pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/sysutils/salt



Module Name:    pkgsrc
Committed By:   wiz
Date:           Fri Dec 11 00:27:07 UTC 2015

Modified Files:
        pkgsrc/sysutils/salt: Makefile PLIST distinfo

Log Message:
Update salt to 2015.8.3, provided by Travis Paul in PR 50507.

Security Fix

CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions

This affects users of the state.sls function. The state run cache
on the minion was being created with incorrect permissions. This
file could potentially contain sensitive data that was inserted
via jinja into the state SLS files. The permissions for this file
are now being set correctly. Thanks to @zmalone for bringing this
issue to our attention.


To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 pkgsrc/sysutils/salt/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/sysutils/salt/PLIST
cvs rdiff -u -r1.15 -r1.16 pkgsrc/sysutils/salt/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index