mirror of
https://github.com/saltstack/salt.git
synced 2025-04-17 10:10:20 +00:00
Merge branch '2018.3' into 49965_beacon_diskusage_windows
This commit is contained in:
Gareth J. Greenaway
GitHub
commit
1f0ab278f0
4 changed files with 29 additions and 8 deletions
|
|
@ -251,8 +251,8 @@ on_saltstack = 'SALT_ON_SALTSTACK' in os.environ
|
|||
project = 'Salt'
|
||||
|
||||
version = salt.version.__version__
|
||||
latest_release = '2018.3.2' # latest release
|
||||
previous_release = '2017.7.7' # latest release from previous branch
|
||||
latest_release = '2018.3.3' # latest release
|
||||
previous_release = '2017.7.8' # latest release from previous branch
|
||||
previous_release_dir = '2017.7' # path on web server for previous branch
|
||||
next_release = '' # next release
|
||||
next_release_dir = '' # path on web server for next release branch
|
||||
|
|
|
|||
15
doc/topics/releases/2016.11.10.rst
Normal file
15
doc/topics/releases/2016.11.10.rst
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
=============================
|
||||
Salt 2016.11.10 Release Notes
|
||||
=============================
|
||||
|
||||
Version 2016.11.10 is a security release for :ref:`2016.11.0 <release-2016-11-0>`.
|
||||
|
||||
Changes for v2016.11.9..v2016.11.10
|
||||
-----------------------------------
|
||||
|
||||
Security Fix
|
||||
============
|
||||
|
||||
CVE-2018-15751 Remote command execution and incorrect access control when using salt-api.
|
||||
|
||||
CVE-2018-15750 Directory traversal vulnerability when using salt-api. Allows an attacker to determine what files exist on a server when querying /run or /events.
|
||||
|
|
@ -1,9 +1,8 @@
|
|||
========================================
|
||||
In Progress: Salt 2018.3.3 Release Notes
|
||||
========================================
|
||||
===========================
|
||||
Salt 2018.3.3 Release Notes
|
||||
===========================
|
||||
|
||||
Version 2018.3.3 is an **unreleased** bugfix release for :ref:`2018.3.0 <release-2018-3-0>`.
|
||||
This release is still in progress and has not been released yet.
|
||||
Version 2018.3.3 is a security and bugfix release for :ref:`2018.3.0 <release-2018-3-0>`.
|
||||
|
||||
Statistics
|
||||
==========
|
||||
|
|
@ -44,6 +43,13 @@ Statistics
|
|||
- template: jinja
|
||||
- defaults: {{ mydict | tojson }}
|
||||
|
||||
Security Fix
|
||||
============
|
||||
|
||||
CVE-2018-15751 Remote command execution and incorrect access control when using salt-api.
|
||||
|
||||
CVE-2018-15750 Directory traversal vulnerability when using salt-api. Allows an attacker to determine what files exist on a server when querying /run or /events.
|
||||
|
||||
Changes to win_timezone
|
||||
=======================
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ mock>=2.0.0
|
|||
SaltPyLint>=v2017.3.6
|
||||
pytest>=3.5.0
|
||||
git+https://github.com/saltstack/pytest-salt.git@master#egg=pytest-salt
|
||||
testinfra>=1.7.0
|
||||
testinfra>=1.7.0,!=1.17.0
|
||||
|
||||
# httpretty Needs to be here for now even though it's a dependency of boto.
|
||||
# A pip install on a fresh system will decide to target httpretty 0.8.10 to
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue