SUSE-SU-2020:14402-1: moderate: Security Beta update for SUSE Manager Client Tools

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jun 23 10:19:24 MDT 2020


   SUSE Security Update: Security Beta update for SUSE Manager Client Tools
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:14402-1
Rating:             moderate
References:         #1002529 #1003449 #1004047 #1004260 #1004723 
                    #1008933 #1011304 #1011800 #1012398 #1012999 
                    #1013876 #1013938 #1015882 #1017078 #1019386 
                    #1020831 #1022562 #1022841 #1023535 #1024406 
                    #1025896 #1027044 #1027240 #1027426 #1027722 
                    #1030009 #1030073 #1032213 #1032452 #1032931 
                    #1035914 #1036125 #1038855 #1039370 #1040886 
                    #1041993 #1042749 #1043111 #1044719 #1050003 
                    #1051948 #1052264 #1053376 #1053955 #1057635 
                    #1059291 #1059758 #1060230 #1061407 #1062462 
                    #1062464 #1063419 #1064520 #1065792 #1068446 
                    #1068566 #1070372 #1071322 #1072599 #1075950 
                    #1076578 #1079048 #1080290 #1081151 #1081592 
                    #1083294 #1085667 #1087055 #1087278 #1087581 
                    #1087891 #1088070 #1088888 #1089112 #1089362 
                    #1089526 #1091371 #1092161 #1092373 #1094055 
                    #1094190 #1095507 #1095651 #1095942 #1096514 
                    #1097174 #1097413 #1098394 #1099323 #1099460 
                    #1099887 #1099945 #1100142 #1100225 #1100697 
                    #1101780 #1101812 #1101880 #1102013 #1102218 
                    #1102265 #1102819 #1103090 #1103530 #1103696 
                    #1104034 #1104154 #1104491 #1106164 #1107333 
                    #1108557 #1108834 #1108969 #1108995 #1109023 
                    #1109893 #1110938 #1111542 #1112874 #1113698 
                    #1113699 #1113784 #1114029 #1114197 #1114474 
                    #1114824 #1116343 #1116837 #1117995 #1121091 
                    #1121439 #1122663 #1122680 #1123044 #1123512 
                    #1123865 #1124277 #1125015 #1125610 #1125744 
                    #1127389 #1128061 #1128554 #1129079 #1129243 
                    #1130077 #1130588 #1130784 #1131114 #1132076 
                    #1133523 #1133647 #1134860 #1135360 #1135507 
                    #1135567 #1135732 #1135881 #1137642 #1138454 
                    #1139761 #1140193 #1140912 #1143301 #1146192 
                    #1146382 #1148311 #1148714 #1150447 #1151650 
                    #1151947 #1152366 #1153090 #1153277 #1153611 
                    #1154620 #1154940 #1155372 #1157465 #1157479 
                    #1158441 #1159284 #1162327 #1162504 #1163871 
                    #1163981 #1165425 #1165572 #1167437 #1167556 
                    #1168340 #1169604 #1169800 #1170104 #1170288 
                    #1170595 #1171687 #1171906 #1172075 #1173072 
                    #769106 #769108 #776615 #849184 #849204 #849205 
                    #879904 #887879 #889605 #892707 #902494 #908849 
                    #926318 #932288 #945380 #948245 #955373 #958350 
                    #959572 #963322 #965403 #967803 #969320 #970669 
                    #971372 #972311 #972490 #975093 #975303 #975306 
                    #975733 #975757 #976148 #977264 #978150 #978833 
                    #979448 #979676 #980313 #983017 #983512 #985112 
                    #985661 #986019 #987798 #988506 #989193 #989798 
                    #990029 #990439 #990440 #991048 #993039 #993549 
                    #996455 #999852 
Cross-References:   CVE-2016-1866 CVE-2016-9639 CVE-2017-12791
                    CVE-2017-14695 CVE-2017-14696 CVE-2018-15750
                    CVE-2018-15751 CVE-2019-17361 CVE-2019-18897
                    CVE-2020-11651 CVE-2020-11652
Affected Products:
                    SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 245 fixes
   is now available.

Description:


   This update fixes the following issues:

   salt:

