SUSE-SU-2018:1757-1: moderate: Security update for salt
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Jun 19 13:41:02 MDT 2018
SUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1757-1
Rating: moderate
References: #1059291 #1061407 #1062464 #1064520 #1075950
#1079048 #1081592 #1087055 #1087278 #1087581
#1087891 #1088888 #1089112 #1089362 #1089526
#1090242 #1091371 #1092161 #1092373 #1094055
#1097174 #1097413
Cross-References: CVE-2017-14695 CVE-2017-14696
Affected Products:
SUSE Manager Tools 12
SUSE Manager Server 3.1
SUSE Manager Server 3.0
SUSE Manager Proxy 3.1
SUSE Manager Proxy 3.0
SUSE Linux Enterprise Point of Sale 12-SP2
SUSE Linux Enterprise Module for Advanced Systems Management 12
______________________________________________________________________________
An update that solves two vulnerabilities and has 20 fixes
is now available.
Description:
This update for salt provides version 2018.3 and brings many fixes and
improvements:
- Fix for sorting of multi-version packages (bsc#1097174 and bsc#1097413)
- Align SUSE salt-master.service 'LimitNOFILES' limit with upstream Salt
- Add 'other' attribute to GECOS fields to avoid inconsistencies with chfn
- Prevent zypper from parsing repo configuration from not .repo files
(bsc#1094055)
- Collect all versions of installed packages on SUSE and RHEL systems
(bsc#1089526)
- No more AWS EC2 rate limitations in salt-cloud. (bsc#1088888)
- MySQL returner now also allows to use Unix sockets. (bsc#1091371)
- Do not override jid on returners, only sending back to master.
(bsc#1092373)
- Remove minion/thin/version if exists to force thin regeneration.
(bsc#1092161)
- Fix minion scheduler to return a 'retcode' attribute. (bsc#1089112)
- Fix for logging during network interface querying. (bsc#1087581)
- Fix rhel packages requires both net-tools and iproute. (bsc#1087055)
- Fix patchinstall on yum module. Bad comparison. (bsc#1087278)
- Strip trailing commas on Linux user's GECOS fields. (bsc#1089362)
- Fallback to PyMySQL. (bsc#1087891)
- Fix for [Errno 0] Resolver Error 0 (no error). (bsc#1087581)
- Add python-2.6 support to salt-ssh.
- Make it possible to use docker login, pull and push from module.run and
detect errors.
- Fix unicode decode error with salt-ssh.
- Fix cp.push empty file. (bsc#1075950)
- Fix grains containing trailing "\n".
- Remove salt-minion python2 requirement when python3 is default.
(bsc#1081592)
- Restoring installation of packages for Rhel 6 and 7.
- Prevent queryformat pattern from expanding. (bsc#1079048)
- Fix for delete_deployment in Kubernetes module. (bsc#1059291)
- Fix bsc#1062464 and CVE-2017-14696 already included in 2017.7.2.
- Fix wrong version reported by Salt. (bsc#1061407)
- Run salt-api as user salt. (bsc#1064520)
For a detailed description, please refer to the upstream-changelog at
https://docs.saltstack.com/en/latest/topics/releases/index.html or to the
rpm-changelog.
supportutils-plugin-salt:
- Collect salt-api, salt-broker and salt-ssh log files (bsc#1090242)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Tools 12:
zypper in -t patch SUSE-SLE-Manager-Tools-12-2018-1157=1
- SUSE Manager Server 3.1:
zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-1157=1
- SUSE Manager Server 3.0:
zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-1157=1
- SUSE Manager Proxy 3.1:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.1-2018-1157=1
- SUSE Manager Proxy 3.0:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2018-1157=1
- SUSE Linux Enterprise Point of Sale 12-SP2:
zypper in -t patch SUSE-SLE-POS-12-SP2-2018-1157=1
- SUSE Linux Enterprise Module for Advanced Systems Management 12:
zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2018-1157=1
Package List:
- SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Manager Tools 12 (noarch):
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Server 3.1 (ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-cloud-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Manager Server 3.1 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Server 3.0 (s390x x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Manager Server 3.0 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.1 (ppc64le x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Manager Proxy 3.1 (noarch):
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.0 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.0 (x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-cloud-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
References:
https://www.suse.com/security/cve/CVE-2017-14695.html
https://www.suse.com/security/cve/CVE-2017-14696.html
https://bugzilla.suse.com/1059291
https://bugzilla.suse.com/1061407
https://bugzilla.suse.com/1062464
https://bugzilla.suse.com/1064520
https://bugzilla.suse.com/1075950
https://bugzilla.suse.com/1079048
https://bugzilla.suse.com/1081592
https://bugzilla.suse.com/1087055
https://bugzilla.suse.com/1087278
https://bugzilla.suse.com/1087581
https://bugzilla.suse.com/1087891
https://bugzilla.suse.com/1088888
https://bugzilla.suse.com/1089112
https://bugzilla.suse.com/1089362
https://bugzilla.suse.com/1089526
https://bugzilla.suse.com/1090242
https://bugzilla.suse.com/1091371
https://bugzilla.suse.com/1092161
https://bugzilla.suse.com/1092373
https://bugzilla.suse.com/1094055
https://bugzilla.suse.com/1097174
https://bugzilla.suse.com/1097413
More information about the sle-security-updates
mailing list