saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fixes #30461

Browse source 
Credited Sebastian Kramer for finding CVE 2016-1866 in release notes
Added note about salt virt not working on KVM in a VM
This commit is contained in:
Jacob Hammons 2016-02-16 15:53:35 -07:00
parent 62d76902ce
commit 3c4f8215c3
3 changed files with 19 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
doc/topics/releases/2015.8.4.rst
View file

@ -18,9 +18,15 @@ This issue is resolved in the :ref:`2015.8.5 <2015.8.5>` release.
Security Fix
============
CVE-2016-1866: Improper handling of clear messages on the minion, which could result in executing commands not sent by the master.
CVE-2016-1866: Improper handling of clear messages on the minion, which could
result in executing commands not sent by the master.
This issue affects only the 2015.8.x releases of Salt. In order for an attacker to use this attack vector, they would have to execute a successful attack on an existing TCP connection between minion and master on the pub port. It does not allow an external attacker to obtain the shared secret or decrypt any encrypted traffic between minion and master.
This issue affects only the 2015.8.x releases of Salt. In order for an attacker
to use this attack vector, they would have to execute a successful attack on an
existing TCP connection between minion and master on the pub port. It does not
allow an external attacker to obtain the shared secret or decrypt any encrypted
traffic between minion and master. Thank you to Sebastian Krahmer
<krahmer@suse.com> for bringing this issue to our attention.
We recommend everyone upgrade to 2015.8.4 as soon as possible.

14
doc/topics/tutorials/salt_bootstrap.rst
View file

@ -19,21 +19,21 @@ Supported Operating Systems
---------------------------
- Amazon Linux 2012.09
- Arch
- CentOS 5/6
- Debian 6.x/7.x/8(git installations only)
- Fedora 17/18
- FreeBSD 9.1/9.2/10
- CentOS 5/6/7
- Debian 6/7/8
- Fedora 17/18/20/21/22
- FreeBSD 9.1/9.2/10/11
- Gentoo
- Linaro
- Linux Mint 13/14
- OpenSUSE 12.x
- OpenSUSE 12/13
- Oracle Linux 5/5
- Red Hat 5/6
- Red Hat Enterprise 5/6
- Scientific Linux 5/6
- SmartOS
- SuSE 11 SP1/11 SP2
- Ubuntu 10.x/11.x/12.x/13.04/13.10
- SUSE Linux Enterprise 11 SP1/11 SP2/11 SP3
- Ubuntu 10.x/11.x/12.x/13.x/14.x/15.04
- Elementary OS 0.2

4
doc/topics/virt/index.rst
View file

@ -27,6 +27,10 @@ the Salt Virt systems.
This project never took off, but was functional and proves the early
viability of Salt to be a cloud controller.
.. warning::
Salt Virt does not work with KVM that is running in a VM. KVM must be running
on the base hardware.
Salt Virt Tutorial
==================