[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] salt spu

Moritz Muehlenhoff jmm at debian.org
Mon Jan 22 17:53:11 UTC 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7a77a693 by Moritz Muehlenhoff at 2018-01-22T18:53:01+01:00
salt spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22536,10 +22536,14 @@ CVE-2017-14697
 	RESERVED
 CVE-2017-14696 (SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and ...)
 	- salt 2016.11.8+dfsg1-1 (bug #879090)
+	[stretch] - salt <no-dsa> (Minor issue)
+	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/5f8b5e1a0f23fe0f2be5b3c3e04199b57a53db5b
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/89e084bda356739de645c15e7d1968afebdcc56e (2016.11)
 CVE-2017-14695 (Directory traversal vulnerability in minion id validation in SaltStack ...)
 	- salt 2016.11.8+dfsg1-1 (bug #879089)
+	[stretch] - salt <no-dsa> (Minor issue)
+	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/80d90307b07b3703428ecbb7c8bb468e28a9ae6d
 	NOTE: Fixed by: https://github.com/saltstack/salt/commit/206ae23f15cb7ec95a07dee4cbe9802da84f9c42 (2016.11)
 CVE-2017-14694 (Foxit Reader 8.3.2.25013 and earlier and Foxit PhantomPDF 8.3.2.25013 ...)


=====================================
data/next-point-update.txt
=====================================
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -61,3 +61,9 @@ CVE-2018-5748
 	[stretch] - libvirt 3.0.0-4+deb9u2
 CVE-2017-7536
 	[stretch] - libhibernate-validator-java 4.3.3-1+deb9u1
+CVE-2017-12791
+	[stretch] - salt 2016.11.2+ds-1+deb9u1
+CVE-2017-14695
+	[stretch] - salt 2016.11.2+ds-1+deb9u1
+CVE-2017-14696
+	[stretch] - salt 2016.11.2+ds-1+deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a77a693f044fc045299183034f196ba074aeec2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7a77a693f044fc045299183034f196ba074aeec2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180122/805a8183/attachment.html>


More information about the Secure-testing-commits mailing list