leonardw
build(deps): bump salt from 2015.5.3 to 3003.5 in /spk/salt-master/src
Bumps salt from 2015.5.3 to 3003.5.
Release notes
Sourced from salt's releases.
v3003.5
No release notes provided.
v3003.4
No release notes provided.
v3003.3
No release notes provided.
v3003.2
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3003.1
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3003
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3002.9
No release notes provided.
v3002.8
No release notes provided.
v3002.7
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3002.6
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3002.5
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
v3002.4
WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information.
Official Salt packages can be found at https://repo.saltproject.io/
... (truncated)
Changelog
Sourced from salt's changelog.
Salt 3003.5 (2022-07-05)
Fixed
- Update Markup and contextfunction imports for jinja versions >=3.1. (#61848)
- Fix bug in tcp transport (#61865)
- Make sure the correct key is being used when verifying or validating communication, eg. when a Salt syndic is involved use syndic_master.pub and when a Salt minion is involved use minion_master.pub. (#61868)
Security
- Fixed PAM auth to reject auth attempt if user account is locked. (cve-2022-22967)
Salt 3003.4 (2022-02-25)
Security
- Sign authentication replies to prevent MiTM (cve-2022-22935)
- Prevent job and fileserver replays (cve-2022-22936)
- Sign pillar data to prevent MiTM attacks. (cve-2202-22934)
- Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941) (#60413)
- Fix denial of service in junos ifconfig output parsing.
Salt 3003.3 (2021-08-20)
Fixed
- Fix issue introduced in saltstack/salt#59648 (#60046)
Security
- Verify the owner of an existing config before trusting it during install. If the owner cannot be verified, back it up and use defaults. (CVE-2021-22004)
- Ensure that sourced file is cached using its hash name (cve-2021-21996)
Salt 3003.2 (2021-07-29)
Fixed
... (truncated)
Commits
3fa1e4cMerge pull request #460 from Ch3LL/docs_3003.5683b21bUpdate release notes and man pages for 3003.588e9b86Merge pull request #319 from saltstack/issue/3003.5/6186540478bcFix tests on MacOS58d5517Fix the test_zeromq_filtering testfe9fb01Fix bug in tcp transport3d53101Merge pull request #305 from saltstack/cve/3003.4-pam-auth-fix08acb9bpre-commit fixes42bbee0Skip PAM auth tests on Windows124a6f0rewrite hook changes- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}