mirror of
https://github.com/saltstack/salt.git
synced 2025-04-16 09:40:20 +00:00
538 B
538 B
Salt 3005.5 Release Notes
Version 3005.5 is a CVE security fix release for 3005 <release-3005>.
Security
- Fix CVE-2024-22231 by preventing directory traversal when creating syndic cache directory on the master.
- Fix CVE-2024-22232 Prevent directory traversal attacks in the master's serve_file method.
These vulnerablities were discovered and reported by: Yudi Zhao(Huawei Nebula Security Lab),Chenwei Jiang(Huawei Nebula Security Lab) (#565)