[MacPorts] #55059: salt @2017.7.1: update to 2017.7.2

MacPorts noreply at macports.org
Wed Oct 11 02:58:52 UTC 2017


#55059: salt @2017.7.1: update to 2017.7.2
----------------------+-------------------
 Reporter:  l2dy      |      Owner:  aphor
     Type:  update    |     Status:  new
 Priority:  Normal    |  Milestone:
Component:  ports     |    Version:
 Keywords:  security  |       Port:  salt
----------------------+-------------------
 https://docs.saltstack.com/en/latest/topics/releases/2017.7.2.html

 CVE-2017-14695 Directory traversal vulnerability in minion id validation
 in SaltStack. Allows remote minions with incorrect credentials to
 authenticate to a master via a crafted minion ID. Credit for discovering
 the security flaw goes to: Julian Brost (julian at 0x4a42.net)

 CVE-2017-14696 Remote Denial of Service with a specially crafted
 authentication request. Credit for discovering the security flaw goes to:
 Julian Brost (julian at 0x4a42.net)

--
Ticket URL: <https://trac.macports.org/ticket/55059>
MacPorts <https://www.macports.org/>
Ports system for macOS


More information about the macports-tickets mailing list