FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

salt -- code execution

Affected packages
2015.8.0 <= py27-salt < 2015.8.4
2015.8.0 <= py32-salt < 2015.8.4
2015.8.0 <= py33-salt < 2015.8.4
2015.8.0 <= py34-salt < 2015.8.4
2015.8.0 <= py35-salt < 2015.8.4

Details

VuXML ID 0652005e-ca96-11e5-96d6-14dae9d210b8
Discovery 2016-01-25
Entry 2016-02-03

SaltStack reports:

Improper handling of clear messages on the minion, which could result in executing commands not sent by the master.

References

CVE Name CVE-2016-1866
URL https://docs.saltstack.com/en/latest/topics/releases/2015.8.4.html
URL https://github.com/saltstack/salt/pull/30613/files