—
PYSEC-2017-34
Details
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://docs.saltstack.com/en/2015.8/ref/configuration/master.html#rotate-aes-key [WEB]
- http://www.openwall.com/lists/oss-security/2016/11/25/3 [WEB]
- http://www.openwall.com/lists/oss-security/2016/11/25/2 [WEB]
- http://www.securityfocus.com/bid/94553 [WEB]
- https://github.com/advisories/GHSA-hvmj-356c-gpf4 [ADVISORY]