osc copypac from project:systemsmanagement:saltstack:testing package:salt revision:436

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement:saltstack/salt?expand=0&rev=198
2022-03-31 08:43:42 +00:00 · 2022-03-31 08:43:42 +00:00 · c40491e1e7
commit c40491e1e7
parent 4f7bbe4131
4 changed files with 2962 additions and 1 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-8fe3232b41facbf938d591053c0f457ba6b5e3dc
+d46259fd4b90be19c6c5a2b083157c26e3beb72b
--- a/fix-multiple-security-issues-bsc-1197417.patch
+++ b/fix-multiple-security-issues-bsc-1197417.patch
--- a/salt.changes
+++ b/salt.changes
@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Thu Mar 31 08:34:58 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
+
+- Fix multiple security issues (bsc#1197417)
+- * Sign authentication replies to prevent MiTM (CVE-2022-22935)
+- * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
+- * Prevent job and fileserver replays (CVE-2022-22936)
+- * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
+
+- Added:
+  * fix-multiple-security-issues-bsc-1197417.patch
+
 -------------------------------------------------------------------
 Mon Feb 28 15:05:32 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

--- a/salt.spec
+++ b/salt.spec
@ -290,6 +290,9 @@ Patch73:        add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
 Patch74:        prevent-shell-injection-via-pre_flight_script_args-4.patch
 ###############

+# PATCH-FIX_UPSTREAM: implemented at 3004.1 release (no PR)
+Patch75:       fix-multiple-security-issues-bsc-1197417.patch
+

 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  logrotate