HomeFreeBSD

MFH: r483114

Description

MFH: r483114

sysutils/py-salt: Update to 2018.3.3

This is a security release, addressing the following CVE's:

  • CVE-2018-15751 - Remote command execution and incorrect access control when using salt-api.
  • CVE-2018-15750 - Directory traversal vulnerability using salt-api. Allows an attacker to determine what files exist on a server when querying /run or /events.

Other changes this release:

https://docs.saltstack.com/en/latest/topics/releases/2018.3.3.html

PR: 232663
Submitted by: Christer Edwards <christer.edwards@gmail.com>
Approved by: Christer Edwards (maintainer)
Security: https://www.vuxml.org/freebsd/4f7c6af3-6a2c-4ead-8453-04e509688d45.html

Approved by: ports-secteam (riggs)

Details

Committed
woodsb02Oct 28 2018, 2:11 PM
Parents
rP483294: Honor CFLAGS.
Branches
Unknown
Tags
Unknown