swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-21 04:49:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/pkgs
History
Graham Christensen 379144f54b
salt: 2016.3.3 -> 2016.11.2 for multiple CVEs 
From the Arch Linux advisory:

- CVE-2017-5192 (arbitrary code execution): The
  `LocalClient.cmd_batch()` method client does not accept
  `external_auth` credentials and so access to it from salt-api has
  been removed for now. This vulnerability allows code execution for
  already- authenticated users and is only in effect when running
  salt-api as the `root` user.

- CVE-2017-5200 (arbitrary command execution): Salt-api allows
  arbitrary command execution on a salt-master via Salt's ssh_client.
  Users of Salt-API and salt-ssh could execute a command on the salt
  master via a hole when both systems were enabled.
2017-02-08 21:24:10 -05:00
..
applications digikam5: 5.3.0 -> 5.4.0 2017-02-08 15:41:33 +01:00
build-support samba: Fix URL 2017-02-07 20:23:56 +01:00
data liberastika: init at 1.1.5 (#22420) 2017-02-04 16:38:01 +01:00
desktops gnome-vfs: Drop unused Samba dependency 2017-02-07 20:23:42 +01:00
development pythonPackages.searx: 0.10.0 -> 0.11.0 2017-02-08 23:51:02 +01:00
games Merge branch 'staging' 2017-02-04 21:02:46 +01:00
misc electricsheep: 2.7b33-598d93d90 -> 2.7b33-2017-02-04 2017-02-08 23:51:02 +01:00
os-specific autofs: Some cleanup 2017-02-09 02:50:48 +02:00
servers rabbitmq: 3.5.8 -> 3.6.6 2017-02-09 00:12:49 +01:00
shells bash-completion: 2.4 -> 2.5 2017-02-06 21:59:10 +01:00
stdenv Merge pull request #22387 from Ericson2314/cross-3-platforms 2017-02-05 17:41:31 -05:00
test
tools salt: 2016.3.3 -> 2016.11.2 for multiple CVEs 2017-02-08 21:24:10 -05:00
top-level pythonPackages.twitter-common-*: add meta 2017-02-08 18:24:59 -05:00