-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 11 Dec 2017 12:21:41 +0100 Source: salt Binary: salt-common salt-master salt-minion salt-syndic salt-ssh salt-doc salt-cloud salt-api salt-proxy Architecture: source Version: 2016.11.8+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian Salt Team <pkg-salt-team@lists.alioth.debian.org> Changed-By: Ondřej Nový <onovy@debian.org> Description: salt-api - Generic, modular network access system salt-cloud - public cloud VM management system salt-common - shared libraries that salt requires for all packages salt-doc - additional documentation for salt, the distributed remote executi salt-master - remote manager to administer servers via salt salt-minion - client package for salt, the distributed remote execution system salt-proxy - Proxy client package for salt stack salt-ssh - remote manager to administer servers via Salt SSH salt-syndic - master-of-masters for salt, the distributed remote execution syst Closes: 869659 872399 879089 879090 Changes: salt (2016.11.8+dfsg1-1) unstable; urgency=medium . [ Ondřej Nový ] * New upstream release. Security fixies: - CVE-2017-12791: Directory traversal vulnerability on salt-master via crafted minion IDs (Closes: #872399) - CVE-2017-14695: Directory traversal vulnerability in minion id validation in SaltStack (Closes: #879089) - CVE-2017-14696: Remote Denial of Service with a specially crafted authentication request (Closes: #879090) * Remove patches applied upstream and rebase others * Add myself to uploaders * Bump debhelper compat level to 10 - Use dh_missing --fail-missing - New debhelper don't require to depend on dh-systemd - Don't pass --with-systemd to dh, it's default now * d/watch: Use https * Use Files-Excluded in d/copyright instead of own repack script * d/copyright: - Add myself for Debian part - Remove debian/repack * Deprecating priority extra as per policy 4.0.1 * Remove deprecated upstart configuration . [ Benjamin Drung ] * Add python-msgpack dependency to salt-common (Closes: #869659) Checksums-Sha1: 6197370c15cb5b0cb321f4f24dbafa185ef0258a 2777 salt_2016.11.8+dfsg1-1.dsc 5a71bae7a01c367c9107bf3741d0f1434eb1c9c6 8913118 salt_2016.11.8+dfsg1.orig.tar.gz f61d6bc07f1bc81d06088dac3b4ff94ecf0dfe28 29224 salt_2016.11.8+dfsg1-1.debian.tar.xz b3131aceaa79b9f80533504db3bf65e59dd9d8a7 9373 salt_2016.11.8+dfsg1-1_amd64.buildinfo Checksums-Sha256: da5a70acf6089d12f3840fbc88a2353bea5cd449fd9d0c3b9a698c3dad5936b3 2777 salt_2016.11.8+dfsg1-1.dsc 8231eb141966b2c354a0f1085f0fcfe4d5d426f33dc404fe443457b086bce041 8913118 salt_2016.11.8+dfsg1.orig.tar.gz 0cdc1e28aed5ad1da6e3acebf8750b2c1115a5c6f1d639040163e2d94db8ecb2 29224 salt_2016.11.8+dfsg1-1.debian.tar.xz 61c718b1015c0c4ae9bf86ae9be4c4b6575929d8dc5a45d66848eb25f888bca5 9373 salt_2016.11.8+dfsg1-1_amd64.buildinfo Files: fd0894952533363c387d645516d580ad 2777 admin optional salt_2016.11.8+dfsg1-1.dsc 933cf4f2af1c547b5a4c873bb64a25cb 8913118 admin optional salt_2016.11.8+dfsg1.orig.tar.gz 4df656ca080eaf526340de554deff559 29224 admin optional salt_2016.11.8+dfsg1-1.debian.tar.xz 745f7f02d2f3298fdeafff011362d6ab 9373 admin optional salt_2016.11.8+dfsg1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEPZg8UuuFmAxGpWCQNXMSVZ0eBksFAloubecACgkQNXMSVZ0e BkuKvRAAkwLI8z5ZNwVhm8Vc6HVTCiUuHfElym2/kv1XZ3NAkz8lyyMsmx1KtT8L idgvSBUZkOKR4ltLM/9N6bj8uez14G5e0teBvHuJLTZWEUdMZdkXFqwy7CNbGnwV DZ7IIrSr1YBuo579uLVRZb8B53N5dFUlp9g5hxKdwSY0TR+MUzKvYxDUj9tfs78C ja/hV2S8IZvBRFxQEwWRir+Q/dGGIRsjgzKNi5YVQiBnaEB6R2gz9IX1C2jz2tTH Wr2exa7YF4ll2//dn39miIIrLZNhzjgw/qkOmKruARpfAaY7Pn/PtZtgtFNaC7j7 gZrf6JZz7oiuLV2t+Al9r08Jz7iuFOlMrReMrLCmv92mUdse4hM11TSWcdv1Hgzr gRDemnSYUEn5xDwSsqjYWiHq1aVukpgZU1EMoC+oXU0sYaktGNpYkDsXDJty4+eR AbBSKTD1oNEzx8Ld+jW/BYhiw4f9ZMeFSeCg565wX+/SJ9HccERVDTNgsYfhwaEI d2FFGTTLEWFdXa7rG1YF+YjCBKo1BL9dCQ7rcXHyFpQcovAo7Fjlje96E1veL+Qw HrnTy+BL5Dj56DpCvMhoaHWcJEQS+4iizKRatzFImio0EFG888SCoAJ3Ad5vbyoi 1SPF29W5cAFmDJw3mko1mhv3HKVTcluvng6eDYDBFgZl5i8WhSs= =Ydz4 -----END PGP SIGNATURE-----