[Pkg-salt-team] Bug#783300: salt: CVE-2015-1838: insecure /tmp file handling in salt/modules/serverdensity_device.py
Salvatore Bonaccorso
carnil at debian.org
Sat Apr 25 15:11:23 UTC 2015
Source: salt
Version: 2014.7.0+ds-2
Severity: normal
Tags: security upstream patch fixed-upstream
Hi
There is an insecure use of /tmp file handling in
salt/modules/serverdensity_device.py which afaics is only in 2014.7.0
(so affecting experimental only) and is fixed in 2014.7.4.
See: https://bugzilla.redhat.com/show_bug.cgi?id=1212784
Please include the CVE id in changelog if you fix this issue.
Regards,
Salvatore
More information about the pkg-salt-team
mailing list