Oval Definition:	oval:org.opensuse.security:def:1653
Revision Date: 2022-03-30 Version: 1 Title: Security update for salt (Important) Description: This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM (bsc#1197417) - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. (bsc#1197417) - CVE-2022-22936: Prevent job and fileserver replays (bsc#1197417) - CVE-2022-22941: Fixed targeting bug, especially visible when using syndic and user auth. (bsc#1197417) Family: unix Class: patch Status: Reference(s): 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786 1169936 1197417 CVE-2010-2529 CVE-2016-8659 CVE-2017-15298 CVE-2017-15298 CVE-2017-5226 CVE-2018-11233 CVE-2018-11233 CVE-2018-11235 CVE-2018-11235 CVE-2018-17456 CVE-2018-17456 CVE-2019-10063 CVE-2019-1348 CVE-2019-1348 CVE-2019-1349 CVE-2019-1349 CVE-2019-1350 CVE-2019-1350 CVE-2019-1351 CVE-2019-1351 CVE-2019-1352 CVE-2019-1352 CVE-2019-1353 CVE-2019-1353 CVE-2019-1354 CVE-2019-1354 CVE-2019-1387 CVE-2019-1387 CVE-2019-19604 CVE-2019-19604 CVE-2019-5736 CVE-2020-11008 CVE-2020-11008 CVE-2020-5260 CVE-2020-5260 CVE-2021-21261 CVE-2022-22934 CVE-2022-22935 CVE-2022-22936 CVE-2022-22941 SUSE-SU-2020:1121-1 SUSE-SU-2022:1059-1 Platform(s): SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for CAP 15 SP1 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP3 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP3 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Storage 7.1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2 Product(s): Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information krb5-mini-1.12.1-28.1 is installed OR krb5-mini-devel-1.12.1-28.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libecpg6-9.4.5-4 is installed OR libpq5-9.4.5-4 is installed OR libpq5-32bit-9.4.5-4 is installed OR postgresql94-9.4.5-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP3 is installed AND Package Information flatpak-1.10.2-4.6.1 is installed OR flatpak-devel-1.10.2-4.6.1 is installed OR flatpak-zsh-completion-1.10.2-4.6.1 is installed OR libflatpak0-1.10.2-4.6.1 is installed OR system-user-flatpak-1.10.2-4.6.1 is installed OR typelib-1_0-Flatpak-1_0-1.10.2-4.6.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.3 is installed OR dlm-kmp-default-4.12.14-25.3 is installed OR gfs2-kmp-default-4.12.14-25.3 is installed OR kernel-default-4.12.14-25.3 is installed OR ocfs2-kmp-default-4.12.14-25.3 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information graphviz-addons-2.40.1-6.3 is installed OR graphviz-gd-2.40.1-6.3 is installed OR graphviz-python-2.40.1-6.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed OR SUSE Linux Enterprise Storage 7.1 is installed OR SUSE Manager Proxy 4.2 is installed OR SUSE Manager Retail Branch Server 4.2 is installed OR SUSE Manager Server 4.2 is installed AND Package Information salt-api-3002.2-150300.53.10.1 is installed OR salt-cloud-3002.2-150300.53.10.1 is installed OR salt-fish-completion-3002.2-150300.53.10.1 is installed OR salt-master-3002.2-150300.53.10.1 is installed OR salt-proxy-3002.2-150300.53.10.1 is installed OR salt-ssh-3002.2-150300.53.10.1 is installed OR salt-standalone-formulas-configuration-3002.2-150300.53.10.1 is installed OR salt-syndic-3002.2-150300.53.10.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information git-2.26.1-3.25 is installed OR git-core-2.26.1-3.25 is installed Definition Synopsis SUSE Linux Enterprise Module for CAP 15 SP1 is installed AND cf-cli-6.43.0-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 is installed AND Package Information containerd-1.2.5-5.13 is installed OR docker-18.09.6_ce-6.17 is installed OR docker-bash-completion-18.09.6_ce-6.17 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information containerd-1.2.5-5.13 is installed OR docker-18.09.6_ce-6.17 is installed OR docker-bash-completion-18.09.6_ce-6.17 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-6.18 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-4.