SUSE-SU-2019:0882-1: moderate: Security update for Salt

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Apr 4 19:09:53 MDT 2019


   SUSE Security Update: Security update for Salt
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:0882-1
Rating:             moderate
References:         #1114029 #1122680 #1125015 
Cross-References:   CVE-2018-15750 CVE-2018-15751
Affected Products:
                    SUSE Manager Tools 15-BETA
______________________________________________________________________________

   An update that solves two vulnerabilities and has one
   errata is now available.

Description:


   This update fixes the following issues:

   salt:

   - Removing patch to add root paramet to zypper module
   - Patch modification due to offset caused by previous patch removal
   - Fix for -t parameter in mount module
   - Async batch implementation
   - Update to 2019.2 release
   - Add virt.volume_infos and virt.volume_delete functions
   - Bugfix: properly refresh pillars (bsc#1125015)
   - Removes version from python3 requirement completely
   - Alignment with Salt 2019.2.0 RC2 from upstream.
   - Update to 2019.2.0~rc2
   - Add virt.all_capabilities to return all host and domain capabilities at
     once
   - Don't call zypper with more than one --no-refresh (PR#51382)
   - Switch to better version nomenclature. Using ~ for the rc1 suffix.
   - Add "id_" and "force" to the whitelist of API check
   - Add metadata to accepted keyword arguments (bsc#1122680)
   - Fix "pkg.list_pkgs" output when using "attr" to take the arch into
     account (bsc#1114029)
   - Update Salt to 2019.2.0rc1


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Tools 15-BETA:

      zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2019-882=1



Package List:

   - SUSE Manager Tools 15-BETA (aarch64 ppc64le s390x x86_64):

      python2-salt-2019.2.0-8.3.3
      python3-salt-2019.2.0-8.3.3
      salt-2019.2.0-8.3.3
      salt-doc-2019.2.0-8.3.3
      salt-minion-2019.2.0-8.3.3

   - SUSE Manager Tools 15-BETA (noarch):

      salt-bash-completion-2019.2.0-8.3.3
      salt-zsh-completion-2019.2.0-8.3.3


References:

   https://www.suse.com/security/cve/CVE-2018-15750.html
   https://www.suse.com/security/cve/CVE-2018-15751.html
   https://bugzilla.suse.com/1114029
   https://bugzilla.suse.com/1122680
   https://bugzilla.suse.com/1125015



More information about the sle-security-updates mailing list