CVE-2017-14696 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Denial of service |
Description | It has been discovered that salt incorrectly handled IDs with null bytes in decoded payloads. A specially crafted authentication request will crash the application while processing. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-438 | salt | 2017.7.1-1 | 2017.7.2-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
09 Oct 2017 | ASA-201710-12 | AVG-438 | salt | Medium | multiple issues |
References |
---|
https://groups.google.com/forum/#!topic/salt-announce/X8ZiQrZLujA https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b |