Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To:
Subject: Accepted salt 3002.6+dfsg1-4+deb11u1 (source) into stable-security->embargoed, stable-security
Date: Fri, 19 Nov 2021 10:54:17 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 18 Nov 2021 22:09:03 +0100
Source: salt
Architecture: source
Version: 3002.6+dfsg1-4+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Salt Team <pkg-salt-team@alioth-lists.debian.net>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
 salt (3002.6+dfsg1-4+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2021-21996:
     Jonathan Schlue discovered that a user who has control of the source, and
     source_hash URLs can gain full file system access as root on a salt minion.
Checksums-Sha1:
 8a1cfc1a04cd14bf0c03bf24942503c30311975a 4388 salt_3002.6+dfsg1-4+deb11u1.dsc
 6f5e3211ee86c7868827d35829745d539b182e55 10747760 salt_3002.6+dfsg1.orig.tar.xz
 b0f29aeed62f7bb86cb9784869f44f5158063e63 76716 salt_3002.6+dfsg1-4+deb11u1.debian.tar.xz
 e7d204a6c3edfb910d27b3d5fee0a5210f3267e2 7135 salt_3002.6+dfsg1-4+deb11u1_source.buildinfo
Checksums-Sha256:
 20861d380a6f46ebf0b5044ea7fe8ed6434c9ba6e42f484c74d8860e3f74cd71 4388 salt_3002.6+dfsg1-4+deb11u1.dsc
 08f0e30911075a297062127633d18cd08979f5ec495df9d421dc378d4597cc32 10747760 salt_3002.6+dfsg1.orig.tar.xz
 ba4dbc6088d3c09d8fe3cced2169425bda5e672a1eb44dc7026803244642c8d9 76716 salt_3002.6+dfsg1-4+deb11u1.debian.tar.xz
 4d524c1dbc3231677ba53c251aca6cb155fd855d70d0cd62c757f40f2dee2291 7135 salt_3002.6+dfsg1-4+deb11u1_source.buildinfo
Files:
 1bae76800d2e1a6412a0107cb1eb5fc3 4388 admin optional salt_3002.6+dfsg1-4+deb11u1.dsc
 813049b20857cc6d35a25d79c9d6212c 10747760 admin optional salt_3002.6+dfsg1.orig.tar.xz
 84536cfba22d2f24cdfdb8c116eaebe4 76716 admin optional salt_3002.6+dfsg1-4+deb11u1.debian.tar.xz
 8e16fd366c604cbdd45d7e2fa5113ba7 7135 admin optional salt_3002.6+dfsg1-4+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmGW01ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkIYkP/R7vtFMYOn+aFq0tE6UiRuIgHU5DQ+35+gHy
5N+PsNkBMku18kTCoYzbLushWT6gSwTsACZCgvDpKr10qQyf0hmpiGVKWZ/PWEJn
k/9R3y16QswWgntAWgTQg5m0EuSq8LNMTzMt9Vag17snCQ1TqCa+Difyhm0kwB66
7vzXYZH22jmkCYEgGDzYFBBHxEjZ85Cdxvl41JLxZmHWb0eZjVAsfTL/KtCNUbuz
/hTbmHBY3xhpYfJX+YaMplQdteJTdJdUYS9MlxApAMp2OtNY0vqhGB5M59Z85Qe6
UZttJOp9ZzLKgfMzjAbt/Ka+nuUveu+gllo09Xkm3obK+WpWuGRwSp+Uo2s08n1/
4T9/GGz3urH1p6gF/pN+oBKZnX/QQorIg4ZmBANPmJ3+uoIEvQrCTU9DrpqY9fc3
vhoBvTmyLtN/EzWOr3DcK0mWrgdYkYdJKOEIAPypmHabR+FiumB+GNwYQcfjmmiF
xpmy2a779yUOzSvbXnhb2iP0kyiB7G82C2FAtaGX+sM4pywtc/NVtMQ3t/4Wo4eK
3X2PbJbsymiqJxjvxrmC+bm1D4yoJPcHQmkPoHMEeFF28Fs7yPpp4cSNTx/6OJwo
EMmqeTo20pS3Vw/bCl+OC3jLl1vc/9I8QgWao1WsYk1FladQ+BD5Y0GXoCRXTZOD
1lsQkUQ5
=ZFkh
-----END PGP SIGNATURE-----
News for package salt