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information wireshark-2.4.7-3.3 is installed OR wireshark-devel-2.4.7-3.3 is installed OR wireshark-ui-qt-2.4.7-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information gvim-8.0.1568-5.3 is installed OR vim-8.0.1568-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 is installed AND Package Information ImageMagick-7.0.7.34-3.9 is installed OR perl-PerlMagick-7.0.7.34-3.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information libsystemd0-mini-234-24.15 is installed OR libudev-mini-devel-234-24.15 is installed OR libudev-mini1-234-24.15 is installed OR nss-myhostname-234-24.15 is installed OR nss-mymachines-234-24.15 is installed OR nss-systemd-234-24.15 is installed OR systemd-234-24.15 is installed OR systemd-logger-234-24.15 is installed OR systemd-mini-234-24.15 is installed OR systemd-mini-bash-completion-234-24.15 is installed OR systemd-mini-container-mini-234-24.15 is installed OR systemd-mini-coredump-mini-234-24.15 is installed OR systemd-mini-devel-234-24.15 is installed OR systemd-mini-sysvinit-234-24.15 is installed OR udev-mini-234-24.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND rarpd-s20161105-6 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information apache2-mod_php7-7.2.5-4.40 is installed OR php7-7.2.5-4.40 is installed OR php7-bcmath-7.2.5-4.40 is installed OR php7-bz2-7.2.5-4.40 is installed OR php7-calendar-7.2.5-4.40 is installed OR php7-ctype-7.2.5-4.40 is installed OR php7-curl-7.2.5-4.40 is installed OR php7-dba-7.2.5-4.40 is installed OR php7-devel-7.2.5-4.40 is installed OR php7-dom-7.2.5-4.40 is installed OR php7-enchant-7.2.5-4.40 is installed OR php7-exif-7.2.5-4.40 is installed OR php7-fastcgi-7.2.5-4.40 is installed OR php7-fileinfo-7.2.5-4.40 is installed OR php7-fpm-7.2.5-4.40 is installed OR php7-ftp-7.2.5-4.40 is installed OR php7-gd-7.2.5-4.40 is installed OR php7-gettext-7.2.5-4.40 is installed OR php7-gmp-7.2.5-4.40 is installed OR php7-iconv-7.2.5-4.40 is installed OR php7-intl-7.2.5-4.40 is installed OR php7-json-7.2.5-4.40 is installed OR php7-ldap-7.2.5-4.40 is installed OR php7-mbstring-7.2.5-4.40 is installed OR php7-mysql-7.2.5-4.40 is installed OR php7-odbc-7.2.5-4.40 is installed OR php7-opcache-7.2.5-4.40 is installed OR php7-openssl-7.2.5-4.40 is installed OR php7-pcntl-7.2.5-4.40 is installed OR php7-pdo-7.2.5-4.40 is installed OR php7-pear-7.2.5-4.40 is installed OR php7-pear-Archive_Tar-7.2.5-4.40 is installed OR php7-pgsql-7.2.5-4.40 is installed OR php7-phar-7.2.5-4.40 is installed OR php7-posix-7.2.5-4.40 is installed OR php7-shmop-7.2.5-4.40 is installed OR php7-snmp-7.2.5-4.40 is installed OR php7-soap-7.2.5-4.40 is installed OR php7-sockets-7.2.5-4.40 is installed OR php7-sqlite-7.2.5-4.40 is installed OR php7-sysvmsg-7.2.5-4.40 is installed OR php7-sysvsem-7.2.5-4.40 is installed OR php7-sysvshm-7.2.5-4.40 is installed OR php7-tokenizer-7.2.5-4.40 is installed OR php7-wddx-7.2.5-4.40 is installed OR php7-xmlreader-7.2.5-4.40 is installed OR php7-xmlrpc-7.2.5-4.40 is installed OR php7-xmlwriter-7.2.5-4.40 is installed OR php7-xsl-7.2.5-4.40 is installed OR php7-zip-7.2.5-4.40 is installed OR php7-zlib-7.2.5-4.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND squashfs-4.3-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6.2 is installed OR m4-1.4.16-15.74 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information bash-4.3-78.39 is installed OR bash-doc-4.3-78.39 is installed OR libreadline6-6.3-78.39 is installed OR readline-doc-6.3-78.39 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND cyrus-sasl-devel-2.1.26-7.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information libqt4-sql-mysql-32bit-4.8.6-4.1 is installed OR libqt4-sql-postgresql-4.8.6-4.1 is installed OR libqt4-sql-postgresql-32bit-4.8.6-4.1 is installed OR libqt4-sql-sqlite-32bit-4.8.6-4.2 is installed OR libqt4-sql-unixODBC-4.8.6-4.1 is installed OR libqt4-sql-unixODBC-32bit-4.8.6-4.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information xorg-x11-server-1.19.6-8.3 is installed OR xorg-x11-server-wayland-1.19.6-8.3 is installed
BACK