From ${URL} : Description Multiple vulnerabilities have been reported in Salt, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks and bypass certain security restrictions. 1) Certain input related to the ID of a connecting minion is not properly verified before being used to write files. This can be exploited to write files in arbitrary locations and e.g. bypass the manual validation of new unknown minions. 2) An error when generating RSA keys within the "gen_keys()" function in salt/crypt.py can be exploited to derive the private key and e.g. impersonate Salt masters or minions or disclose communications contents. The vulnerabilities #1 and #2 are reported in versions prior to 0.15.1. 3) Certain input related to the "ext_pillar" option is not properly sanitised before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands. This vulnerability is reported in versions 0.14.0 through 0.15.0. Solution: Update to version 0.15.1. Provided and/or discovered by: The vendor credits Ronald Volgers. Original Advisory: http://docs.saltstack.com/topics/releases/0.15.1.html @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Version 0.15.1 was added to the tree on May 11th. No need to stabilize as there are no stable versions of salt in the tree as of yet.
0.14.1 needs to be removed, I believe.
Ok, all versions lower that 0.15.3 have been removed from the tree.
All done, then.
