File fixes-cve-2018-15750-cve-2018-15751.patch of Package salt.21870
From 731a53bd241240e08c455a8cb3a59e4d65a6abb5 Mon Sep 17 00:00:00 2001
From: Erik Johnson <palehose@gmail.com>
Date: Fri, 24 Aug 2018 10:35:55 -0500
Subject: [PATCH] Fixes: CVE-2018-15750, CVE-2018-15751
Ensure that tokens are hex to avoid hanging/errors in cherrypy
Add empty token salt-api integration tests
Handle Auth exceptions in run_job
Update tornado test to correct authentication message
---
 salt/netapi/rest_cherrypy/app.py                  | 7 -------
 tests/integration/netapi/rest_tornado/test_app.py | 8 ++++++--
 2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/salt/netapi/rest_cherrypy/app.py b/salt/netapi/rest_cherrypy/app.py
index e7641ccbc5..5dfbadf759 100644
--- a/salt/netapi/rest_cherrypy/app.py
+++ b/salt/netapi/rest_cherrypy/app.py
@@ -1181,13 +1181,6 @@ class LowDataAdapter:
                 except (TypeError, ValueError):
                     raise cherrypy.HTTPError(401, "Invalid token")
 
-            if "token" in chunk:
-                # Make sure that auth token is hex
-                try:
-                    int(chunk["token"], 16)
-                except (TypeError, ValueError):
-                    raise cherrypy.HTTPError(401, "Invalid token")
-
             if client:
                 chunk["client"] = client
 
diff --git a/tests/integration/netapi/rest_tornado/test_app.py b/tests/integration/netapi/rest_tornado/test_app.py
index e3ad8820d3..4e5e741f1d 100644
--- a/tests/integration/netapi/rest_tornado/test_app.py
+++ b/tests/integration/netapi/rest_tornado/test_app.py
@@ -326,8 +326,12 @@ class TestSaltAPIHandler(_SaltnadoIntegrationTestCase):
         self.assertIn("jid", ret[0])  # the first 2 are regular returns
         self.assertIn("jid", ret[1])
         self.assertIn("Failed to authenticate", ret[2])  # bad auth
-        self.assertEqual(ret[0]["minions"], sorted(["minion", "sub_minion"]))
-        self.assertEqual(ret[1]["minions"], sorted(["minion", "sub_minion"]))
+        self.assertEqual(
+            ret[0]["minions"], sorted(["minion", "sub_minion", "localhost"])
+        )
+        self.assertEqual(
+            ret[1]["minions"], sorted(["minion", "sub_minion", "localhost"])
+        )
 
     @slowTest
     def test_simple_local_async_post_no_tgt(self):
-- 
2.29.2