Graham Christensen 379144f54b salt: 2016.3.3 -> 2016.11.2 for multiple CVEs ... From the Arch Linux advisory: - CVE-2017-5192 (arbitrary code execution): The `LocalClient.cmd_batch()` method client does not accept `external_auth` credentials and so access to it from salt-api has been removed for now. This vulnerability allows code execution for already- authenticated users and is only in effect when running salt-api as the `root` user. - CVE-2017-5200 (arbitrary command execution): Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client. Users of Salt-API and salt-ssh could execute a command on the salt master via a hole when both systems were enabled.		2017-02-08 21:24:10 -05:00
..
analog	Bring my stdenv.lib.maintainers user name in line with my github nick.	2016-05-16 22:49:55 +02:00
awslogs	awslogs: init at 0.7	2016-12-06 10:56:54 +01:00
certbot	certbot: 0.6.0 -> 0.9.3	2016-12-21 12:04:56 +01:00
cli53	cli53: use python2	2016-10-18 23:16:07 +02:00
daemontools	treewide: Use explicit 'dev' references to glibc	2016-08-30 03:11:09 +03:00
dehydrated	Added package for dehydrated. (#19651)	2016-10-20 13:32:05 +02:00
google-cloud-sdk	google-cloud-sdk: 134.0.0 -> 138.0.0	2016-12-19 09:05:45 +01:00
gtk-vnc	gtk-vnc: 0.5.3 -> 0.6.0	2016-10-01 17:14:31 +02:00
lxd	buildGoPackage: deps.json -> deps.nix in NIXON	2016-09-16 00:04:55 +01:00
nxproxy	Add version attribute where maintainers |= nckx	2016-01-25 17:35:21 +01:00
salt	salt: 2016.3.3 -> 2016.11.2 for multiple CVEs	2017-02-08 21:24:10 -05:00
sec	use dontBuild instead of hacks	2016-05-04 10:11:04 +00:00
simp_le	simp_le: switch to zenhack/simp_le	2016-12-21 12:11:04 +01:00
tigervnc	tigervnc: 1.7.0 -> 1.7.1 for CVE-2017-5581	2017-02-03 07:34:25 -05:00
tightvnc	Use general hardening flag toggle lists	2016-03-05 18:55:26 +01:00