Created attachment 211383 [details]
This patch updates sysutils/py-salt to 2019.2.3.
Version 2019.2.3 is a CVE-fix release for 2019.2.0.
With the Salt NetAPI enabled in addition to having a SSH roster defined, unauthenticated access is possible when specifying the client as SSH. Additionally, when the raw_shell option is specified any arbitrary command may be run on the Salt master when specifying SSH options.
Created attachment 211384 [details]
poudriere testport (amd64)
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/115294584