community/doc/Community-Message.pdf at master · saltstack/community · GitHub
SaltStack authorization bypass | WithSecure™ Labs
saltsatck漏洞风险
升级到最新版本3000.2修复此漏洞
CentOS
-
sudo rpm --import https://repo.saltstack.com/py3/redhat/8/x86_64/archive/3000.2/SALTSTACK-GPG-KEY.pub
-
[saltstack-repo] name=SaltStack repo for RHEL/CentOS $releasever PY3 baseurl=https://repo.saltstack.com/py3/redhat/$releasever/$basearch/archive/3000.2 enabled=1 gpgcheck=1 gpgkey=https://repo.saltstack.com/py3/redhat/$releasever/$basearch/archive/3000.2/SALTSTACK-GPG-KEY.pub
-
sudo yum clean expire-cache
-
sudo yum install salt-master
sudo yum install salt-minion
sudo yum install salt-ssh
sudo yum install salt-syndic
sudo yum install salt-cloud
sudo yum install salt-api
-
- (仅升级)重新启动所有升级的服务,例如:
-
sudo systemctl restart salt-minion