Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix insecure SQL queries in MySQL module #51462

Merged

Conversation

Projects
None yet
3 participants
@ShantonRU
Copy link
Contributor

commented Feb 1, 2019

All the details have been sent to security@saltstack.com.

@ShantonRU ShantonRU requested a review from saltstack/team-core as a code owner Feb 1, 2019

@ShantonRU ShantonRU changed the title Fix insecure sql queries in mysql module Fix insecure SQL queries in MySQL module Feb 1, 2019

@ShantonRU ShantonRU changed the base branch from develop to 2018.3.4 Feb 1, 2019

@garethgreenaway

This comment has been minimized.

Copy link
Member

commented Feb 1, 2019

@ShantonRU looks like there are some lint issues.

@ShantonRU

This comment has been minimized.

Copy link
Contributor Author

commented Feb 1, 2019

@garethgreenaway, as it was requested here i sent all details of security issue to security@saltstack.com.

@garethgreenaway

This comment has been minimized.

Copy link
Member

commented Feb 1, 2019

@ShantonRU yup! I saw that and we definitely appreciate the PR, but it looks like the lint test failed which means there are likely some coding standard violation. If you check the results of the test you should see what's wrong along with suggestions on fixing it.

@garethgreenaway

This comment has been minimized.

Copy link
Member

commented Feb 1, 2019

@ShantonRU looking closer it seems like it might not be a failure in your part. I'll attempt to rerun the tests.

@ShantonRU

This comment has been minimized.

Copy link
Contributor Author

commented Feb 1, 2019

@garethgreenaway, sorry, I read 'init issues' instead of 'lint issues' =)
Tests failed because i firstly made pull request to 'develop' branch instead of '2018.3.4' . Can you rerun tests please?

ShantonRU added some commits Feb 1, 2019

@dwoz

dwoz approved these changes Feb 1, 2019

@dwoz

This comment has been minimized.

Copy link
Contributor

commented Feb 1, 2019

@ShantonRU Thank you for the contribution.

@dwoz dwoz merged commit a05305d into saltstack:2018.3.4 Feb 1, 2019

9 checks passed

continuous-integration/jenkins/pr-merge This commit looks good
Details
jenkins/pr/docs The docs job has passed
Details
jenkins/pr/lint Python lint test has passed
Details
jenkins/pr/py2-centos-7 The py2-centos-7 job has passed
Details
jenkins/pr/py2-ubuntu-1604 The py2-ubuntu-1604 job has passed
Details
jenkins/pr/py2-windows-2016 The py2-windows-2016 job has passed
Details
jenkins/pr/py3-centos-7 The py3-centos-7 job has passed
Details
jenkins/pr/py3-ubuntu-1604 The py3-ubuntu-1604 job has passed
Details
jenkins/pr/py3-windows-2016 The py3-windows-2016 job has passed
Details
@ShantonRU

This comment has been minimized.

Copy link
Contributor Author

commented Feb 19, 2019

This issue has been assigned CVE-2019-1000033.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.