   - Require python3-distro only for TW (bsc#1173072)
   - Various virt backports from 3000.2
   - Avoid traceback on debug logging for swarm module (bsc#1172075)
   - Add publish_batch to ClearFuncs exposed methods
   - Zypperpkg: filter patterns that start with dot (bsc#1171906)
   - Batch mode now also correctly provides return value (bsc#1168340)
   - Add docker.logout to docker execution module (bsc#1165572)
   - Testsuite fix
   - Add option to enable/disable force refresh for zypper
   - Python3.8 compatibility changes
   - Prevent sporious "salt-api" stuck processes when managing SSH minions
     because of logging deadlock (bsc#1159284)
   - Avoid segfault from "salt-api" under certain conditions of heavy load
     managing SSH minions (bsc#1169604)
   - Revert broken changes to slspath made on Salt 3000
     (saltstack/salt#56341) (bsc#1170104)
   - Returns a the list of IPs filtered by the optional network list
   - Fix CVE-2020-11651 and CVE-2020-11652 (bsc#1170595)
   - Do not require vendored backports-abc (bsc#1170288)
   - Fix partition.mkpart to work without fstype (bsc#1169800)
   - Do not make file.recurse state to fail when msgpack 0.5.4 (bsc#1167437)
   - Fixes status attribute issue in aptpkg test
   - Make setup.py script not to require setuptools greater than 9.1 loop:
     fix variable names for until_no_eval
   - Drop conflictive module.run state patch (bsc#1167437)
   - Update patches after rebase with upstream v3000 tag (bsc#1167437)
   - Fix some requirements issues depending on Python3 versions
   - Fix for low rpm_lowpkg unit test
   - Add python-singledispatch as dependency for python2-salt
   - Fix for temp folder definition in loader unit test
   - Make "salt.ext.tornado.gen" to use "salt.ext.backports_abc" on Python 2
   - Fix regression in service states with reload argument
   - Fix integration test failure for test_mod_del_repo_multiline_values
   - Fix for unless requisite when pip is not installed
   - Fix errors from unit tests due NO_MOCK and NO_MOCK_REASON deprecation
   - Fix tornado imports and missing _utils after rebasing patches
   - Removes unresolved merge conflict in yumpkg module
   - Enable building and installation for Fedora
   - Sanitize grains loaded from roster_grains.json cache during "state.pkg"
   - Backport saltutil state module to 2019.2 codebase (bsc#1167556)
   - Add new custom SUSE capability for saltutil state module
   - virt._get_domain: don't raise an exception if there is no VM
   - Adds test for zypper abbreviation fix
   - Improved storage pool or network handling
   - Better import cache handline
   - Requiring python3-distro only for openSUSE/SLE >= 15
   - Use full option name instead of undocumented abbreviation for zypper
   - python-distro is only needed for > Python 3.7. Removing it for Python 2
   - Avoid possible user escalation upgrading salt-master (bsc#1157465)
     (CVE-2019-18897)
   - Batch Async: Handle exceptions, properly unregister and close instances
     after running async batching to avoid CPU starvation of the MWorkers
     (bsc#1162327)
   - RHEL/CentOS 8 uses platform-python instead of python3
   - Enable build for Python 3.8
   - Fix 'os_family' grain for Astra Linux Common Edition
   - Update to Salt version 2019.2.3 (CVE-2019-17361) (bsc#1163981)
     (bsc#1162504)
   - Enable passing grains to start event based on 'start_event_grains'
     configuration parameter
   - Support for Btrfs and XFS in parted and mkfs added
   - Adds list_downloaded for apt Module to enable pre-downloading support
     Adds virt.(pool|network)_get_xml functions Various libvirt updates
     * Add virt.pool_capabilities function
     * virt.pool_running improvements
     * Add virt.pool_deleted state
     * virt.network_define allow adding IP configuration
   - virt: adding kernel boot parameters to libvirt xml
   - Fix virt states to not fail on VMs already stopped
   - xfs: do not fail if type is not present (bsc#1153611)
   - Fix errors when running virt.get_hypervisor function
   - Align virt.full_info fixes with upstream Salt
   - Let salt-ssh use platform-python on RHEL8 (bsc#1158441)
   - Fix StreamClosedError issue (bsc#1157479)
   - Limiting M2Crypto to >= SLE15
   - Replacing pycrypto with M2Crypto (bsc#1165425)
   - Fix for log checking in x509 test
   - Prevent test_mod_del_repo_multiline_values to fail
   - Remove virt.pool_delete fast parameter (U#54474)
   - Remove unnecessary yield causing BadYieldError (bsc#1154620)
   - Prevent 'Already reading' continuous exception message (bsc#1137642)
   - Fix for aptpkg test with older mock modules
   - Remove wrong tests for core grain and improve debug logging
   - Use rich RPM deps to get a compatible version of tornado into the
     buildroot.
   - core.py: ignore wrong product_name files zypperpkg: understand product
     type
   - Enable usage of downloadonly parameter for apt module
   - Add missing 'fun' on events coming from salt-ssh wfunc executions
     (bsc#1151947)
   - Fix memory consumption problem on BatchAsync (bsc#1137642)
   - Fix dependencies for RHEL 8
   - Prevent systemd-run description issue when running aptpkg (bsc#1152366)
   - Take checksums arg into account for postgres.datadir_init (bsc#1151650)
   - Improve batch_async to release consumed memory (bsc#1140912)
   - Require shadow instead of old pwdutils (bsc#1130588)
   - Conflict with tornado >= 5; for now we can only cope with Tornado 4.x
     (bsc#1101780).
   - Fix virt.full_info (bsc#1146382)
   - virt.volume_infos: silence libvirt error message
   - virt.volume_infos needs to ignore inactive pools
   - Fix for various bugs in virt network and pool states
   - Implement network.fqdns module function (bsc#1134860)
   - Strip trailing "/" from repo.uri when comparing repos in
     apktpkg.mod_repo (bsc#1146192)
   - Make python3 default for RHEL8
   - Use python3 to build package Salt for RHEL8
   - Fix aptpkg systemd call (bsc#1143301)
   - Move server_id deprecation warning to reduce log spamming (bsc#1135567)
     (bsc#1135732)
   - Fix memory leak produced by batch async find_jobs mechanism (bsc#1140912)
   - Files in salt-formulas folder can now be read and excuted by others
     (bsc#1150447)
   - Restore default behaviour of pkg list return (bsc#1148714)
   - Multiple fixes on cmdmod, chroot, freezer and zypperpkg needed for Yomi
     cmdmod: fix runas and group in run_chroot chroot: add missing sys
     directory chroot: change variable name to root chroot: fix bug in
     safe_kwargs iteration freezer: do not fail in cache dir is present
     freezer: clean freeze YAML profile on restore zypperpkg: fix
     pkg.list_pkgs cache
   - Avoid traceback on http.query when there are errors with the requested
     URL (bsc#1128554)
   - Salt python client get_full_returns seems return data from incorrect jid
     (bsc#1131114)
   - virt.volume_infos: don't raise an error if there is no VM
   - Prevent ansiblegate unit tests to fail on Ubuntu
   - Allow passing kwargs to pkg.list_downloaded for Zypper (bsc#1140193)
   - Do not make "ansiblegate" module to crash on Python3 minions
     (bsc#1139761)
   - Provide the missing features required for Yomi (Yet one more installer)
   - Fix zypper pkg.list_pkgs test expectation and dpkg mocking
   - Set 'salt' group for files and directories created by
     salt-standalone-formulas-configuration package
   - Fix virt.volume_infos raising an exception when there is only virtual
     machine on the minion.
   - Fix virt.purge() on all non-KVM hypervisors. For instance on Xen,
     virt.purge would simply throw an exception about unsupported flag
   - Building a libvirt pool starts it. When defining a new pool, we need to
     let build start it or we will get libvirt errors.
   - Fix handling of Virtual Machines with white space in their name.
   - avoid batch.py exception when minion does not respond (bsc#1135507)
   - Preserve already defined DESTRUCTIVE_TESTS and EXPENSIVE_TESTS env
     variables
   - Do not break repo files with multiple line values on yumpkg (bsc#1135360)
   - Fix return status when installing or updating RPM packages with
     "ppc64le" arch (bsc#1133647)
   - Add new "salt-standalone-formulas-configuration" package
   - Switch firewalld state to use change_interface (bsc#1132076)
   - Fix async-batch to fire a single done event
   - Do not make Salt CLI to crash when there are IPv6 established
     connections (bsc#1130784)
   - Include aliases in FQDNS grain (bsc#1121439)
   - Fix issue preventing syndic to start
   - Update to 2019.2.0 release (FATE#327138, bsc#1133523)
   - Use ThreadPool from multiprocessing.pool to avoid leakings when
     calculating FQDNs
   - Do not report patches as installed on RHEL systems when not all the
     related packages are installed (bsc#1128061)
   - Incorporate virt.volume_info fixes (PR#131)
   - Fix for -t parameter in mount module
   - No longer limiting Python3 version to <3.7
   - Add virt.volume_infos and virt.volume_delete functions
   - Bugfix: properly refresh pillars (bsc#1125015)
   - Removes version from python3 requirement completely
   - Adds missing version update to %setup
   - Add virt.all_capabilities to return all host and domain capabilities at
     once
   - Switch to better correct version nomenclature Background: The special
     character tilde (~) will be available for use in version representing a
     negative version token.
   - Fix setup to use the right version tag
   - Add "id_" and "force" to the whitelist of API check
   - Add metadata to accepted keyword arguments (bsc#1122680)
   - Add salt-support script to package
   - Early feature: Salt support-config (salt-support)
   - Use Adler32 algorithm to compute string checksums (bsc#1102819)
   - Calculate the "FQDNs" grains in parallel to avoid long blocking
     (bsc#1129079)
   - Fix batch/batch-async related issues
   - Fixes typo in depedency: e2fsprogs
   - Adds missing dependencies to salt-common: python-concurrent.futures
   - Fix regression in dynamic pillarenv (bsc#1124277)
   - add parallel support for orchestrations (bsc#1116343)
   - Implement asynchronous batching
   - Let dpkg.info expose package status
   - Make aptpkg.info return only installed packages
   - Strip trailing / from repo URI when comparing repos in apktpkg.mod_repo
   - Include aliases in FQDNS grain
   - Prevents error when there's no job entry in filesystem cache due to race
     condition in minion onboarding (bsc#1122663)
   - Don't call zypper with more than one --no-refresh parameter (bsc#1123865)
   - Remove zypper-add-root-configuration-parameter patch (bsc#1123512)
   - Remove MSI Azure cloud module authentication patch (bsc#1123044)
   - Don't encode response string from role API
   - Add root parameter to Zypper module
   - Fix integration tests in state compiler (U#2068)
   - Fix "pkg.list_pkgs" output when using "attr" to take the arch into
     account (bsc#1114029)
   - Fix powerpc null server_id_arch (bsc#1117995)
   - Fix module 'azure.storage' has no attribute '__version__' (bsc#1121091)
   - Add supportconfig module and states for minions and SaltSSH
   - Fix FIPS enabled RES clients (bsc#1099887)
   - Add hold/unhold functions. Fix Debian repo "signed-by".
   - Strip architecture from debian package names
   - Fix latin1 encoding problems on file module (bsc#1116837)
   - Don't error on retcode 0 in libcrypto.OPENSSL_init_crypto
   - Handle anycast IPv6 addresses on network.routes (bsc#1114474)
   - Debian info_installed compatibility (U#50453)
   - Add compatibility with other package modules for "list_repos" function
   - Crontab module fix: file attributes option missing (bsc#1114824)
   - Fix git_pillar merging across multiple __env__ repositories (bsc#1112874)
   - Bugfix: unable to detect os arch when RPM is not installed (bsc#1114197)
   - Fix LDAP authentication issue when a valid token is generated by the
     salt-api even when invalid user credentials are passed. (U#48901)
   - Improved handling of LDAP group id. gid is no longer treated as a
     string, which could have lead to faulty group creations. (bsc#1113784)
   - Fix remote command execution and incorrect access control when using
     salt-api. (bsc#1113699, CVE-2018-15751)
   - Fix Directory traversal vulnerability when using salt-api. (bsc#1113698,
     CVE-2018-15750) Allows an attacker to determine what files exist on a
     server when querying /run or /events.
   - Add multi-file support and globbing to the filetree (U#50018)
   - Bugfix: supportconfig non-root permission issues (U#50095)
   - Open profiles permissions to everyone for read-only
   - Preserving signature in "module.run" state (U#50049)
   - Install default salt-support profiles
   - Add CPE_NAME for osversion* grain parsing
   - Get os_family for RPM distros from the RPM macros
   - Install support profiles
   - Fix async call to process manager (bsc#1110938)
   - Salt-based supportconfig implementation (technology preview)
   - Bugfix: any unicode string of length 16 will raise TypeError
   - Fix IPv6 scope (bsc#1108557)
   - Handle zypper ZYPPER_EXIT_NO_REPOS exit code (bsc#1108834, bsc#1109893)
   - Bugfix for pkg_resources crash (bsc#1104491)
   - Fix loosen azure sdk dependencies in azurearm cloud driver (bsc#1107333)
   - Fix broken "resolve_capabilities" on Python 3 (bsc#1108995)
   - Allow empty service_account_private_key in GCE driver (bsc#1108969)
   - Properly handle colons in inline dicts with yamlloader (bsc#1095651)
   - Fix wrong recurse behavior on for linux_acl.present (bsc#1106164)
   - Add additional x509 fixes
   - Fix for StringIO import in Python2
   - Integration of MSI authentication for azurearm
   - Fix for Compound list targeting with "not"
   - Fixes 509x remote signing
   - Adds fix for SUSE Expanded Support os grain detection
   - Prepend current directory when path is just filename (bsc#1095942)
   - Only do reverse DNS lookup on IPs for salt-ssh (bsc#1104154)
   - Add support for Python 3.7 and Tornado 5.0
   - Decode file contents for python2 (bsc#1102013, bsc#1103530)
   - Fix mine.get not returning data - workaround for #48020 (bsc#1100142)
   - Check dmidecoder executable on each "smbios" call to avoid race
     condition (bsc#1101880)
   - Add API log rotation on SUSE package (bsc#1102218)
   - Add missing dateutils import (bsc#1099945)
   - Backport the new libvirt_events engine from upstream
   - Fix file.blockreplace to avoid throwing IndexError (bsc#1101812)
   - Fix pkg.upgrade reports when dealing with multiversion packages
     (bsc#1102265)

