[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 80181 Download | Alert*

This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building for systemd OSes. - Drop wrong mock from chroot unit test. - Support systemd versions with dot. - ...

Several vulnerabilities were discovered in salt-master, a powerful remote execution manager, which could result in retrieve of user tokens from the salt-master master, execution of arbitrary commands on salt-master minions, arbitrary directory access to authenticated users or arbitrary code execution on salt-master-api hosts.

The update for salt-master for the oldstable distribution released as DSA 4676-1 contained an incomplete fix to address CVE-2020-11651 and CVE-2020-11652. Updated salt-master packages are now available to correct this issue. For reference, the original advisory text follows. Several vulnerabilities were discovered in salt-master, a powerful remote execution manager, which could result in retrieve ...

salt: Infrastructure management built on a dynamic communication bus Several security issues were fixed in Salt.

Several vulnerabilities were discovered in salt-common, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of salt-common SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the salt-common API using the SSH client.

salt: Infrastructure management built on a dynamic communication bus Several security issues were fixed in Salt.

flatpak: Application deployment framework for desktop apps A Flatpak application could access files that it would not normally be permitted to access.

pillow: Python Imaging Library Pillow could be made to crash or run programs as your login if it opened a specially crafted file.

pillow: Python Imaging Library Pillow could be made to crash or run programs as your login if it opened a specially crafted file.

pillow: Python Imaging Library Pillow could be made to crash or run programs as your login if it opened a specially crafted file.


Pages:      Start    2842    2843    2844    2845    2846    2847    2848    2849    2850    2851    2852    2853    2854    2855    ..   8018

© SecPod Technologies