FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

salt -- code execution

Affected packages
2015.8.0	<=	py27-salt	<	2015.8.4
2015.8.0	<=	py32-salt	<	2015.8.4
2015.8.0	<=	py33-salt	<	2015.8.4
2015.8.0	<=	py34-salt	<	2015.8.4
2015.8.0	<=	py35-salt	<	2015.8.4

Details

VuXML ID	0652005e-ca96-11e5-96d6-14dae9d210b8
Discovery	2016-01-25
Entry	2016-02-03

SaltStack reports:

Improper handling of clear messages on the minion, which could result in executing commands not sent by the master.

[source]

References

CVE Name	CVE-2016-1866
URL	https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
URL	https://github.com/saltstack/salt/pull/30613/files

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.