   - Fix UnicodeDecodeError using is_binary check (bsc#1100225)
   - Fix corrupt public key with m2crypto python3 (bsc#1099323)
   - Prevent payload crash on decoding binary data (bsc#1100697)
   - Accounting for when files in an archive contain non-ascii characters
     (bsc#1099460)
   - Handle packages with multiple version properly with zypper (bsc#1096514)
   - Fix file.get_diff regression on 2018.3 (bsc#1098394)
   - Provide python version mismatch solutions (bsc#1072599)
   - Add custom SUSE capabilities as Grains (bsc#1089526)
   - Fix file.managed binary file utf8 error (bsc#1098394)
   - Add environment variable to know if yum is invoked from Salt
     (bsc#1057635)
   - Prevent deprecation warning with salt-ssh (bsc#1095507)
   - Fix for sorting of multi-version packages (bsc#1097174 and bsc#1097413)
   - Align SUSE salt-master.service 'LimitNOFILES' limit with upstream Salt
   - Add 'other' attribute to GECOS fields to avoid inconsistencies with chfn
   - Prevent zypper from parsing repo configuration from not .repo files
     (bsc#1094055)
   - Collect all versions of installed packages on SUSE and RHEL systems
     (bsc#1089526)
   - Documentation refresh to 2018.3.0
   - No more AWS EC2 rate limitations in salt-cloud (bsc#1088888)
   - MySQL returner now also allows to use Unix sockets (bsc#1091371)
   - Do not override jid on returners, only sending back to master
     (bsc#1092373)
   - Fixes for salt-ssh:
       - Option --extra-filerefs doesn't add all files to the state archive
       - Pillar completely overwritten (not merged) when doing module.run +
         state.apply with pillar in kwargs
   - remove minion/thin/version if exists to force thin regeneration
     (bsc#1092161)
   - Fixed Python 3 issue with CIDR addresses.
   - Fix minion scheduler to return a 'retcode' attribute (bsc#1089112)
   - Fix for logging during network interface querying (bsc#1087581)
   - Fix rhel packages requires both net-tools and iproute (bsc#1087055)
   - Fix patchinstall on yum module. Bad comparison (bsc#1087278)
   - Strip trailing commas on Linux user's GECOS fields (bsc#1089362)
   - Fallback to PyMySQL (bsc#1087891)
   - Improved test for fqdns
   - Update SaltSSH patch (use code checksum instead version on thin update)
   -  Fix for [Errno 0] Resolver Error 0 (no error) (bsc#1087581)
   - Add python-2.6 support to salt-ssh
   - Add iprout/net-tools dependency
   - salt-ssh: require same major version while minor is allowed to be
   - Add SaltSSH multi-version support across Python interpeters.
   - Fix zypper.info_installed 'ascii' issue
   - Update openscap push patch to include the test fixes
   - Explore 'module.run' state module output in depth to catch "result"
     properly
   - make it possible to use docker login, pull and push from module.run and
     detect errors
   - Fix logging with FQDNs
   - force re-generate a new thin.tgz when an update gets installed
   - Fix unicode decode error with salt-ssh
   - Fix cp.push empty file (bsc#1075950)
   - salt-ssh - move log_file option to changeable defaults
   - Fix grains containing trailing "\n"
   - Remove salt-minion python2 requirement when python3 is default
     (bsc#1081592)
   - Remove-obsolete-unicode-handling-in-pkg.info_installed
   - Restoring-installation-of-packages-for-Rhel-6-7
   - Prevent queryformat pattern from expanding (bsc#1079048)
   - Fix epoch handling for Rhel 6 and 7 (bsc#1068566)
   - Reverting to current API for split_input
   - Fix for wrong version processing during yum pkg install (bsc#1068566)
   - Feat: add grain for all FQDNs (bsc#1063419)
   - Fix RES7: different dependency names for python-PyYAML and
     python-MarkupSafe
   - Build both python2 and python3 binaries together.
   - Bugfix: errors in external pillar causes crash instead of report of them
     (bsc#1068446)
   - Fix 'user.present' when 'gid_from_name' is set but group does not exist.
   - Fix "No service execution module loaded" issue (bsc#1065792)
   - Set SHELL environment variable
   - Removed unnecessary logging on shutdown (bsc#1050003)
   - Renamed patch that adds grain fqdns
   - Add fqdns to grains (bsc#1063419)
   - Fixing cherrypy websocket with python3
   - Python3 bugfix for cherrypy read()
   - Fix for logging on salt-master exit in rare cases (pid-file removal)
   - Fix salt-master for old psutil version
   - Fix for delete_deployment in Kubernetes module (bsc#1059291)
   - Older logrotate need su directive (bsc#1071322)
   - Fix bsc#1041993 already included in 2017.7.2
   - Fixed beacons failure when pillar-based suppressing config-based.
     (bsc#1060230)
   - Escape the usage of %{VERSION} when calling out to rpm. RPM 4.14 has
     %{VERSION} defined as 'the main packages version'.
   - Fix wrong version reported by Salt (bsc#1061407)
   - Fix CVE-2017-14696 (bsc#1062464) already included in 2017.7.2
   - Run salt master as dedicated salt user
   - Run salt-api as user salt (bsc#1064520)
   - Re-added previously removed unit-test for bsc#1050003
   - Fixes for CVE-2017-14695 and CVE-2017-14696 (bsc#1062462)
   - Add missing follow-up for CVE-2017-12791 (bsc#1053955)
   - Fixed salt target-type field returns "String" for existing jids but an
     empty "Array" for non existing jids. (issue#1711)
   - Fixed minion resource exhaustion when many functions are being executed
     in parallel (bsc#1059758)
   - Remove 'TasksTask' attribute from salt-master.service in older versions
     of systemd (bsc#985112)
   - Fix for delete_deployment in Kubernetes module (bsc#1059291)
   - Catching error when PIDfile cannot be deleted (bsc#1050003)
   - Use $HOME to get the user home directory instead using '~' char
     (bsc#1042749)
   - Fixed patches for Kubernetes and YUM modules
   - Add support for SUSE Manager scalability features (bsc#1052264)
   - Introducing the kubernetes module (bsc#1051948)
   - Revert "We don't have python-systemd, so notify can't work"
   - Notify systemd synchronously via NOTIFY_SOCKET (bsc#1053376)
   - Add clean_id function to salt.utils.verify.py (CVE-2017-12791,
     bsc#1053955)
   - Added bugfix when jobs scheduled to run at a future time stay pending
     for Salt minions (bsc#1036125)
   - Adding procps as dependency. This provides "ps" and "pgrep" utils which
     are called from different Salt modules and also from new salt-minion
     watchdog.
   - Adding a salt-minion watchdog for RHEL6 and SLES11 systems (sysV) to
     restart salt-minion in case of crashes during upgrade.
   - fix format error (bsc#1043111)
   - fix ownership for whole master cache directory (bsc#1035914)
   - Bugfix: clean up `change` attribute from interface dict (upstream)
   - Disable 3rd party runtime packages to be explicitly recommended.
     (bsc#1040886)
   - Bugfix: orchestrate and batches returns false failed information
   - speed-up cherrypy by removing sleep call
   - wrong os_family grains on SUSE - fix unittests (bsc#1038855)
   - fix setting the language on SUSE systems (bsc#1038855)
   - Documentation refresh to 2016.11.4 See
     https://docs.saltstack.com/en/develop/topics/releases/2016.11.4.html See
     https://docs.saltstack.com/en/develop/topics/releases/2016.11.3.html See
     https://docs.saltstack.com/en/develop/topics/releases/2016.11.2.html See
     https://docs.saltstack.com/en/develop/topics/releases/2016.11.1.html for
     full changelog
   - Use SUSE specific salt-api.service (bsc#1039370)
   - Bugfix: wrong os_family grains on SUSE (bsc#1038855)
   - Bugfix: unable to use hostname for minion ID as '127' (upstream)
   - Fix core grains constants for timezone (bsc#1032931)
   - Add unit test for a skip false values from preferred IPs upstream patch
   - Adding "yum-plugin-security" as required for RHEL 6
   - Minor fixes on new pkg.list_downloaded
   - Listing all type of advisory patches for Yum module
   - Prevents zero length error on Python 2.6
   - Fixes zypper test error after backporting
   - raet protocol is no longer supported (bsc#1020831)
   - Fix: move SSH data to the new home (bsc#1027722)
   - Fix: /var/log/salt/minion fails logrotate (bsc#1030009)
   - Fix: Result of master_tops extension is mutually overwritten
     (bsc#1030073)
   - Allows to set 'timeout' and 'gather_job_timeout' via kwargs
   - Allows to set custom timeouts for 'manage.up' and 'manage.status'
   - Use salt's ordereddict for comparison (fixes failing tests)
   - add special salt-minion.service file for RES7
   - fix scripts for salt-proxy
   - define with systemd for fedora and rhel >= 7 (bsc#1027240)
   - add openscap module
   - file.get_managed regression fix (upstream issues #39762)
   - fix translate variable arguments if they contain hidden keywords
     (bsc#1025896)
   - fix service handling for openSUSE
   - added unit test for dockerng.sls_build dryrun
   - added dryrun to dockerng.sls_build
   - update dockerng minimal version requirements
   - fix format error in error parsing
   - keep fix for migrating salt home directory (bsc#1022562)
   - Fix  salt pkg.latest raises exception if package is not available
     (bsc#1012999)
   - Fix timezone: should be always in UTC (bsc#1017078)
   - Fix timezone handling for rpm installtime (bsc#1017078)
   - Increasing timeouts for running integrations tests
   - Add buildargs option to dockerng.build module
   - Disable custom rosters for Salt SSH via Salt API (bsc#1011800)
   - Fix error when missing ssh-option parameter
   - readd yum notify plugin
   - all kwargs to dockerng.create to provide all features to sls_build as
     well
   - Bugfix: datetime should be returned always in UTC
   - Bugfix: scheduled state may cause crash while deserialising data on
     infinite recursion. (bsc#1036125)
   - Enable yum to handle errata on RHEL 6: require yum-plugin-security
   - Minor fixes on new pkg.list_downloaded
   - Listing all type of advisory patches for Yum module
   - Prevents zero length error on Python 2.6
   - Fixes zypper test error after backporting
   - Refactoring on Zypper and Yum execution and state modules to allow
     installation of patches/errata.
   - Fix log rotation permission issue (bsc#1030009)
   - Use pkg/suse/salt-api.service by this package
   - Set SHELL env variable for the salt-api.service needed for salt-ssh
     ProxyCommand to work properly.
   - Fixes 'timeout' and 'gather_job_timeout' kwargs parameters for
     'local_batch' client
   - Add missing bootstrap script for Salt Cloud (bsc#1032452)
   - Fix: add missing /var/cache/salt/cloud directory (bsc#1032213)
   - Added test case for race conditions on cache directory creation
   - Adding "pkg.install downloadonly=True" support to yum/dnf execution
     module
   - Makes sure "gather_job_timeout" is an Integer
   - Adding "pkg.downloaded" state and support for installing patches/erratas
   - Fix: merge master_tops output
   - Fix: race condition on cache directory creation
   - Cleanup salt user environment preparation (bsc#1027722)
   - Don't send passwords after shim delimiter is found (bsc#1019386)
   - Allows to set 'timeout' and 'gather_job_timeout' via kwargs
   - Allows to set custom timeouts for 'manage.up' and 'manage.status'
   - define with system for fedora and rhel 7  (bsc#1027240)
   - Fix service state returning stacktrace (bsc#1027044)
   - Prevents 'OSError' exception in case certain job cache path doesn't
     exist (bsc#1023535)
   - Backport: Fix issue with cp.push (#36136)
   - Fix salt-minion update on RHEL (bsc#1022841)
   - Adding new functions to Snapper execution module.
   - Fix invalid chars allowed for data IDs (bsc#1011304)
   - Fix timezone: should be always in UTC (bsc#1017078)
   - Fixes wrong "enabled" opts for yumnotify plugin
   - ssh-option parameter for salt-ssh command.
   - minion should pre-require salt
   - do not restart salt-minion in the salt package
   - add try-restart to sys-v init scripts
   - Adding "Restart=on-failure" for salt-minion systemd service
