CVE-2020-17490 Information

Description

The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.

Reference

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html https://docs.saltstack.com/en/latest/topics/releases/index.htmllatest-branch-release https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/ https://security.gentoo.org/glsa/202011-13 https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/