Overview
Request 966053 accepted
- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)
* fix-state.orchestrate_single-to-not-pass-pillar-none.patch
- Renamed:
* patch_for_cve_bsc1197417.patch -> fix-multiple-security-issues-bsc-1197417.patch
- Fix multiple security issues (bsc#1197417)
* Sign authentication replies to prevent MiTM (CVE-2022-22935)
* Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
* Prevent job and fileserver replays (CVE-2022-22936)
* Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
* patch_for_cve_bsc1197417.patch
- Created by PSuarezHernandez
- In state accepted
- 4 package maintainers
Request History
PSuarezHernandez created request
- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)
* fix-state.orchestrate_single-to-not-pass-pillar-none.patch
- Renamed:
* patch_for_cve_bsc1197417.patch -> fix-multiple-security-issues-bsc-1197417.patch
- Fix multiple security issues (bsc#1197417)
* Sign authentication replies to prevent MiTM (CVE-2022-22935)
* Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
* Prevent job and fileserver replays (CVE-2022-22936)
* Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
* patch_for_cve_bsc1197417.patch
vzhestkov accepted request
Looks good