   - Re-introducing "KillMode=process" for salt-minion systemd service
   - Successfully exit of salt-api child processes when SIGTERM is received
   - Fix possible information leak due to revoked keys still being used.
     (bsc#1012398, CVE-2016-9639)
   - Splitted non-Linux and other external platform modules to 'salt-other'
     sub-package.
   - Switch package group from System/Monitoring to System/Management
   - fix exist codes of sysv init script (bsc#999852)
   - Including resolution parameters in the Zypper debug-solver call during a
     dry-run dist-upgrade.
   - Fix Salt API crash via salt-ssh on empty roster (bsc#1004723)
   - Adding 'dist-upgrade' support to zypper module (FATE#320559)
   - Copy .travis.yml from git commit ea63e793567ba777e47dc766a4f88edfb037a02f
   - Change travis configuration file to use salt-toaster
   - acl.delfacl: fix position of -X option to setfacl (bsc#1004260)
   - fix generated shebang in scripts on SLES-ES 7 (bsc#1004047)
   - Setting up OS grains for SLES-ES (SLES Expanded Support platform)
   - Move salt home directory to /var/lib/salt (bsc#1002529)
   - Adjust permissions on home directory
   - Adjust pre-install script to correctly move existing salt users' home
     directory salt user cannot write in his own home directory (/srv/salt)
     because it is owned by user `root`. This prevents salt from correctly
     save ssh known hosts in ~/.ssh/ and breaks salt-ssh bootstrapping.
   - Generate Salt Thin with configured extra modules (bsc#990439)
   - Unit and integration tests fixes for 2015.8.7
   - Prevent pkg.install failure for expired keys (bsc#996455)
   - Required D-Bus and generating machine ID
   - add a macro to check if the docs should be build or the static tarball
     should be used
   - Helper script for updating documentation tarball.
   - Fix python-jinja2 requirements in rhel
   - Fix pkg.installed refresh repo failure (bsc#993549) Fix
     salt.states.pkgrepo.management no change failure (bsc#990440)
   - Prevent snapper module crash on load if no DBus is available in the
     system (bsc#993039)
   - Prevent continuous restart, if a dependency wasn't installed (bsc#991048)
   - Fix beacon list to include all beacons being process
   - Run salt-api as user salt like the master (bsc#990029)
   - Revert patch Minion ID generation (bsc#967803)
   - Fix broken inspector due to accidentally missed commit (bsc#989798)
   - Set always build salt-doc package.
   - Bugfix: lvm.vg_present does not recognize PV with certain LVM filter
     settings (bsc#988506)
   - Backport: Snapper module for Salt.
   - Bugfix: pkg.list_products on "registerrelease" and "productline" returns
     boolean.False if empty (bsc#989193, bsc#986019)
   - Rewrite Minion ID generation (bsc#967803)
   - Bugfix: Fixed behavior for SUSE OS grains (bsc#970669)
   - Bugfix: Salt os_family does not detect SLES for SAP (bsc#983017)
   - Move log message from INFO to DEBUG (bsc#985661)
   - Fix salt --summary to count not responding minions correctly (bsc#972311)
   - Fix memory leak on custom execution module sheduled jobs (bsc#983512)
   - fix groupadd module for sles11 systems (bsc#978150)
   - Fix pkgrepo.managed gpgkey argument doesn't work (bsc#979448)
   - Package checksum validation for zypper pkg.download
   - Check if a job has executed and returned successfully
   - Remove option -f from startproc (bsc#975733)
   - Changed Zypper's plugin. Added Unit test and related to that data
     (bsc#980313)
   - Zypper plugin: alter the generated event name on package set change.
   - Fix file ownership on master keys and cache directories during upgrade
     (handles upgrading from salt 2014, where the daemon ran as root, to 2015
     where it runs as the salt user, bsc#979676).
   - salt-proxy .service file created (bsc#975306)
   - Prevent salt-proxy test.ping crash (bsc#975303)
   - Fix shared directories ownership issues.
   - Add Zypper plugin to generate an event,once Zypper is used outside the
     Salt infrastructure demand (bsc#971372).
   - Restore boolean values from the repo configuration and fix priority
     attribute (bsc#978833)
   - Unblock-Zypper. (bsc#976148)
   - Modify-environment. (bsc#971372)
   - Prevent crash if pygit2 package is requesting re-compilation.
   - align OS grains from older SLES with current one (bsc#975757)
   - Bugfix: salt-key crashes if tries to generate keys to the directory w/o
     write access (bsc#969320)
   - Check if EOL is available in a particular product (bsc#975093)
   - fix building with docs on SLE11
   - Prevent metadata download when getting installed products
   - Add statically built docs.
   - fix sorting by latest package
   - ensure pkg.info_installed report latest package version (bsc#972490)
   - Use SHA256 by default in master, minion and proxy (bsc#955373)
   - Fix state structure compilation
   - Fix git_pillar race condition
   - fix detection of base products in SLE11
   - fix rpm info for SLE11
   - fix init system detection for SLE11
   - Make checksum configurable (upstream still wants md5, we suggest
     sha256). (bsc#955373)
   - Fix the service state / module on SLE11.
   - Prevent rebuilds in OBS by not generating a date as a comment in a
     source file
   - Add better checking for zypper exit codes and simplify evaluation of the
     zypper error messages.
   - Adapt unit tests
   - Add initial pack of Zypper's Unit tests. Use XML output in
     list_upgrades. Bugfix: upgrade_available crashes when only one package
     specified Purge is not using "-u" anymore
   - fix argument handling of pkg.download
   - unify behavior of zypper refresh in salt
   - Fix crash with scheduler and runners
   - Call zypper always with --non-interactive
   - require rpm-python on SUSE for zypper support
   - fix state return code
   - add handling of OEM products to pkg.list_products
   - improve doc for list_pkgs
   - implement pkg.version_cmp in zypper.py
   - Booleans should not be strings from XML, add Unix ticks time and format
     result in a list of maps.
   - Stop salt-api daemon faster (bsc#963322)
   - Do not crash on salt-key reject/delete consecutive calls.
   - Improper handling of clear messages on the minion remote code execution
     (bsc#965403, CVE-2016-1866)
   - Fix latest version available comparison and implement epoch support in
     Zypper module.
   - Fix dependencies to Salt subpackages requiring release along the version.
   - Fix pkg.latest crash.
   - Fix pkg.latest SLS ID bug, when pkgs empty list is passed, but SLS ID
     still treated as a package name.
   - Fix zypper module info_available on SLE-11
   - zypper/pkg: add package attributes filtering
   - Remove require on glibc-locale (bsc#959572)
   - Add missing return data to scheduled jobs
   - Update zypper-utf-8 patch for Python 2.6
   - Report epoch and architecture of installed packages
   - pkg.info_installed exceeds the maximum event size, reduce the
     information to what's actually needed
   - Filter out bad UTF-8 strings in package data (bsc#958350)
   - reimplements pkg.list_products that potentially may be broken in a
     future releases of SLES.
   - fixes a regression introduced in 2015.8.2
   - it shouldnt be >= 1110 but just > 1110
   - require pmtools on sle11 to get dmidecode
   - First step to make the syndic also run as salt user.
   - Updated to bugfix release 2015.8.2
   - os_grain patch fix the "os" grain on SLES11SP4
   - zypper_pkgrepo fix the priority and humanname pkgrepo args for the
     zypper backend
   - Add support for ``spm.d/*.conf`` configuration of SPM (:issue:`27010`)
   - Fix ``proxy`` grains breakage for non-proxy minions (:issue:`27039`)
   - Fix global key management for git state
   - Fix passing http auth to ``util.http`` from ``state.file``
     (:issue:`21917`)
   - Fix ``multiprocessing: True`` in windows (on by default`)
   - Add ``pkg.info`` to pkg modules
   - Fix name of ``serial`` grain (this was accidentally renamed in 2015.8.0`)
   - Merge config values from ``master.d``/``minion.d`` conf files (rather
     than flat update`)
   - Clean grains cache on grains sync (:issue:`19853`)
   - Remove streamed response for fileclient to avoid HTTP redirection
     problems (:issue:`27093`)
   - Fixed incorrect warning about ``osrelease`` grain (:issue:`27065`)
   - Fix authentication via Salt-API with tokens (:issue:`27270`)
   - Fix winrepo downloads from https locations (:issue:`27081`)
   - Fix potential error with salt-call as non-root user (:issue:`26889`)
   - Fix global minion provider overrides (:issue:`27209`)
   - Fix backward compatibility issues for pecl modules
   - Fix Windows uninstaller to only remove ``./bin``, ``salt*``,
     ``nssm.exe``, ``uninst.exe`` (:issue:`27383`)
   - Fix misc issues with mongo returner.
   - Add sudo option to cloud config files (:issue:`27398`)
   - Fix regression in RunnerClient argument handling (:issue:`25107`)
   - Fix ``dockerng.running`` replacing creation hostconfig with runtime
     hostconfig (:issue:`27265`)
   - Fix dockerng.running replacing creation hostconfig with runtime
     hostconfig (:issue:`27265`)
   - Increased performance on boto asg/elb states due to ``__states__``
     integration
   - Windows minion no longer requires powershell to restart (:issue:`26629`)
   - Fix x509 module to support recent versions of OpenSSL (:issue:`27326`)
   - Some issues with proxy minions were corrected.
   - guard raet buildrequires with bcond_with raet and comment out the
     recommends for salt-raet.
   - remove pygit2 global recommends, it is only needed in the master
   - remove git-core, pygit2 should pull it as a dependency
   -  Returns detailed information about a package
   - ifdef Recommends to build on RHEL based distros
   - use _initddir instead of _sysconfdir/init.d as it works on both
     platforms.
   - allow to disable docs in preparation for building on other platforms
     without all dependencies.
   - merge (build)requires/recommends with requirements/*txt and setup.py
   - add raet subpackage which will pull all requires for it and provides
     config snippets to enable it for the minion and master.
   - add tmpfiles.d file
   - Remove requires on python-ioflo and python-libnacl they will be pulled
     by python-raet, which is optional.
   - python-raet is optional, so make it a Recommends
   - update use-forking-daemon: the original intention was to get rid of the
     python systemd dependency. for this we do not have daemonize the whole
     process. just switching to simple mode is enough.
   - reenable completions on distros newer than sle11
   - do not use _datarootdir, use _datadir instead.
   - package all directories in /var/cache/salt and /etc/salt and have
     permissions set for non root salt master
   - never require pygit2 and git. the master can run fine without. always
     use recommends
   - cleanup dependencies:
     - remove a lot of unneeded buildrequires
     - fdupes not present on SLE10
     - python-certifi needed on SLE11
     - python-zypp not needed any more
     - python-pygit2 is not a global requirement
     - convert python-pysqlite to recommends as it is not available on python
       <=2.7
   - sles_version -> suse_version
   - Remove python-PyYAML from the dependencies list, as python-yaml is the
     same
   - Build the -completion subpackages in SLE11 as well
   - Add salt-proxy
   - Create salt user/group only in the -master subpkg
   - Fix typo in use-forking-daemon, that prevented daemon loading
   - Cleanup requirements
   - Updated the files ownership with salt user
   - removed m2crypto depency
   - Removed fish dependency for fish completions.
   - Added fish completions.
   - Support SLE11SP{3,4}, where the M2Crypto package is named python-m2crypto
   - Add prereq, for user creation.
   - Add creation of salt user in preparation of running the salt-master
