CVE-2013-6617 Information

Description

The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges which makes it easier for remote attackers to gain privileges.

Reference

http://docs.saltstack.com/topics/releases/0.17.1.html