PR/50507 CVS commit: pkgsrc/sysutils/salt

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost,Tr%visPaul.me@localhost
Subject: PR/50507 CVS commit: pkgsrc/sysutils/salt
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Fri, 11 Dec 2015 00:30:01 +0000 (UTC)

The following reply was made to PR pkg/50507; it has been noted by GNATS.

From: "Thomas Klausner" <wiz%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc: 
Subject: PR/50507 CVS commit: pkgsrc/sysutils/salt
Date: Fri, 11 Dec 2015 00:27:07 +0000

 Module Name:	pkgsrc
 Committed By:	wiz
 Date:		Fri Dec 11 00:27:07 UTC 2015

 Modified Files:
 	pkgsrc/sysutils/salt: Makefile PLIST distinfo

 Log Message:
 Update salt to 2015.8.3, provided by Travis Paul in PR 50507.

 Security Fix

 CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions

 This affects users of the state.sls function. The state run cache
 on the minion was being created with incorrect permissions. This
 file could potentially contain sensitive data that was inserted
 via jinja into the state SLS files. The permissions for this file
 are now being set correctly. Thanks to @zmalone for bringing this
 issue to our attention.

 To generate a diff of this commit:
 cvs rdiff -u -r1.32 -r1.33 pkgsrc/sysutils/salt/Makefile
 cvs rdiff -u -r1.13 -r1.14 pkgsrc/sysutils/salt/PLIST
 cvs rdiff -u -r1.15 -r1.16 pkgsrc/sysutils/salt/distinfo

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

Prev by Date: Re: pkg/50507 (Update salt to 2015.8.3)
Next by Date: pkg/50521: tor compile error
Previous by Thread: Re: pkg/50507 (Update salt to 2015.8.3)
Next by Thread: pkg/50521: tor compile error
Indexes:

Home | Main Index | Thread Index | Old Index