     daemon as non-root user salt.
   - Add README.SUSE with explanation and how to.
   - only require git-core to not pull in git-web and gitk
   - Removed python-pssh depency not needed anymore.
   - The 2015.5.0 feature release of Salt is focused on hardening Salt and
     mostly on improving existing systems. A few major additions are present,
     primarily the new Beacon system. Most enhancements have been focused
     around improving existing features and interfaces. As usual the release
     notes are not exhaustive and primarily include the most notable
     additions and improvements. Hundreds of bugs have been fixed and many
     modules have been substantially updated and added. See especially the
     warning right on the top regarding python_shell=False. For all details
     see http://docs.saltstack.com/en/latest/topics/releases/2015.5.0.html
   - Moved the depencencies to main salt package except where they are
     specific for the package
   - Changed python-request dependency,only needed on salt-cloud
   - Added python-tornado dependency for http.py
   - Fixed zsh_completion in tarball.
   - Fixed salt-api requirements to require python-cherrypy
   - Fixed salt-cloud requiments to require salt-master
   - Fixed a key error bug in salt-cloud
   - Updated man pages to better match documentation
   - Fixed bug concerning high CPU usage with salt-ssh
   - Fixed bugs with remounting cvfs and fuse filesystems
   - Fixed bug with alowing requisite tracking of entire sls files
   - Fixed bug with aptpkg.mod_repo returning OK even if apt-add-repository
     fails
   - Increased frequency of ssh terminal output checking
   - Fixed malformed locale string in localmod module
   - Fixed checking of available version of package when accept_keywords were
     changed
   - Fixed bug to make git.latest work with empty repositories
   - Added **kwargs to service.mod_watch which removes warnings about enable
     and __reqs__ not being supported by the function
   - Improved state comments to not grow so quickly on failed requisites
   - Added force argument to service to trigger force_reload
   - Fixed bug to andle pkgrepo keyids that have been converted to int
   - Fixed module.portage_config bug with appending accept_keywords
   - Fixed bug to correctly report disk usage on windows minion
   - Added the ability to specify key prefix for S3 ext_pillar
   - Fixed issues with batch mode operating on the incorrect number of minions
   - Fixed a bug with the proxmox cloud provider stacktracing on disk
     definition
   - Fixed a bug with the changes dictionary in the file state
   - Fixed the TCP keep alive settings to work better with SREQ caching
   - Fixed many bugs within the iptables state and module
   - Fixed bug with states by adding fun, state, and unless to the state
     runtime internal keywords listing
   - Added ability to eAuth against Active Directory
   - Fixed some salt-ssh issues when running on Fedora 21
   - Fixed grains.get_or_set_hash to work with multiple entries under same key
   - Added better explanations and more examples of how the Reactor calls
     functions to docs
   - Fixed bug to not pass ex_config_drive to libcloud unless it's explicitly
     enabled
   - Fixed bug with pip.install on windows
   - Fixed bug where puppet.run always returns a 0 retcode
   - Fixed race condition bug with minion scheduling via pillar
   - Made efficiency improvements and bug fixes to the windows installer
   - Updated environment variables to fix bug with pygit2 when running salt
     as non-root user
   - Fixed cas behavior on data module -- data.cas was not saving changes
   - Fixed GPG rendering error
   - Fixed strace error in virt.query
   - Fixed stacktrace when running chef-solo command
   - Fixed possible bug wherein uncaught exceptions seem to make zmq3 tip
     over when threading is involved
   - Fixed argument passing to the reactor
   - Fixed glibc caching to prevent bug where salt-minion getaddrinfo in
     dns_check() never got updated nameservers
   - fix salt-zsh-completion conflicts
   - Multi-master minions mode no longer route fileclient operations
     asymetrically. This fixes the source of many multi-master bugs where the
     minion would become unrepsonsive from one or more masters.
   - Fix bug wherein network.iface could produce stack traces.
   - net.arp will no longer be made available unless arp is installed on the
     system.
   - Major performance improvements to Saltnado
   - Allow KVM module to operate under KVM itself or VMWare Fusion
   - Various fixes to the Windows installation scripts
   - Fix issue where the syndic would not correctly propogate loads to the
     master job cache.
   - Improve error handling on invalid /etc/network/interfaces file in salt
     networking modules
   - Fix bug where a reponse status was not checked for in fileclient.get_url
   - Enable eauth when running salt in batch mode
   - Increase timeout in Boto Route53 module
   - Fix bugs with Salt's 'tar' module option parsing
   - Fix parsing of NTP servers on Windows
   - Fix issue with blockdev tuning not reporting changes correctly
   - Update to the latest Salt bootstrap script
   - Update Linode salt-cloud driver to use either linode-python or
     apache-libcloud
   - Fix for s3.query function to return correct headers
   - Fix for s3.head returning None for files that exist
   - Fix the disable function in win_service module so that the service is
     disabled correctly
   - Fix race condition between master and minion when making a directory
     when both daemons are on the same host
   - Fix an issue where file.recurse would fail at the root of an svn repo
     when the repo has a mountpoint
   - Fix an issue where file.recurse would fail at the root of an hgfs repo
     when the repo has a mountpoint
   - Fix an issue where file.recurse would fail at the root of an gitfs repo
     when the repo has a mountpoint
   - Add status.master capability for Windows.
   - Various fixes to ssh_known_hosts
   - Various fixes to states.network bonding for Debian
   - The debian_ip.get_interfaces module no longer removes nameservers.
   - Better integration between grains.virtual and systemd-detect-virt and
     virt-what
   - Fix traceback in sysctl.present state output
   - Fix for issue where mount.mounted would fail when superopts were not a
     part of mount.active (extended=True). Also mount.mounted various fixes
     for Solaris and FreeBSD.
   - Fix error where datetimes were not correctly safeguarded before being
     passed into msgpack.
   - Fix file.replace regressions.  If the pattern is not found, and if dry
     run is False, and if `backup` is False, and if a pre-existing file
     exists with extension `.bak`, then that backup file will be overwritten.
     This backup behavior is a result of how `fileinput` works. Fixing it
     requires either passing through the file twice (the first time only to
     search for content and set a flag), or rewriting `file.replace` so it
     doesn't use `fileinput`
   - VCS filreserver fixes/optimizations
   - Catch fileserver configuration errors on master start
   - Raise errors on invalid gitfs configurations
   - set_locale when locale file does not exist (Redhat family)
   - Fix to correctly count active devices when created mdadm array with
     spares
   - Fix to correctly target minions in batch mode
   - Support ssh:// urls using the gitfs dulwhich backend
   - New fileserver runner
   - Fix various bugs with argument parsing to the publish module.
   - Fix disk.usage for Synology OS
   - Fix issue with tags occurring twice with docker.pulled
   - Fix incorrect key error in SMTP returner
   - Fix condition which would remount loopback filesystems on every state run
   - Remove requsites from listens after they are called in the state system
   - Make system implementation of service.running aware of legacy service
     calls
   - Fix issue where publish.publish would not handle duplicate responses
     gracefully.
   - Accept Kali Linux for aptpkg salt execution module
   - Fix bug where cmd.which could not handle a dirname as an argument
   - Fix issue in ps.pgrep where exceptions were thrown on Windows.
   - fix package bug with fdupes.
   - keep sle 11 sp3 support.
   - Fix erroneous warnings for systemd service enabled check (issue 19606)
   - Fix FreeBSD kernel module loading, listing, and persistence kmod (issue
     197151, issue 19682)
   - Allow case-sensitive npm package names in the npm state. This may break
     behavior for people expecting the state to lowercase their npm package
     names for them. The npm module was never affected by mandatory
     lowercasing. (issue 20329)
   - Deprecate the activate parameter for pip.install for both the module and
     the state. If bin_env is given and points to a virtualenv, there is no
     need to activate that virtualenv in a shell for pip to install to the
     virtualenv.
   - Fix a file-locking bug in gitfs (issue 18839)
   - Fixed gitfs serving symlinks in file.recurse states (issue 17700)
   - Fixed holding of multiple packages (YUM) when combined with version
     pinning (issue 18468)
   - Fixed use of Jinja templates in masterless mode with non-roots
     fileserver backend (issue 17963)
   - Re-enabled pillar and compound matching for mine and publish calls. Note
     that pillar globbing is still disabled for those modes, for security
     reasons. (issue 17194)
   - Fix for tty: True in salt-ssh (issue 16847)
   - Needed to provide zsh completion because of the tarball missing the zsh
     completion script.
   - Added man salt.7.gz to salt-master package
   - added python-zipp as depency
   - added recommend python-pygit2, this is the preferred gitfs backend of
     saltstack
   - added zsh-completion package
   - SALT SSH ENHANCEMENTS:
     + Support for Fileserver Backends
     + Support for Saltfile
     + Ext Pillar
     + No more sshpass needed
     + Pure Python Shim
     + Custom Module Delivery
     + CP module Support
     + More Thin Directory Options
    - Salt State System enhancements:
      + New Imperative State Keyword "Listen"
      + New Mod Aggregate Runtime Manipulator
      + New Requisites: onchanges and onfail
      + New Global onlyif and unless
     + Use names to expand and override values
    - Salt Major Features:
      + Improved Scheduler Additions
      + Red Hat 7 Support
      + Fileserver Backends in Salt-call
      + Amazon Execution Modules in salt-cloud
      + LXC Runner Enhancements
      + Next Gen Docker Management
      + Peer System Performance Improvements
      + SDB Encryption at rest for configs
      + GPG Renderer encrypted pillar at rest
      + OpenStack Expansions
      + Queues System external queue systems into Salt events
      + Multi Master Failover Additions
      + Chef Execution Module
    - salt-api Project Merge
      + Synchronous and Asynchronous Execution of Runner and Wheel Modules
      + rest_cherrypy Additions
      + Web Hooks
    - Fileserver Backend Enhancements:
      + New gitfs Features
      + Pygit2 and Dulwich support
      	+ Mountpoints support
      + New hgfs Features
      	+ mountpoints support
      + New svnfs Features:
       + mountpoints
      + minionfs Featuressupport
       + mountpoints
    - New Salt Modules:
      + Oracle
      + Random
      + Redis
      + Amazon Simple Queue Service
      + Block Device Management
      + CoreOS etcd
      + Genesis
      + InfluxDB
      + Server Density
      + Twilio Notifications
      + Varnish
      + ZNC IRC Bouncer
      + SMTP
    - NEW RUNNERS:
      + Map/Reduce Style
      + Queue
    - NEW EXTERNAL PILLARS:
      + CoreOS etcd
    - NEW SALT-CLOUD PROVIDERS:
      + Aliyun ECS Cloud
      + LXC Containers
      + Proxmox (OpenVZ containers & KVM)
   - DEPRECATIONS:
    + Salt.modules.virtualenv_mod

