9 matches found
elita (>=0.60.0 <=0.64.1) potentially affected by CVE-2015-8034 via salt (=2014.1.10)
salt PYPI version =2014.1.10 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - elita =0.60.0, =0.64.1 Source cves: CVE-2015-8034 Source advisory: OSV:PYSEC-2017-32...
CVE-2015-8034
CVE-2015-8034 affects Salt before version 2015.8.3, where the state.sls function stores cache data with weak permissions, allowing local attackers to read sensitive information. Connected sources confirm the underlying issue and note remediation via upgrading to Salt 2015.8.3 or later. If upgradi...
CVE-2015-8034
Removed by vendor...
SUSE-SU-2016:1896-1 Security update for salt
salt was updated to fix one security issue. This security issue was fixed: - CVE-2015-8034: Prevent saving state.sls cache data to disk with insecure permissions bsc957914...
SUSE-SU-2016:1895-1 Security update for salt
salt was updated to fix one security issue. This security issue was fixed: - CVE-2015-8034: Prevent saving state.sls cache data to disk with insecure permissions bsc957914...
SUSE-SU-2016:1897-1 Security update for salt
salt was updated to fix one security issue. This security issue was fixed: - CVE-2015-8034: Prevent saving state.sls cache data to disk with insecure permissions bsc957914...
Fedora 22 : salt-2015.5.9-2.fc22 (2016-c1fd651bc0)
Updated dnf patch ---- Update to bugfix release 2015.5.9, patched with proper dnf support Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
FreeBSD : Salt -- information disclosure (e6b974ab-9d35-11e5-8f5c-002590263bf5)
Salt release notes report : CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions This affects users of the state.sls function. The state run cache on the minion was being created with incorrect permissions. This file could potentially contain sensitive data that was insert...
Salt -- information disclosure
Salt release notes report: CVE-2015-8034: Saving state.sls cache data to disk with insecure permissions This affects users of the state.sls function. The state run cache on the minion was being created with incorrect permissions. This file could potentially contain sensitive data that was inserte...