Oval Definition:oval:org.opensuse.security:def:68453
Revision Date:2020-12-01Version:1
Title:Security update for salt (Moderate)
Description:

This update for salt fixes the following issues:

- Avoid possible user escalation upgrading salt-master (bsc#1157465) (CVE-2019-18897) - Fix unit tests failures in test_batch_async tests - Batch Async: Handle exceptions, properly unregister and close instances after running async batching to avoid CPU starvation of the MWorkers (bsc#1162327) - RHEL/CentOS 8 uses platform-python instead of python3 - New configuration option for selection of grains in the minion start event. - Fix 'os_family' grain for Astra Linux Common Edition - Fix for salt-api NET API where unauthenticated attacker could run arbitrary code (CVE-2019-17361) (bsc#1162504) - Adds disabled parameter to mod_repo in aptpkg module Move token with atomic operation Bad API token files get deleted (bsc#1160931) - Support for Btrfs and XFS in parted and mkfs added - Adds list_downloaded for apt Module to enable pre-downloading support Adds virt.(pool|network)_get_xml functions - Various libvirt updates: * Add virt.pool_capabilities function * virt.pool_running improvements * Add virt.pool_deleted state * virt.network_define allow adding IP configuration - virt: adding kernel boot parameters to libvirt xml - Fix to scheduler when data['run'] does not exist (bsc#1159118) - Fix virt states to not fail on VMs already stopped - Fix applying of attributes for returner rawfile_json (bsc#1158940) - xfs: do not fail if type is not present (bsc#1153611) - Fix errors when running virt.get_hypervisor function - Align virt.full_info fixes with upstream Salt - Fix for log checking in x509 test - Read repo info without using interpolation (bsc#1135656) - Limiting M2Crypto to >= SLE15 - Replacing pycrypto with M2Crypto (bsc#1165425)
Family:unixClass:patch
Status:Reference(s):1135656
1153611
1157465
1158940
1159118
1160931
1162327
1162504
1165425
1166238
1173576
1173613
CVE-2019-17361
CVE-2019-18897
CVE-2020-12402
CVE-2020-12415
CVE-2020-12416
CVE-2020-12417
CVE-2020-12418
CVE-2020-12419
CVE-2020-12420
CVE-2020-12421
CVE-2020-12422
CVE-2020-12423
CVE-2020-12424
CVE-2020-12425
CVE-2020-12426
SUSE-SU-2020:0684-1
SUSE-SU-2020:1898-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • python3-salt-2019.2.0-6.24 is installed
  • OR salt-2019.2.0-6.24 is installed
  • OR salt-bash-completion-2019.2.0-6.24 is installed
  • OR salt-doc-2019.2.0-6.24 is installed
  • OR salt-minion-2019.2.0-6.24 is installed
  • OR salt-zsh-completion-2019.2.0-6.24 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-78.0.1-3.94 is installed
  • OR MozillaFirefox-branding-SLE-78-4.14 is installed
  • OR MozillaFirefox-devel-78.0.1-3.94 is installed
  • OR MozillaFirefox-translations-common-78.0.1-3.94 is installed
  • OR MozillaFirefox-translations-other-78.0.1-3.94 is installed
  • BACK