   - fix module run exit code (issue 16420)
   - salt cloud Check the exit status code of scp before assuming it has
     failed. (issue 16599)
   - Fix scp_file always failing (which broke salt-cloud) (issue 16437)
   - Fix regression in pillar in masterless (issue 16210, issue 16416, issue
     16428)
   - Fix for minion_id with byte-order mark (BOM) (issue 12296)
   - Fix runas deprecation in at module
   - Fix trailing slash befhavior for file.makedirs_ (issue 14019)
   - Fix chocolatey path (issue 13870)
   - Fix git_pillar infinite loop issues (issue 14671)
   - Fix json outputter null case
   - Fix for minion error if one of multiple masters are down (issue 14099)
   - Fix service.py version parsing for SLE 11
   - Remove salt-master's hard requirement for git and python-GitPython on
     SLE 12
   - Ensure salt uses systemd for services on SLES
   - Version 2014.1.9 contained a regression which caused inaccurate Salt
     version detection, and thus was never packaged for general release.
     This version contains the version detection fix, but is otherwise
     identical to 2014.1.9.
   - Version 2014.1.8 contained a regression which caused inaccurate Salt
     version detection, and thus was never packaged for general release.
     This version contains the version detection fix, but is otherwise
     identical to 2014.1.8.

   - Ensure salt-ssh will not continue if permissions on a temporary
     directory are not correct.
   - Use the bootstrap script distributed with Salt instead of relying on an
     external resource
   - Ensure salt states are placed into the .salt directory in salt-ssh
   - Use a randomized path for temporary files in a salt-cloud deployment
   - Clean any stale directories to ensure a fresh copy of salt-ssh during a
     deployment
   - Allow salt to correctly detect services provided by init scripts
   - Move systemd service file fix to patch, add PIDFile parameter (this fix
     is applicable for all SUSE versions)
   - Improve systemd service file fix for 12.3 Use forking instead of Simple
     and daemonize salt-master process
   - Fixed bug in opensuse 12.3 systemd file systemd 198 doesn't have
     python-systemd binding.
   - Disabled testing on SLES
   - Fix batch mode regression (issue 14046)
   - Fix extra iptables --help output (Sorry!) (issue 13648, issue 13507,
     issue 13527, issue 13607)
   - Fix mount.active for Solaris
   - Fix support for allow-hotplug statement in debian_ip network module
   - Add sqlite3 to esky builds
   - Fix jobs.active output (issue 9526)
   - Fix the virtual grain for Xen (issue 13534)
   - Fix eauth for batch mode (issue 9605)
   - Fix force-related issues with tomcat support (issue 12889)
   - Fix KeyError when cloud mapping
   - Fix salt-minion restart loop in Windows (issue 12086)
   - Fix detection of service virtual module on Fedora minions
   - Fix traceback with missing ipv4 grain (issue 13838)
   - Fix issue in roots backend with invalid data in mtime_map (issue 13836)
   - Fix traceback in jobs.active (issue 11151)
   - Add function for finding cached job on the minion
   - Fix for minion caching jobs when master is down
   - Bump default `syndic_wait` to 5 to fix syndic-related problems (issue
     12262)
   - Fix false positive error in logs for `makeconf` state (issue 9762)
   - Fix for extra blank lines in `file.blockreplace` (issue 12422)
   - Use system locale for ports package installations
   - Fix for `cmd_iter`/`cmd_iter_no_block` blocking issues (issue 12617)
   - Fix traceback when syncing custom types (issue 12883)
   - Fix cleaning directory symlinks in `file.directory`
   - Add performance optimizations for `saltutil.sync_all` and
     `state.highstate`
   - Fix possible error in `saltutil.running`
   - Fix for kmod modules with dashes (issue 13239)
   - Fix possible race condition for Windows minions in state module
     reloading (issue 12370)
   - Fix bug with roster for `passwd`s that are loaded as non-string objects
     (issue 13249)
   - Keep duplicate version numbers from showing up in `pkg.list_pkgs` output
   - Fixes for Jinja renderer, timezone mod`module
     <salt.modules.timezone>`/mod`state <salt.states.timezone>` (issue 12724)
   - Fix timedatectl parsing for systemd>=210 (issue 12728)
   - Removed the deprecated external nodes classifier (originally accessible
     by setting a value for external_nodes in the master configuration
     file).  Note that this functionality has been marked deprecated for some
     time and was replaced by the more general doc`master tops
     <topics/master_tops>` system.
   - More robust escaping of ldap filter strings.
   - Fix trailing slash in conf_master`gitfs_root` causing files not to be
     available (issue 13185)
   - added bash completion package
   - Fix setup.py dependency issue (issue 12031)
   - Fix handling for IOErrors under certain circumstances (issue 11783 and
     issue 11853)
   - Fix fatal exception when `/proc/1/cgroup` is not readable (issue 11619)
   - Fix os grains for OpenSolaris (issue 11907)
   - Fix `lvs.zero` module argument pass-through (issue 9001)
   - Fix bug in `debian_ip` interaction with `network.system` state (issue
     11164)
   - Remove bad binary package verification code (issue 12177)
   - Fix traceback in solaris package installation (issue 12237)
   - Fix `file.directory` state symlink handling (issue 12209)
   - Remove `external_ip` grain
   - Fix `file.managed` makedirs issues (issue 10446)
   - Fix hang on non-existent Windows drive letter for `file` module (issue
     9880)
   - Fix salt minion caching all users on the server (issue 9743)
   - Fix username detection when su'ed to root on FreeBSD (issue 11628)
   - Fix minionfs backend for file.recurse states
   - Fix 32-bit packages of different arches than the CPU arch, on 32-bit
     RHEL/CentOS (issue 11822)
   - Fix bug with specifying alternate home dir on user creation (FreeBSD)
     (issue 11790)
   - Don’t reload site module on module refresh for MacOS
   - Fix regression with running execution functions in Pillar SLS (issue
     11453)
   - Fix some modules missing from Windows installer
   - Don’t log an error for yum commands that return nonzero exit status on
     non-failure (issue 11645)
   - Fix bug in rabbitmq state (issue 8703)
   - Fix missing ssh config options (issue 10604)
   - Fix top.sls ordering (issue 10810 and issue 11691)
   - Fix salt-key --list all (issue 10982)
   - Fix win_servermanager install/remove function (issue 11038)
   - Fix interaction with tokens when running commands as root (issue 11223)
   - Fix overstate bug with find_job and **kwargs (issue 10503)
   - Fix saltenv for aptpkg.mod_repo from pkgrepo state
   - Fix environment issue causing file caching problems (issue 11189)
   - Fix bug in __parse_key in registry state (issue 11408)
   - Add minion auth retry on rejection (issue 10763)
   - Fix publish_session updating the encryption key (issue 11493)
   - Fix for bad AssertionError raised by GitPython (issue 11473)
   - Fix debian_ip to allow disabling and enabling networking on Ubuntu
     (issue 11164)
   - Fix potential memory leak caused by saved (and unused) events (issue
     11582)
   - Fix exception handling in the MySQL module (issue 11616)
   - Fix environment-related error (issue 11534)
   - Include psutil on Windows
   - Add file.replace and file.search to Windows (issue 11471)
   - Add additional file module helpers to Windows (issue 11235)
   - Add pid to netstat output on Windows (issue 10782)
   - Fix Windows not caching new versions of installers in winrepo (issue
     10597)
   - Fix hardcoded md5 hashing
   - Fix kwargs in salt-ssh (issue 11609)
   - Fix file backup timestamps (issue 11745)
   - Fix stacktrace on sys.doc with invalid eauth (issue 11293)
   - Fix git.latest with test=True (issue 11595)
   - Fix file.check_perms hardcoded follow_symlinks (issue 11387)
   - Fix certain pkg states for RHEL5/Cent5 machines (issue 11719)
   - Features from 2014.1.0 Major Release:
     - 2014.1.0 is the first release to follow the new date-based release
       naming system.
     - Salt Cloud Merged into Salt
     - Google Compute Engine support is added to salt-cloud.
     - Salt Virt released
     - Docker Integration
     - IPv6 Support for iptables State/Module
     - GitFS Improvements
     - MinionFS
     - saltenv
     - Grains Caching
     - Improved Command Logging Control
     - PagerDuty Support
     - Virtual Terminal
     - Proxy Minions
   - bugfixes:
     - Fix mount.mounted leaving conflicting entries in fstab (:issue:`7079`)
     - Fix mysql returner serialization to use json (:issue:`9590`)
     - Fix ZMQError: Operation cannot be accomplished in current state errors
       (:issue:`6306`)
     - Rbenv and ruby improvements
     - Fix quoting issues with mysql port (:issue:`9568`)
     - Update mount module/state to support multiple swap partitions
       (:issue:`9520`)
     - Fix archive state to work with bsdtar
     - Clarify logs for minion ID caching
     - Add numeric revision support to git state (:issue:`9718`)
     - Update master_uri with master_ip (:issue:`9694`)
     - Add comment to Debian mod_repo (:issue:`9923`)
     - Fix potential undefined loop variable in rabbitmq state (:issue:`8703`)
     - Fix for salt-virt runner to delete key on VM deletion
     - Fix for salt-run -d to limit results to specific runner or function
       (:issue:`9975`)
     - Add tracebacks to jinja renderer when applicable (:issue:`10010`)
     - Fix parsing in monit module (:issue:`10041`)
     - Fix highstate output from syndic minions (:issue:`9732`)
     - Quiet logging when dealing with passwords/hashes (:issue:`10000`)
     - Fix for multiple remotes in git_pillar (:issue:`9932`)
     - Fix npm installed command (:issue:`10109`)
     - Add safeguards for utf8 errors in zcbuildout module
     - Fix compound commands (:issue:`9746`)
     - Add systemd notification when master is started
     - Many doc improvements
   - Fix some jinja render errors (issue 8418)
   - Fix file.replace state changing file ownership (issue 8399)
   - Fix state ordering with the PyDSL renderer (issue 8446)
   - Fix for new npm version (issue 8517)
   - Fix for pip state requiring name even with requirements file (issue 8519)
   - Add sane maxrunning defaults for scheduler (issue 8563)
   - Fix states duplicate key detection (issue 8053)
   - Fix SUSE patch level reporting (issue 8428)
   - Fix managed file creation umask (issue 8590)
   - Fix logstash exception (issue 8635)
   - Improve argument exception handling for salt command (issue 8016)
   - Fix pecl success reporting (issue 8750)
   - Fix launchctl module exceptions (issue 8759)
   - Fix argument order in pw_user module
   - Add warnings for failing grains (issue 8690)
   - Fix hgfs problems caused by connections left open (issue 8811 and issue
     8810)
   - Fix installation of packages with dots in pkg name (issue 8614)
   - Fix noarch package installation on CentOS 6 (issue 8945)
   - Fix portage_config.enforce_nice_config (issue 8252)
   - Fix salt.util.copyfile umask usage (issue 8590)
   - Fix rescheduling of failed jobs (issue 8941)
   - Fix conflicting options in postgres module (issue 8717)
   - Fix ps modules for psutil >= 0.3.0 (issue 7432)
   - Fix postgres module to return False on failure (issue 8778)
   - Fix argument passing for args with pound signs (issue 8585)
   - Fix pid of salt CLi command showing in status.pid output (issue 8720)
   - Fix rvm to run gem as the correct user (issue 8951)
   - Fix namespace issue in win_file module (issue 9060)
   - Fix masterless state paths on windows (issue 9021)
   - Fix timeout option in master config (issue 9040)
   - Add ability to delete key with grains.delval (issue 7872)
   - Fix possible state compiler stack trace (issue 5767)
   - Fix grains targeting for new grains (issue 5737)
   - Fix bug with merging in git_pillar (issue 6992)
