[Secure-testing-commits] r33838 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Apr 25 15:07:38 UTC 2015


Author: carnil
Date: 2015-04-25 15:07:38 +0000 (Sat, 25 Apr 2015)
New Revision: 33838

Modified:
   data/CVE/list
Log:
Update CVE-2015-1838, salt not affected except experimental

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-04-25 14:55:44 UTC (rev 33837)
+++ data/CVE/list	2015-04-25 15:07:38 UTC (rev 33838)
@@ -4119,7 +4119,7 @@
 	NOTE: https://github.com/saltstack/salt/commit/b49d0d4b5ca5c6f31f03e2caf97cef1088eeed81
 CVE-2015-1838 [insecure /tmp file handling in salt/modules/serverdensity_device.py]
 	RESERVED
-	- salt <unfixed>
+	- salt <not-affected> (Vulnerable code only present in experimental version; introduced in 2014.7.0)
 	NOTE: https://github.com/saltstack/salt/commit/e11298d7155e9982749483ca5538e46090caef9c
 CVE-2015-1837
 	RESERVED




More information about the Secure-testing-commits mailing list