Skip to content

Commit 25997bc

Browse files
author
Erwin Dondorp
committed
updated CVE information
1 parent 4131979 commit 25997bc

2 files changed

Lines changed: 56 additions & 1 deletion

File tree

.github/ISSUE_TEMPLATE/add_release.md

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
---
2+
name: Add SALT release
3+
about: Add SALT release to the SaltGUI code
4+
title: Add SALT release 30xx.yy
5+
labels: enhancement
6+
assignees: erwindon
7+
8+
---
9+
10+
File https://github.com/erwindon/SaltGUI/blob/master/saltgui/static/scripts/panels/Minions.js contains a list of known CVEs.
11+
SaltGUI warns for these vulnerabilities when they still apply for the Salt Master or any of the Salt Minions.
12+
The list ends with a statement on which SALT versions are already supported.
13+
The release that you are reporting now must be newer than that.
14+
When multiple releases are missing, create a separate issue for each.
15+
16+
Note that we do not register Release Candidates.
17+
18+
**Which release is missing**
19+
SALT version 30xx.yy: https://docs.saltproject.io/en/30xx/topics/releases/30xx.yy.html
20+
21+
**Describe the solution you'd like**
22+
Update list with new CVEs (if any).
23+
Update the text just below `ADD_RELEASE` in file `saltgui/static/scripts/panels/Minions.js`.
24+
25+
**Additional context**
26+
Add any other context or screenshots about the request here.

saltgui/static/scripts/panels/Minions.js

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -576,6 +576,20 @@ export class MinionsPanel extends Panel {
576576
["CVE-2024-38825", MASTER + MINION, ["3006", "1[0-1]"]],
577577
["CVE-2024-38825", MASTER + MINION, ["3007", "[0-3]"]],
578578

579+
["CVE-2025-6965", MASTER + MINION, ["3006", "[0-9]"]],
580+
["CVE-2025-6965", MASTER + MINION, ["3006", "1[0-4]"]],
581+
["CVE-2025-6965", MASTER + MINION, ["3007", "[0-6]"]],
582+
583+
["CVE-2023-13836", MASTER + MINION, ["3006", "[0-9]"]],
584+
["CVE-2023-13836", MASTER + MINION, ["3006", "1[0-8]"]],
585+
["CVE-2023-13836", MASTER + MINION, ["3007", "[0-9]"]],
586+
["CVE-2023-13836", MASTER + MINION, ["3007", "10"]],
587+
588+
["CVE-2025-15467", MASTER + MINION, ["3006", "[0-9]"]],
589+
["CVE-2025-15467", MASTER + MINION, ["3006", "1[0-9]"]],
590+
["CVE-2025-15467", MASTER + MINION, ["3007", "[0-9]"]],
591+
["CVE-2025-15467", MASTER + MINION, ["3007", "1[0-1]"]],
592+
579593
["CVE-2025-22236", MINION, ["3006", "[0-9]"]],
580594
["CVE-2025-22236", MINION, ["3006", "1[0-1]"]],
581595
["CVE-2025-22236", MINION, ["3007", "[0-3]"]],
@@ -599,9 +613,24 @@ export class MinionsPanel extends Panel {
599613
["CVE-2025-22241", MASTER + MINION, ["3006", "[0-9]"]],
600614
["CVE-2025-22241", MASTER + MINION, ["3006", "1[0-1]"]],
601615
["CVE-2025-22241", MASTER + MINION, ["3007", "[0-3]"]],
616+
617+
["CVE-2023-28370", MASTER + MINION, ["3006", "[0-9]"]],
618+
["CVE-2023-28370", MASTER + MINION, ["3006", "1[0-7]"]],
619+
["CVE-2023-28370", MASTER + MINION, ["3007", "[0-9]"]],
620+
621+
["CVE-2025-62348", MASTER + MINION, ["3006", "[0-9]"]],
622+
["CVE-2025-62348", MASTER + MINION, ["3006", "1[0-6]"]],
623+
["CVE-2025-62348", MASTER + MINION, ["3007", "[0-8]"]],
624+
625+
["CVE-2025-62349", MASTER + MINION, ["3006", "[0-9]"]],
626+
["CVE-2025-62349", MASTER + MINION, ["3006", "1[0-6]"]],
627+
["CVE-2025-62349", MASTER + MINION, ["3007", "[0-8]"]],
602628
];
603629

604-
// the above table is up-to-date until (including) 3006.13 and 3007.5
630+
// ADD_RELEASE
631+
// the above table is up-to-date until (including) 3006.20 and 3007.13
632+
// please file an issue for SaltGUI when a saltstack version newer than that exists
633+
// https://github.com/erwindon/SaltGUI/issues/new?template=add_release.md
605634
}
606635

607636
static _getCveBugs (pVersion, pNodeType) {

0 commit comments

Comments
 (0)