AVG-438 log
Package | salt |
Status | Fixed |
Severity | Medium |
Type | multiple issues |
Affected | 2017.7.1-1 |
Fixed | 2017.7.2-1 |
Current | Removed |
Ticket | None |
Created | Mon Oct 9 19:52:21 2017 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2017-14696 | Medium | Yes | Denial of service | It has been discovered that salt incorrectly handled IDs with null bytes in decoded payloads. A specially crafted authentication request will crash the... |
CVE-2017-14695 | Medium | Yes | Directory traversal | It has been discovered that maliciously crafted minion IDs can cause unwanted directory traversals on the salt-master. The flaw is within the minion id... |
Date | Advisory | Package | Type |
---|---|---|---|
09 Oct 2017 | ASA-201710-12 | salt | multiple issues |
References |
---|
https://groups.google.com/forum/#!topic/salt-announce/X8ZiQrZLujA |