[Pkg-salt-team] Bug#959684: salt: CVE-2020-11652: [CVEHelp at saltstack.com] Action Required: SaltStack CVE Follow-Up Patch
Abhijith PA
abhijith at disroot.org
Tue May 26 10:38:56 BST 2020
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello,
> I would like to get some testing feedback on the stretch packages,
> if you have such instance
> https://people.debian.org/~carnil/tmp/salt/stretch/ contains
> testing packages.
I think some lines from the original patch[1] is missed. I couldn't
find L80 to L97[2] in updated stretch package. Was it intentional ?
- --a
[1]-https://github.com/rossengeorgiev/salt-security-backports/blob/master/2016.11.8_CVE-2020-11652.patch
[2]-https://github.com/rossengeorgiev/salt-security-backports/blob/master/2016.11.8_CVE-2020-11652.patch#L80
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAl7M468ACgkQhj1N8u2c
KO/2bw/+PsauU34MOTU4f2j/d4uxHbI75ZEHC0GaZOq33ZXTlZ9yoK2rd8UkGWF/
OP8Agt7htGwVS/p2QEiE4/QsCLK8BZPPK6+rpZtvsjnHfOn9w4gL8vqQF2NX7WIt
7lSrH9QAapA/rake8zvOOvmQvcDfQwMBGWNTr6sLy2lAYwgqXQNxKOJku6U3jZ9p
WIrCUAXGaqyTOu/O4wxrZKU5U4pUsVp3N5nxS40nfmH/ax7XllnOiiCGaM595x38
aoHXdV6fmwc1qXeJWAAtn211JNQn+qfRz+HGgE+6ReCFWEg8ZZGRO8mmeR02UEu/
jZKerkV/kmZmfUblP5LnsM+zxaLGtr1XGW79UnXO7IZAoE+Ffwrli9e4ldJTMBwD
Qtkw5Q9WKidR+VvEQO6SKt3LqjoYCp6J7HBGPK6D1tDeRK8zGh125HJYGl5xvTOW
ePX6ydwuGDXZzS0GruaBzfvu2M4CQ5Xzv89WV156Eel0JgNFlR4RhOwHNBPKGhSq
vHBAUVfXy68kCKxKcnvUBjTx8Vy6bmosMy12hIyhVBO62W4QYqxbiXEkIiyCaTW9
bPMQ+Ar1191e8Li1ZfNYOk6qQWe0ykmbWwqidUQvoHTfddOnNlTbr41Qf5tMa3k8
+HurFlu87shosYJoweB5s72O4Zn+c9In73NLl59Bb4K5xwNiV60=
=JIZW
-----END PGP SIGNATURE-----
More information about the pkg-salt-team
mailing list