   - Fix print_jobs duplicate results
   - Fix possible KeyError from ext_job_cache missing option
   - Fix auto_order for - names states (issue 7649)
   - Fix regression in new gitfs installs (directory not found error)
   - Fix fileclient in case of master restart (issue 7987)
   - Try to output warning if CLI command malformed (issue 6538)
   - Fix --out=quiet to actually be quiet (issue 8000)
   - Fix for state.sls in salt-ssh (issue 7991)
   - Fix for MySQL grants ordering issue (issue 5817)
   - Fix traceback for certain missing CLI args (issue 8016)
   - Add ability to disable lspci queries on master (issue 4906)
   - Fail if sls defined in topfile does not exist (issue 5998)
   - Add ability to downgrade MySQL grants (issue 6606)
   - Fix ssh_auth.absent traceback (issue 8043)
   - Fix ID-related issues (issue 8052, issue 8050, and others)
   - Fix for jinja rendering issues (issue 8066 and issue 8079)
   - Fix argument parsing in salt-ssh (issue 7928)
   - Fix some GPU detection instances (issue 6945)
   - Fix bug preventing includes from other environments in SLS files
   - Fix for kwargs with dashes (issue 8102)
   - Fix apache.adduser without apachectl (issue 8123)
   - Fix issue with evaluating test kwarg in states (issue 7788)
   - Fix regression in salt.client.Caller() (issue 8078)
   - Fix bug where cmd.script would try to run even if caching failed (issue
     7601)
   - Fix for mine data not being updated (issue 8144)
   - Fix a Xen detection edge case (issue 7839)
   - Fix version generation for when it's part of another git repo (issue
     8090)
   - Fix _handle_iorder stacktrace so that the real syntax error is shown
     (issue 8114 and issue 7905)
   - Fix git.latest state when a commit SHA is used (issue 8163)
   - Fix for specifying identify file in git.latest (issue 8094)
   - Fix for --output-file CLI arg (issue 8205)
   - Add ability to specify shutdown time for system.shutdown (issue 7833)
   - Fix for salt version using non-salt git repo info (issue 8266)
   - Add additional hints at impact of pkgrepo states when test=True (issue
     8247)
   - Fix for salt-ssh files not being owned by root (issue 8216)
   - Fix retry logic and error handling in fileserver (related to issue 7755)
   - Fix file.replace with test=True (issue 8279)
   - Add flag for limiting file traversal in fileserver (issue 6928)
   - Fix for extra mine processes (issue 5729)
   - Fix for unloading custom modules (issue 7691)
   - Fix for salt-ssh opts (issue 8005 and issue 8271)
   - Fix compound matcher for grains (issue 7944)
   - Add dir_mode to file.managed (issue 7860)
   - Improve traceroute support for FreeBSD and OS X (issue 4927)
   - Fix for matching minions under syndics (issue 7671)
   - Improve exception handling for missing ID (issue 8259)
   - Add configuration option for minion_id_caching
   - Fix open mode auth errors (issue 8402)
   - In preparation of salt Helium all requirements of salt-cloud absorbed in
     salt
   - Added salt-doc package with html documentation of salt
   - Updated requirements python-markupsafe required for salt-ssh
   - Don't support sysvinit and systemd for the same system; add conditionnal
     macros to use systemd only on systems which support it and sysvinit
     on other systems
   - Updated to salt 0.17.1 bugfix release (bsc#849205, bsc#849204,
     bsc#849184):
     - Fix symbolic links in thin.tgz (:issue:`7482`)
     - Pass env through to file patch state (:issue:`7452`)
     - Service provider fixes and reporting improvements (:issue:`7361`)
     - Add --priv option for specifying salt-ssh private key
     - Fix salt-thin's salt-call on setuptools installations (:issue:`7516`)
     - Fix salt-ssh to support passwords with spaces (:issue:`7480`)
     - Fix regression in wildcard includes (:issue:`7455`)
     - Fix salt-call outputter regression (:issue:`7456`)
     - Fix custom returner support for startup states (:issue:`7540`)
     - Fix value handling in augeas (:issue:`7605`)
     - Fix regression in apt (:issue:`7624`)
     - Fix minion ID guessing to use socket.getfqdn() first (:issue:`7558`)
     - Add minion ID caching (:issue:`7558`)
     - Fix salt-key race condition (:issue:`7304`)
     - Add --include-all flag to salt-key (:issue:`7399`)
     - Fix custom grains in pillar (part of :issue:`5716`, :issue:`6083`)
     - Fix race condition in salt-key (:issue:`7304`)
     - Fix regression in minion ID guessing, prioritize socket.getfqdn()
       (:issue:`7558`)
     - Cache minion ID on first guess (:issue:`7558`)
     - Allow trailing slash in file.directory state
     - Fix reporting of file_roots in pillar return (:issue:`5449` and
       :issue:`5951`)
     - Remove pillar matching for mine.get (:issue:`7197`)
     - Sanitize args for multiple execution modules
     - Fix yumpkag mod_repo functions to filter hidden args (:issue:`7656`)
     - Fix conflicting IDs in state includes (:issue:`7526`)
     - Fix mysql_grants.absent string formatting issue (:issue:`7827`)
     - Fix postgres.version so it won't return None (:issue:`7695`)
     - Fix for trailing slashes in mount.mounted state
     - Fix rogue AttributErrors in the outputter system (:issue:`7845`)
     - Fix for incorrect ssh key encodings resulting in incorrect key added
       (:issue:`7718`)
     - Fix for pillar/grains naming regression in python renderer
       (:issue:`7693`)
     - Fix args/kwargs handling in the scheduler (:issue:`7422`)
     - Fix logfile handling for file://, tcp:// and udp:// (:issue:`7754`)
     - Fix error handling in config file parsing (:issue:`6714`)
     - Fix RVM using sudo when running as non-root user (:issue:`2193`)
     - Fix client ACL and underlying logging bugs (:issue:`7706`)
     - Fix scheduler bug with returner (:issue:`7367`)
     - Fix user management bug related to default groups (:issue:`7690`)
     - Fix various salt-ssh bugs (:issue:`7528`)
     - Many various documentation fixes
   - Updated init files to be inline with fedora/rhel packaging upstream
   - activated salt-testing for unit testing salt before releasing rpm
   - added python-xml as dependency
   - Major features from Feature Release 0.17.0:
     - halite (web Gui)
     - salt ssh (remote execution/states over ssh) with its own package
     - Rosters (list system targets not know to master)
     - State Auto Order (state evaluation and execute in order of define)
     - state.sls Runner (system orchestration from within states via master)
     - Mercurial Fileserver Backend
     - External Logging Handlers (sentry and logstash support)
     - Jenkins Testing
     - Salt Testing Project (testing libraries for salt)
     - StormPath External Authentication support
     - LXC Support (lxc support for salt-virt)
     - Package dependencies reordering:
        * salt-master requires python-pyzmq, and recommends python-halite
        * salt-minion requires python-pyzmq
        * salt-ssh requires sshpass
        * salt-syndic requires salt-master Minor features:
     - 0.17.0 release wil be last release for 0.XX.X numbering system Next
       release will be <Year>.<Month>.<Minor>
   - Multiple documentation improvements/additions
   - Added the osfinger and osarch grains
   - Fix bug in :mod:`hg.latest <salt.states.hg.latest>` state that would
     erroneously delete directories (:issue:`6661`)
   - Fix bug related to pid not existing for :mod:`ps.top
     <salt.modules.ps.top>` (:issue:`6679`)
   - Fix regression in :mod:`MySQL returner <salt.returners.mysql>`
     (:issue:`6695`)
   - Fix IP addresses grains (ipv4 and ipv6) to include all addresses
     (:issue:`6656`)
   - Fix regression preventing authenticated FTP (:issue:`6733`)
   - Fix :mod:`file.contains <salt.modules.file.contains>` on values YAML
     parses as non-string (:issue:`6817`)
   - Fix :mod:`file.get_gid <salt.modules.file.get_gid>`, :mod:`file.get_uid
     <salt.modules.file.get_uid>`, and :mod:`file.chown
     <salt.modules.file.chown>` for broken symlinks (:issue:`6826`)
   - Fix comment for service reloads in service state (:issue:`6851`)
   - Fixed scheduler config in pillar
   - Fixed default value for file_recv master config option
   - Fixed missing master configuration file parameters
   - Fixed regression in binary package installation on 64-bit systems
   - Fixed stackgrace when commenting a section in top.sls
   - Fixed state declarations not formed as a list message.
   - Fixed infinite loop on minion
   - Fixed stacktrace in watch when state is 'prereq'
   - Feature: function filter_by to grains module
   - Feature: add new "osfinger" grain
   - Newly installed salt-minion doesn't create /var/cache/salt/minion/proc
   - gracefully handle lsb_release data when it is enclosed in quotes
   - fixed pillar load from master config
   - pillar function pillar.item and pillar.items instead of pillar.data
   - fixed traceback when pillar sls is malformed
   - gracefully handle quoted publish commands
   - publich function publish.item and publish.items instead of publish.data
   - salt-key usage in minionswarm script fixed
   - minion random reauth_delay added to stagger re-auth attempts.
   - improved user and group management
   - improved file management
   - improved package management
   - service management custom initscripts support
   - module networking hwaddr renamed to be in line with other modules
   - fixed traceback in bridge.show
   - fixed ssh know_hosts and auth.present output.
   - postgresql module Fixes #6352.
   - returner fixes Fixes issue #5518
   - http authentication issues fixed  #6356
   - warning of deprecation runas in favor of user
   - Updated init files, rc_status instead of rc status.
   - Multi-Master capability
   - Prereq, the new requisite
   - Peer system improvement
   - Relative Includes
   - More state Output Options
   - Improved Windows Support
   - Multi Targets for pkg.removed, pgk.purged States
   - Random Times in cron states
   - Confirmation Prompt on Key acceptance on master
   - Updated init files from upstream, so init files are the same for
     fedora/redhat/centos/debian/suse
   - Removed salt user and daemon.conf file, so package is in line with
     upstream packages fedora/centos/debian.
   - minor permission fix on salt config files to fix external auth
   - From the service release 0.15.2 xinetd service name not appended
     virt-module uses qemu-img publish.publish returns same info as
     salt-master updated gitfs module
   - Fixed salt-master config file not readable by user 'salt'
   - added logrotate on salt log files
   - fixes suse service check
   - From salt 0.15.0 Major update:
     - salt mine function
     - ipv6 support
     - copy files from minions to master
     - better template debugging
     - state event firing
     - major syndic updates
     - peer system updates
     - minion key revokation
     - function return codes
     - functions in overstate
     - Pillar error reporting
     - Cached State Data
     - Monitoring states
   - improved init files overwrite with /etc/default/salt
   - Updated init files:
   - removed probe/reload/force reload this isn't supported
   - some major fixes for the syndic system,
   - fixes to file.recurse and external auth and
   - Updated salt init files with option -d to really daemonize it
   - From updated to 0.14.0 MAJOR FEATURES:
       - Salt - As a Cloud Controller
       - Libvirt State
       - New get Functions
   - Fix #3693 (variable ref'ed before assignment)
   - Fix stack trace introduced with
   - Updated limit to be escaped like before and after.
   - Import install command from setuptools if we use them.
   - Fix user info not displayed correctly when group doesn't map cleanly
   - fix bug: Client.cache_dir()
   - Fix #3717
   - Fix #3716
   - Fix cmdmod.py daemon error
   - Updated test to properly determine homebrew user
   - split syndic from master in separate package


