Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted salt 2018.3.4+dfsg1-6+deb10u1 (source) into stable->embargoed, stable
Date: Wed, 06 May 2020 04:13:20 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 03 May 2020 21:11:01 +0200
Source: salt
Architecture: source
Version: 2018.3.4+dfsg1-6+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Salt Team <pkg-salt-team@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 949222 959684
Changes:
 salt (2018.3.4+dfsg1-6+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2020-11651: Resolve issue which allows access to un-intended
     methods in the ClearFuncs class of the salt-master process
     (Closes: #959684)
   * Fix CVE-2020-11652: Sanitize paths in ClearFuncs methods provided by
     salt-master (Closes: #959684)
   * Add note about log messages to hardening salt docs
   * salt-api NET API with the ssh client enabled is vulnerable to command
     injection (CVE-2019-17361) (Closes: #949222)
Checksums-Sha1:
 a61935e1374c53ec4bc5bf8d5c720543e5f2d272 4195 salt_2018.3.4+dfsg1-6+deb10u1.dsc
 8293356cdcdb4db5777c28dda673e2620ae23520 9087128 salt_2018.3.4+dfsg1.orig.tar.xz
 c1b9eab6aca4cf47f32e93611141d3eaa43f9122 70292 salt_2018.3.4+dfsg1-6+deb10u1.debian.tar.xz
 509e0391fd22f241811cfcdcb449ae778bc45dc9 8218 salt_2018.3.4+dfsg1-6+deb10u1_source.buildinfo
Checksums-Sha256:
 8bac5f5aea83d610410f896d240e67eeaa8a1bf26fd4817b557e2610e59e025b 4195 salt_2018.3.4+dfsg1-6+deb10u1.dsc
 c1793b5eeb98fbb8e0698b59d5f3a55d2684da17a053d3f498ec84d1e81edd2a 9087128 salt_2018.3.4+dfsg1.orig.tar.xz
 6544d7857eb1f72acdb82f99cd1b634d398e8b6a2edba30d2b1cda91b2c74a58 70292 salt_2018.3.4+dfsg1-6+deb10u1.debian.tar.xz
 556158ade5516359e60d2acc3ddf4529b5589fc875c4cc6d8fccbf815fbd0c7f 8218 salt_2018.3.4+dfsg1-6+deb10u1_source.buildinfo
Files:
 fa389095007893da303a2989902e76cb 4195 admin optional salt_2018.3.4+dfsg1-6+deb10u1.dsc
 1b07796d2b1af27ca51aa31efdfe6a69 9087128 admin optional salt_2018.3.4+dfsg1.orig.tar.xz
 7c7df81b2c6bfda743ac3734700ae5f1 70292 admin optional salt_2018.3.4+dfsg1-6+deb10u1.debian.tar.xz
 8f81d545ed0b54742d72c5c43328f214 8218 admin optional salt_2018.3.4+dfsg1-6+deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6wYxxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EpIgP/1Op8jJyistKBHBdvoFXD4BrbX17vcl5
7TZhdLcq6yeTA+/xWp8NTJLlVWg9OXBe2SzLlQcwiibs0M3KP3XGmLZAtON/NKw1
VBSoa9ZaNwiuw1IdNDEYLc/zbPxcYG/Q/zH/9tEInsYzBhI/uXr648d5FbUwMHgo
Fet87fOmzhE/4PBgYvwZmtk4RcQMFFJNmpeQO/Y9jgpxUpLmbtM6p81Zry/nO6PE
ZxPctaZxkv6Jjz0Z82/xHED8XoJZJN+TyPODu53aTzydX+Cd2pRYGlmp5FCb0M7F
AQj0U1jH6gGi38yZsmd4fCTCg2V9xPl0m3no+jaXm7H7FI7smUht75RaC2HDek8+
H+FkOu+YzLCAXR2W3oqS2Ml+lv2+80vP2ROYMU9F3wBWiYL4MLazTFbBiW2JmbV8
kJ6aLlnkRrfJXuuwSuGnannauE3GoXJ1QE89wc5DT7RNRkKivczR6c0iS4KCvx5L
my/BcZN6gNd+tZ/Qk++sjoZKT8BrryX74omxJVdAKaICknt9K+83J+bYda1ph5D4
+ayRSZnSopXFqRTmrbN7AI5C2uUwMuJh5qM8t8DeaCUHH8VN8ZSAI5YJao4reKbQ
azvadaLoGgg7e3fRDvcOuGkROPnAebyJtMpMsVD/6Fs3DKeMJ/epzy52uujYmojE
9yMI4PIuTLXt
=8yul
-----END PGP SIGNATURE-----
News for package salt
