saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Changed current release to 8.1 and added CVEs to release notes

Browse source
This commit is contained in:
Jacob Hammons 2015-10-15 11:14:50 -06:00
parent 7e4058605d
commit 236992b2be
4 changed files with 32 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
doc/conf.py
View file

@ -164,8 +164,8 @@ project = 'Salt'
copyright = '2015 SaltStack, Inc.'
version = salt.version.__version__
latest_release = '2015.8.0' # latest release
previous_release = '2015.5.5' # latest release from previous branch
latest_release = '2015.8.1' # latest release
previous_release = '2015.5.6' # latest release from previous branch
previous_release_dir = '2015.5' # path on web server for previous branch
build_type = 'latest' # latest, previous, develop, inactive
@ -230,11 +230,11 @@ rst_prolog = """\
.. _`salt-packagers`: https://groups.google.com/forum/#!forum/salt-packagers
.. |windownload| raw:: html
<p>x86: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-3-x86-Setup.exe"><strong>Salt-Minion-{release}-3-x86-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-3-x86-Setup.exe.md5"><strong>md5</strong></a></p>
<p>x86: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe"><strong>Salt-Minion-{release}-x86-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-x86-Setup.exe.md5"><strong>md5</strong></a></p>
<p>AMD64: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-3-AMD64-Setup.exe"><strong>Salt-Minion-{release}-3-AMD64-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-3-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
<p>AMD64: <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe"><strong>Salt-Minion-{release}-AMD64-Setup.exe</strong></a>
| <a href="https://repo.saltstack.com/windows/Salt-Minion-{release}-AMD64-Setup.exe.md5"><strong>md5</strong></a></p>
""".format(release=release)

8
doc/topics/releases/2015.5.6.rst
View file

@ -5,6 +5,14 @@ Salt 2015.5.6 Release Notes
Version 2015.5.6 is a bugfix release for :doc:`2015.5.0
</topics/releases/2015.5.0>`.
Security Fixes
--------------
CVE-2015-6941 - ``win_useradd`` module and ``salt-cloud`` display passwords in debug log
Updated the ``win_useradd`` module return data to no longer include the password of the newly created user. The password is now replaced with the string ``XXX-REDACTED-XXX``.
Updated the Salt Cloud debug output to no longer display ``win_password`` and ``sudo_password`` authentication credentials.
Changes for v2015.5.5..v2015.5.6
--------------------------------

7
doc/topics/releases/2015.8.0.rst
View file

@ -248,6 +248,13 @@ Deprecations
- The use of ``delim`` was removed from the following functions in the ``match``
execution module: ``pillar_pcre``, ``pillar``, ``grain_pcre``,
Security Fixes
==============
CVE-2015-6918 - Git modules leaking HTTPS auth credentials to debug log
Updated the Git state and execution modules to no longer display HTTPS basic authentication credentials in loglevel debug output on the Salt master. These credentials are now replaced with ``REDACTED`` in the debug output. Thanks to Andreas Stieger <asteiger@suse.com> for bringing this to our attention.
Major Bug Fixes
===============

12
doc/topics/releases/2015.8.1.rst
View file

@ -5,7 +5,17 @@ Salt 2015.8.1 Release Notes
Version 2015.8.1 is a bugfix release for :doc:`2015.8.0
</topics/releases/2015.8.0>`.
Changes:
Security Fixes
--------------
CVE-2015-6941 - ``win_useradd`` module and ``salt-cloud`` display passwords in debug log
Updated the ``win_useradd`` module return data to no longer include the password of the newly created user. The password is now replaced with the string ``XXX-REDACTED-XXX``.
Updated the Salt Cloud debug output to no longer display ``win_password`` and ``sudo_password`` authentication credentials.
Also updated the Linode driver to no longer display authentication credentials in debug logs. These credentials are now replaced with ``REDACTED`` in the debug output.
Major Bug Fixes
---------------
- Add support for ``spm.d/*.conf`` configuration of SPM (:issue:`27010`)
- Fix ``proxy`` grains breakage for non-proxy minions (:issue:`27039`)