2017.7.8 Released - Security Advisory
254 views
Skip to first unread message
mwil...@saltstack.com
Oct 24, 2018, 11:40:45 AM10/24/18
to
We are pleased to announce the 2017.7.8 release of Salt!
Release notes can be found here:
https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
Instructions for installing the latest packages can be found here:
http://repo.saltstack.com
Sources are available on PyPI:
https://pypi.python.org/pypi/salt/2017.7.8
2017.7.8 is a security release. The following CVE's were fixed as part of this release:
CVE-2018-15751 Remote command execution and incorrect access control when using salt-api.
CVE-2018-15750 Directory traversal vulnerability when using salt-api. Allows an attacker to determine what files exist on a server when querying /run or /events.
NOTE: We are still currently continuing the following release tasks and will update here when they are completed: Building Docs for Release (This includes Release Notes) and Testing the Downloads of Live Packages.
Thank you, as always, for your contributions.
Release notes can be found here:
https://docs.saltstack.com/en/2017.7/topics/releases/2017.7.8.html
Instructions for installing the latest packages can be found here:
http://repo.saltstack.com
Sources are available on PyPI:
https://pypi.python.org/pypi/salt/2017.7.8
2017.7.8 is a security release. The following CVE's were fixed as part of this release:
CVE-2018-15751 Remote command execution and incorrect access control when using salt-api.
CVE-2018-15750 Directory traversal vulnerability when using salt-api. Allows an attacker to determine what files exist on a server when querying /run or /events.
NOTE: We are still currently continuing the following release tasks and will update here when they are completed: Building Docs for Release (This includes Release Notes) and Testing the Downloads of Live Packages.
Thank you, as always, for your contributions.
Megan Wilhite
Oct 24, 2018, 2:16:20 PM10/24/18
to Salt-users
All other release steps have been completed. Thank you for your patience.
Reply all
Reply to author
Forward
0 new messages