-232663-7788>