mirror of
https://github.com/valitydev/salt.git
synced 2024-11-07 00:55:19 +00:00
2015.5.10 release docs
This commit is contained in:
parent
0e66f678d4
commit
544a1661ce
@ -155,8 +155,8 @@ project = 'Salt'
|
||||
copyright = '2016 SaltStack, Inc.'
|
||||
|
||||
version = salt.version.__version__
|
||||
latest_release = '2015.8.7' # latest release
|
||||
previous_release = '2015.5.9' # latest release from previous branch
|
||||
latest_release = '2015.8.8' # latest release
|
||||
previous_release = '2015.5.10' # latest release from previous branch
|
||||
previous_release_dir = '2015.5' # path on web server for previous branch
|
||||
build_type = 'previous' # latest, previous, develop, inactive
|
||||
|
||||
|
@ -1,5 +1,21 @@
|
||||
==========================================
|
||||
Salt 2015.5.10 Release Notes (In Progress)
|
||||
==========================================
|
||||
============================
|
||||
Salt 2015.5.10 Release Notes
|
||||
============================
|
||||
|
||||
Security Fix
|
||||
============
|
||||
|
||||
CVE-2016-3176: Insecure configuration of PAM external authentication service
|
||||
|
||||
This issue affects all Salt versions prior to 2015.8.8/2015.5.10 when PAM
|
||||
:ref:`external authentication <acl-eauth>` is enabled. This issue involves
|
||||
passing an alternative PAM authentication service with a command that is sent
|
||||
to :ref:`LocalClient <local-client>`, enabling the attacker to bypass the
|
||||
configured authentication service. Thank you to Dylan Frese <dmfrese@gmail.com>
|
||||
for bringing this issue to our attention.
|
||||
|
||||
This update defines the PAM eAuth ``service`` that users authenticate against
|
||||
in the Salt Master configuration.
|
||||
|
||||
(No additional fixes are contained in this release).
|
||||
|
||||
In progress, not yet released.
|
||||
|
6
doc/topics/releases/2015.5.11.rst
Normal file
6
doc/topics/releases/2015.5.11.rst
Normal file
@ -0,0 +1,6 @@
|
||||
==========================================
|
||||
Salt 2015.5.11 Release Notes (In Progress)
|
||||
==========================================
|
||||
|
||||
In progress, not yet released.
|
||||
|
Loading…
Reference in New Issue
Block a user