Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 720056 (CVE-2020-11651, CVE-2020-11652) - <app-admin/salt-{2019.2.4,3000.2}: Multiple vulnerabilities (CVE-2020-{11651,11652})
Summary: <app-admin/salt-{2019.2.4,3000.2}: Multiple vulnerabilities (CVE-2020-{11651,...
Status: RESOLVED FIXED
Alias: CVE-2020-11651, CVE-2020-11652
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://docs.saltstack.com/en/latest/...
Whiteboard: ~2 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-30 04:48 UTC by Sam James
Modified: 2020-05-01 02:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester gentoo-dev Security 2020-04-30 04:48:25 UTC
1) CVE-2020-11651

Description:
"An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. These methods can be used to retrieve user tokens from the salt master and/or run arbitrary commands on salt minions."

2) CVE-2020-11652

Description:
"An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users."

Advisories:
https://docs.saltstack.com/en/latest/topics/releases/3000.2.html#security-fix
https://docs.saltstack.com/en/latest/topics/releases/2019.2.4.html#security-fix
Comment 1 Sam James archtester gentoo-dev Security 2020-04-30 04:49:03 UTC
@maintainer(s), please cleanup
Comment 2 Larry the Git Cow gentoo-dev 2020-04-30 17:58:22 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0209d23f9c0a4365b63f57d50cc664afdcf86da8

commit 0209d23f9c0a4365b63f57d50cc664afdcf86da8
Author:     Patrick McLean <patrick.mclean@sony.com>
AuthorDate: 2020-04-30 17:58:03 +0000
Commit:     Patrick McLean <chutzpah@gentoo.org>
CommitDate: 2020-04-30 17:58:03 +0000

    app-admin/salt: Clean out vunlerable versions (bug #720056)
    
    Bug: https://bugs.gentoo.org/720056
    Copyright: Sony Interactive Entertainment Inc.
    Package-Manager: Portage-2.3.99, Repoman-2.3.22
    Signed-off-by: Patrick McLean <chutzpah@gentoo.org>

 app-admin/salt/Manifest                            |   1 -
 ...salt-2018.3.2-skip-zeromq-test-that-hangs.patch |  79 -----------
 app-admin/salt/files/salt-2018.3.4-tests.patch     |  76 -----------
 app-admin/salt/salt-2018.3.4.ebuild                | 147 ---------------------
 4 files changed, 303 deletions(-)
Comment 3 Thomas Deutschmann gentoo-dev Security 2020-04-30 22:57:23 UTC
Repository is clean, all done!