Download
| Alert*
|
oval:org.secpod.oval:def:89043928
python3-salt is installed oval:org.secpod.oval:def:89048984 This update for salt fixes the following issues: * Update to Salt release version 3006.0 * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html * Add missing patch after rebase to fix collections Mapping issues * Add python3-looseversion as new dependency for salt * ... oval:org.secpod.oval:def:89048985 This update for salt fixes the following issues: * Update to Salt release version 3006.0 * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html * Add missing patch after rebase to fix collections Mapping issues * Add python3-looseversion as new dependency for salt * ... oval:org.secpod.oval:def:89048977 This update for salt fixes the following issues: salt: * Update to Salt release version 3006.0 * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html * Add missing patch after rebase to fix collections Mapping issues * Add python3-looseversion as new dependency for s ... oval:org.secpod.oval:def:89049026 This update for salt fixes the following issues: salt: * Update to Salt release version 3006.0 * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html * Add missing patch after rebase to fix collections Mapping issues * Add python3-looseversion as new dependency for s ... oval:org.secpod.oval:def:89050348 This update for salt fixes the following issues: - Avoid possible user escalation upgrading salt-master - Fix unit tests failures in test_batch_async tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU starvation of the MWorkers ... oval:org.secpod.oval:def:89046727 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM oval:org.secpod.oval:def:89047725 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM oval:org.secpod.oval:def:89046744 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could by used to bypass authentication when using PAM oval:org.secpod.oval:def:89047413 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass PAM authentication oval:org.secpod.oval:def:89047497 This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. - CVE-2022-22936: Prevent job and fileserver replays - CVE-2022-22941: Fixed targeting bug, especially visible when using synd ... oval:org.secpod.oval:def:89047277 This update for salt fixes the following issues: - CVE-2021-21996: Exclude the full path of a download URL to prevent injection of malicious code oval:org.secpod.oval:def:89050263 This update for salt fixes the following issues: - Avoid regression on "salt-master": set passphrase for salt-ssh keys to empty string - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.u ... oval:org.secpod.oval:def:89050461 This update for salt fixes the following issues: - Properly validate eauth credentials and tokens on SSH calls made by Salt API - Fix disk.blkid to avoid unexpected keyword argument "__pub_user". - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building ... oval:org.secpod.oval:def:89050400 This update for salt fixes the following issues: - Fix CVE-2020-11651 and CVE-2020-11652 oval:org.secpod.oval:def:89049635 This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api . - CVE-2018-15751: Fixed remote authentication bypass in salt-api that allows to execute arbitrary commands . Non-security issues fixed: - Improved handling ... oval:org.secpod.oval:def:89047235 This update for salt fixes the following issues: Update to Salt release version 3002.2 - Check if dpkgnotify is executable - Drop support for Python2. Obsoletes `python2-salt` package - virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devi ... oval:org.secpod.oval:def:89050337 This update for salt contains the following fixes: - Fix for TypeError in Tornado importer - Require python3-distro only for TW - Update to Salt version 3000: See release notes: https://docs.saltstack.com/en/latest/topics/releases/3000.html - Add docker.logout to docker execution module. - Add op ... oval:org.secpod.oval:def:89047151 This update for salt fixes the following issues: - Check if dpkgnotify is executable - Update to Salt release version 3002.2 - Drop support for Python2. Obsoletes `python2-salt` package - Fix issue parsing errors in ansiblegate state module - Prevent command injection in the snapper module - tra ... oval:org.secpod.oval:def:89049185 This update for salt fixes the following issues: Security fixes: * CVE-2023-28370: Fix an open redirect vulnerability in "StaticFileHandler" under certain configurations Bug fixes: * Prevent error loading "known_hosts" when "$HOME" is not set. * Fix ModuleNotFoundError and other issues raised by s ... oval:org.secpod.oval:def:89049186 This update for salt fixes the following issues: Security fixes: * CVE-2023-28370: Fix an open redirect vulnerability in "StaticFileHandler" under certain configurations Bug fixes: * Prevent error loading "known_hosts" when "$HOME" is not set * Fix ModuleNotFoundError and other issues raised by sa ... oval:org.secpod.oval:def:89049192 This update for salt fixes the