Bug#888006: stretch-pu: package salt/2016.11.2+ds-1

Adam D. Barratt Mon, 26 Feb 2018 11:43:07 -0800

Control: tags -1 + moreinfo

On Mon, 2018-01-22 at 16:45 +0100, Ondřej Nový wrote:
> salt (2016.11.2+ds-1+deb9u1) stretch; urgency=medium
>   * Fix CVE-2017-12791: Directory traversal vulnerability on salt-
> master
>     via crafted minion IDs (Closes: #872399)
>   * Fix CVE-2017-14695: Directory traversal vulnerability in minion
> id
>     validation in SaltStack (Closes: #879089)
>   * Fix CVE-2017-14696: Remote Denial of Service with a specially
> crafted
>     authentication request (Closes: #879090)
>   * Check if data[return] is dict type (Closes: #887724)
>   * Do not require sphinx-build for cleaning docs (Closes: #851559)


The metadata for #887724 indicates that it currently affects the salt
package in unstable; is that correct?

Regards,

Adam

Bug#888006: stretch-pu: package salt/2016.11.2+ds-1

Reply via email to