Download
| Alert*
|
oval:org.secpod.oval:def:67427
The host is installed with SaltStack Salt before 2019.2.7 or 3000.x before 3000.4 and is prone to an authentication bypass vulnerability. A flaw exists exists within the application, which fails to properly handle improper validation of eauth credentials and tokens. Successful exploitation would all ... oval:org.secpod.oval:def:89045070 This update for salt fixes the following issues: Update to Salt release version 3002.2 - Check if dpkgnotify is executable - Drop support for Python2. Obsoletes `python2-salt` package - virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devi ... oval:org.secpod.oval:def:89050263 This update for salt fixes the following issues: - Avoid regression on "salt-master": set passphrase for salt-ssh keys to empty string - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.u ... oval:org.secpod.oval:def:69856 Several vulnerabilities were discovered in salt-common, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of salt-common SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the salt-common AP ... oval:org.secpod.oval:def:89050461 This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building ... oval:org.secpod.oval:def:89043927 This update fixes the following issues: salt: - Avoid regression on salt-master : set passphrase for salt-ssh keys to empty string - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user" - Ensure virt.updat ... oval:org.secpod.oval:def:119028 Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loads ... oval:org.secpod.oval:def:89043869 This update fixes the following issues: cobbler: - Fix parsing cobbler dictionary options with values containing = , e.g. kernel params containing = golang-github-wrouesnel-postgres_exporter: - Enable package building for ppc64le mgr-cfg: - Update package version to 4.2.0 mgr-custom-info: - Upda ... oval:org.secpod.oval:def:119015 Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loads ... oval:org.secpod.oval:def:89043833 This update fixes the following issues: cobbler: - Fix parsing cobbler dictionary options with values containing = , e.g. kernel params containing = mgr-daemon: - Update translation strings salt: - Properly validate eauth credentials and tokens on SSH calls made by Salt API spacecmd: - Python3 ... oval:org.secpod.oval:def:119021 Salt is a distributed remote execution system used to execute commands and query data. It was developed in order to bring the best solutions found in the world of remote execution together and make them better, faster and more malleable. Salt accomplishes this via its ability to handle larger loads ... oval:org.secpod.oval:def:89047235 This update for salt fixes the following issues: Update to Salt release version 3002.2 - Check if dpkgnotify is executable - Drop support for Python2. Obsoletes `python2-salt` package - virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devi ... oval:org.secpod.oval:def:605410 Several vulnerabilities were discovered in salt, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of Salt SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the Salt API using the SSH clien ... oval:org.secpod.oval:def:67400 The host is installed with SaltStack Salt before 2019.2.7 or 3000.x before 3000.4 and is prone to an authentication bypass vulnerability. A flaw exists exists within the application, which fails to properly handle improper validation of eauth credentials and tokens. Successful exploitation would all ... |
