From ${URL} : We are pleased to announce the 2014.1.10 release of Salt. The release notes can be found here: http://docs.saltstack.com/en/latest/topics/releases/2014.1.10.html The sources are available on pypi: https://pypi.python.org/pypi/salt/2014.1.10 Salt 2014.1.10 fixes security issues documented by CVE-2014-3563: Insecure tmp-file creation in seed.py, salt-ssh, and salt-cloud. Upgrading is recommended. @maintainer(s): since the fixed version is already in the tree, please remove the affected versions.
CVE-2014-3563 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3563): Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.
Old versions are now removed from the tree.
(In reply to Patrick McLean from comment #2) > Old versions are now removed from the tree. Much appreciated, thanks. No stabilized versions, closing noglsa.
