+ setting for as long as it takes to resolve these issues in yourĭavmail - fix potential CVE-2014-3566 vulnerability (POODLE) davmail 4.6.0Įnhancements: Fix potential CVE-2014-3566 vulnerability. + also less secure, as it will allow shell injection vulnerabilities + will break, unless you pass python_shell=True to these calls.Īs a temporary workaround, you can set cmd_safe: False in your However, custom execution modules which use shellisms in cmd calls + use of cmd.run in jinja is also unaffected. Additionally, the cmd state module has been unaffected, and + been audited to fix any issues that might have arisen from this The largest side effect of this change is that "shellisms", such as + the commands will not be sent to an actual shell. + These functions now default to python_shell=False, which means that
+ modules, a change has been made to the various cmd module functions.
In order to fix potential shell injection vulnerabilities in salt
0 kommentar(er)
