Salt 3005.5 Release Notes

Version 3005.5 is a CVE security fix release for 3005.

Security

  • Fix CVE-2024-22231 by preventing directory traversal when creating syndic cache directory on the master.

  • Fix CVE-2024-22232 Prevent directory traversal attacks in the master's serve_file method.

These vulnerablities were discovered and reported by: Yudi Zhao(Huawei Nebula Security Lab),Chenwei Jiang(Huawei Nebula Security Lab) (#565)

Generated on May 22, 2024 at 17:25:40 UTC.

You are viewing docs for the latest stable release, 3007.1. Switch to docs for the previous stable release, 3006.8, or to a recent doc build from the master branch.


saltproject.io

© 2024 VMware, Inc. | Privacy Policy