following issues: Security fixes: * CVE-2023-28370: Fix an open redirect vulnerability in "StaticFileHandler" under certain configurations Bug fixes: * Prevent error loading "known_hosts" when "$HOME" is not set * Fix ModuleNotFoundError and other issues raised by sa ... oval:org.secpod.oval:def:89049190 This update for salt fixes the following issues: Security fixes: * CVE-2023-28370: Fix an open redirect vulnerability in "StaticFileHandler" under certain configurations Bug fixes: * Prevent error loading "known_hosts" when "$HOME" is not set * Fix ModuleNotFoundError and other issues raised by sa ... oval:org.secpod.oval:def:89049198 This update for salt fixes the following issues: Security fixes: * CVE-2023-28370: Fix an open redirect vulnerability in "StaticFileHandler" under certain configurations Bug fixes: * Prevent error loading "known_hosts" when "$HOME" is not set * Fix ModuleNotFoundError and other issues raised by sa ... oval:org.secpod.oval:def:89049748 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-20897: Fixed DOS in minion return. * CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. Bugs fixed: * Create minion_id with reproducible mtim ... oval:org.secpod.oval:def:89049743 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-20897: Fixed DOS in minion return. * CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. Bugs fixed: * Create minion_id with reproducible mtim ... oval:org.secpod.oval:def:3301828 Security update for salt oval:org.secpod.oval:def:89049738 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-20897: Fixed DOS in minion return. * CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. Bugs fixed: * Create minion_id with reproducible mtim ... oval:org.secpod.oval:def:89049653 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-20897: Fixed DOS in minion return. * CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. Bugs fixed: * Create minion_id with reproducible mtim ... oval:org.secpod.oval:def:89049752 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-20897: Fixed DOS in minion return. * CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. Bugs fixed: * Create minion_id with reproducible mtim ... oval:org.secpod.oval:def:3301857 Security update for salt oval:org.secpod.oval:def:3301449 Security update for salt oval:org.secpod.oval:def:89051084 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails * Use salt-call from salt bundle with transac ... oval:org.secpod.oval:def:89051085 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails * Use salt-call from salt bundle with transac ... oval:org.secpod.oval:def:89051087 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails * Use salt-call from salt bundle with transac ... oval:org.secpod.oval:def:89051086 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails * Use salt-call from salt bundle with transac ... oval:org.secpod.oval:def:89051088 This update for salt fixes the following issues: Security issues fixed: * CVE-2023-34049: arbitrary code execution via symlink attack Bugs fixed: * Fix optimization_order opt to prevent testsuite fails * Improve salt.utils.json.find_json to avoid fails * Use salt-call from salt bundle with transac ... oval:org.secpod.oval:def:3302369 Security update for salt oval:org.secpod.oval:def:3302404 Security update for salt oval:org.secpod.oval:def:89051557 This update for salt and python-pyzmq fixes the following issues: salt: * Update to Salt release version 3006.0 * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html * Add missing patch after rebase to fix collections Mapping issues * Add python3-looseversion as new ... oval:org.secpod.oval:def:89051470 This update for salt fixes the following issues: Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master * CVE-2024-22232: Prevent directory traversal attacks in the master"s serve_file method Bugs fixed: * Ensure that pillar refresh ... oval:org.secpod.oval:def:89051462 This update for salt fixes the following issues: Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master * CVE-2024-22232: Prevent directory traversal attacks in the master"s serve_file method Bugs fixed: * Ensure that pillar refresh ... oval:org.secpod.oval:def:89051469 This update for salt fixes the following issues: Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master * CVE-2024-22232: Prevent directory traversal attacks in the master"s serve_file method Bugs fixed: * Ensure that pillar refresh ... oval:org.secpod.oval:def:89051465 This update for salt fixes the following issues: Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master * CVE-2024-22232: Prevent directory traversal attacks in the master"s serve_file method Bugs fixed: * Ensure that pillar refresh ... oval:org.secpod.oval:def:89051463 This update for salt fixes the following issues: Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master * CVE-2024-22232: Prevent directory traversal attacks in the master"s serve_file method Bugs fixed: * Ensure that pillar refresh ... |
