Oval Definition:oval:org.opensuse.security:def:74159
Revision Date:2020-12-01Version:1
Title:Security update for salt (Critical)
Description:

This update for salt fixes the following issues:

- Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846) - Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867) - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building for systemd OSes. - Drop wrong mock from chroot unit test. - Support systemd versions with dot. (bsc#1176294) - Fix for grains.test_core unit test. - Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024) - Several changes to virtualization: * Fix virt update when cpu and memory are changed. * Memory Tuning GSoC. * Properly fix memory setting regression in virt.update. * Expose libvirt on_reboot in virt states. - Support transactional systems (MicroOS). - zypperpkg module ignores retcode 104 for search(). (bsc#1159670) - Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987) - Invalidate file list cache when cache file modified time is in the future. (bsc#1176397) - Prevent import errors when running test_btrfs unit tests.
Family:unixClass:patch
Status:Reference(s):1082007
1082008
1082009
1082010
1082011
1082014
1082058
1087433
1087434
1087436
1087437
1087440
1087441
1112530
1112532
1130028
1130611
1130617
1130620
1130622
1130623
1130627
1133790
1159670
1175987
1176024
1176294
1176397
1177867
1178319
1178361
1178362
CVE-2017-17742
CVE-2018-1000073
CVE-2018-1000074
CVE-2018-1000075
CVE-2018-1000076
CVE-2018-1000077
CVE-2018-1000078
CVE-2018-1000079
CVE-2018-16395
CVE-2018-16396
CVE-2018-6914
CVE-2018-8777
CVE-2018-8778
CVE-2018-8779
CVE-2018-8780
CVE-2019-8320
CVE-2019-8321
CVE-2019-8322
CVE-2019-8323
CVE-2019-8324
CVE-2019-8325
CVE-2020-16846
CVE-2020-17490
CVE-2020-25592
openSUSE-SU-2019:1771-1
SUSE-SU-2020:3155-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise Module for Server Applications 15 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libruby2_5-2_5-2.5.5-lp151.4.3 is installed
  • OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed
  • OR ruby2.5-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-devel-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-doc-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed
  • OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • salt-3000-4.20 is installed
  • OR salt-api-3000-4.20 is installed
  • OR salt-cloud-3000-4.20 is installed
  • OR salt-fish-completion-3000-4.20 is installed
  • OR salt-master-3000-4.20 is installed
  • OR salt-proxy-3000-4.20 is installed
  • OR salt-ssh-3000-4.20 is installed
  • OR salt-standalone-formulas-configuration-3000-4.20 is installed
  • OR salt-syndic-3000-4.20 is installed
    • BACK