   spacecmd:

   - version 4.1.4-1
   - only report real error, not result (bsc#1171687)
   - use defined return values for spacecmd methods so scripts can check for
     failure (bsc#1171687)

   - version 4.1.3-1
   - disable globbing for api subcommand to allow wildcards in filter
     settings (bsc#1163871)

   - version 4.1.2-1
   - Bugfix: attempt to purge SSM when it is empty (bsc#1155372)

   - version 4.1.1-1
   - Bump version to 4.1.0 (bsc#1154940)
   - Prevent error when piping stdout in Python 2 (bsc#1153090)
   - Java api expects content as encoded string instead of encoded bytes like
     before (bsc#1153277)
   - Enable building and installing for Ubuntu 16.04 and Ubuntu 18.04
   - Fix building and installing on CentOS8/RES8/RHEL8
   - Check that a channel doesn't have clones before deleting it (bsc#1138454)
   - Add unit test for schedule, errata, user, utils, misc, configchannel and
     kickstart modules
   - Multiple minor bugfixes alongside the unit tests
   - Fix missing runtime dependencies that made spacecmd return old versions
     of packages in some cases, even if newer ones were available
     (bsc#1148311)

   - version 4.0.12-1
   - Bugfix: referenced variable before assignment.
   - Add unit test for report, package, org, repo and group
   - Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
   - Add unit tests for custominfo, snippet, scap, ssm, cryptokey and
     distribution
   - version 4.0.11-1
   - SPEC cleanup

   - version 4.0.10-1
   - add unit tests for spacecmd.api, spacecmd.activationkey and
     spacecmd.filepreservation
   - add unit tests for spacecmd.shell
   - Save SSM list on system delete and update cache (bsc#1130077,
     bsc#1125744)
   - add makefile and pylint configuration

   - version 4.0.9-1
   - Add Pylint setup
   - Replace iteritems with items for python2/3 compat (bsc#1129243)

   - version 4.0.8-1
   - fix python 3 bytes issue when handling config channels

   - version 4.0.7-1
   - Add '--force', '-f' option to regenerateYumCache (bsc#1127389)

   - version 4.0.6-1
   - Prevent spacecmd crashing when piping the output in Python 3
     (bsc#1125610)

   - version 4.0.5-1
   - Fix compatibility with Python 3

   - version 4.0.4-1
   - Fix importing state channels using configchannel_import
   - Fix getting file info for latest revision (via configchannel_filedetails)

   - version 4.0.3-1
   - Add function to merge errata and packages through spacecmd (bsc#987798)
   - show group id on group_details (bsc#1111542)
   - State channels handling: Existing commands configchannel_create and
     configchannel_import were updated while
     system_scheduleapplyconfigchannels and configchannel_updateinitsls were
     added.

   - version 4.0.2-1
   - add summary to softwarechannel.clone when calling older API versions
     (bsc#1109023)
   - New function/Update old functions to handle state channels as well

   - version 4.0.1-1
   - Bump version to 4.0.0 (bsc#1104034)
   - Fix copyright for the package specfile (bsc#1103696)
   - Suggest not to use password option for spacecmd (bsc#1103090)

   - version 2.8.25.4-1
   - add option to set cleanup type for system_delete (bsc#1094190)

   - version 2.8.25.3-1
   - Sync with upstream (bsc#1083294)

   - version 2.8.25.2-1
   - Sync with upstream (bsc#1083294)
   - 1539878 - add save_cache to do_ssm_intersect
   - Fix softwarechannel_listsyncschedule

   - version 2.8.21.2-1
   - Disable pylint for python2 and RES < 8 (bsc#1088070)

   - version 2.8.21.1-1
   - Sync with upstream (bsc#1083294)
   - Connect to API using FQDN instead of hostname to avoid SSL validation
     problems (bsc#1085667)

   - version 2.8.20.1-1
   - 1536484 - Command spacecmd supports utf8 name of systems
   - 1484056 - updatefile and addfile are basically same calls
   - 1484056 - make configchannel_addfile fully non-interactive
   - 1445725 - display all checksum types, not just MD5
   - remove clean section from spec (bsc#1083294)
   - Added function to update software channel. Moreover, some refactoring
     has been done (bsc#1076578)

   - version 2.8.17.2-1
   - add more python3 compatibility changes

   - version 2.8.17.1-1
   - Compatibility with Python 3
   - Fix typo (bsc#1081151)
   - Configure gpg_flag via spacecmd creating a channel (bsc#1080290)

   - version 2.8.15.3-1
   - Allow scheduling the change of software channels as an action. The
     previous channels remain accessible to the registered system until the
     action is executed. to the registered system until the action is
     executed.

   - version 2.8.15.2-1
   - support multiple FQDNs per system (bsc#1063419)

   - version 2.8.13.2-1
   - Fix bsc number for change 'configchannel export binary flag to json'

   - version 2.8.13.1-1
   - add --config option to spacecmd
   - Added custom JSON encoder in order to parse date fields correctly
     (bsc#1070372)

   - version 2.8.10.1-1
   - pylint - fix intendation

   - version 2.8.9.1-1
   - fix build with python 3
   - show list of arches for channel
   - allow softwarechannel_setsyncschedule to disable schedule
   - add softwarechannel_setsyncschedule --latest
   - in case of system named by id, let id take precedence
   - Make spacecmd prompt for password when overriding config file user
   - show less output of common packages in selected channels
   - adding softwarechannel_listmanageablechannels

   - version 2.7.8.7-1
   - Switched logging from warning to debug

   - version 2.7.8.6-1
   - configchannel export binary flag to json (bsc#1044719)

   - version 2.7.8.5-1
   - spacecmd report_outofdatesystems: avoid one XMLRPC call per system
     (bsc#1015882)

   - version 2.7.8.4-1
   - Remove debug logging from softwarechannel_sync function

   - version 2.7.8.3-1
   - Remove get_certificateexpiration support in spacecmd (bsc#1013876)

   - version 2.7.8.2-1
   - Adding softwarechannel_listmanageablechannels

   - version 2.7.8.1-1
   - fix syntax error

   - version 2.7.7.1-1
   - make sure to know if we get into default function and exit accordingly

   - version 2.7.6.1-1
   - exit with 1 with incorrect command, wrong server, etc.
   - Updated links to github in spec files
   - print also systemdid with system name
   - improve output on error for listrepo (bsc#1027426)
   - print profile_name instead of string we're searching for
   - Fix: reword spacecmd removal msg (bsc#1024406)
   - Fix interactive mode
   - Add a type parameter to repo_create

   - version 2.7.3.2-1
   - Removed obsolete code (bsc#1013938)

   - version 2.7.3.1-1
   - Version 2.7.3-1

   - version 2.5.5.3-1
   - Make exception class more generic and code fixup (bsc#1003449)
   - Handle exceptions raised by listChannels (bsc#1003449)
   - Alert if a non-unique package ID is detected

   - version 2.5.5.2-1
   - make spacecmd createRepo compatible with SUSE Manager 2.1 API
     (bsc#977264)

   - version 2.5.5.1-1
   - mimetype detection to set the binary flag requires 'file' tool
   - Text description missing for remote command by Spacecmd

   - version 2.5.2.1-1
   - spacecmd: repo_details show 'None' if repository doesn't have SSL
     Certtificate
   - spacecmd: Added functions to add/edit SSL certificates for repositories

   - version 2.5.1.2-1
   - build spacecmd noarch only on new systems

   - version 2.5.1.1-1
   - mimetype detection to set the binary flag requires 'file' tool
   - fix export/cloning: always base64
   - Always base64 encode to avoid trim() bugs in the XML-RPC library.

   - set binary mode on uploaded files based on content (bsc#948245)

   - version 2.5.0.1-1
   - drop monitoring
   - replace upstream subscription counting with new subscription matching
     (FATE#311619)

   - version 2.1.25.10-1
   - Revert "1207606 - do not return one package multiple times" (bsc#945380)
   - check for existence of device description in spacecmd
     system_listhardware (bsc#932288)

   - version 2.1.25.9-1
   - do not escape spacecmd command arguments
   - do not return one package multiple times
   - add system_setcontactmethod (FATE#314858)
   - add activationkey_setcontactmethod (FATE#314858)
   - show contact method with activationkey_details and system_details
   - clone config files without loosing trailing new lines (bsc#926318)

   - version 2.1.25.8-1
   - sanitize data from export

   - version 2.1.25.7-1
   - fix configchannel export - do not create 'contents' key for directories
     (bsc#908849)
   - fix patch summary printing
   - code cleanup
   - add new function kickstart_getsoftwaredetails
   - Added feature to get installed packageversion of a system or systems
     managed by ssm to spacecmd

   - version 2.1.25.6-1
   - call listAutoinstallableChannels() for listing distributions (bsc#887879)
   - Fix spacecmd schedule listing (bsc#902494)
   - Teach spacecmd report_errata to process all-errata in the absence of
     further args

   - fix call of setCustomOptions() during kickstart_importjson (bsc#879904)

   - version 2.1.25.5-1
   - spacecmd: fix listupgrades [bsc#892707]

   - version 2.1.25.4-1
   - make print_result a static method of SpacewalkShell (bsc#889605)

   - version 2.1.25.3-1
   - Added option to force deployment of a config channel to all subscribed
     systems
   - Added last boot message in system_details command
   - Updated kickstart_import documentation
   - Added kickstart_import_raw command

   - version 2.1.25.2-1
   - set output encoding when stdout is not a tty

   - version 2.1.25.1-1
   - make file_needs_b64_enc work for both str and unicode inputs

   - version 2.1.24.1-1
   - Updating the copyright years info

   - version 2.1.22.1-1
   - fix spacecmd, so it does not expect package id within the
     system.listPackages API call
   - fix binary file detection
   - added function package_listdependencies

   - version 2.1.20.1-1
   - don't attempt to write out 'None'
   - fix system listing when identified by system id

   - version 2.1.18.1-1
   - switch to 2.1

   - version 1.7.7.11-1
   - fixing spacecmd ssm 'list' has no attribute 'keys' error

   - version 1.7.7.10-1
   - spacecmd errors out when trying to add script to kickstart
   - Make spacecmd able to specify config channel label

   - version 1.7.7.9-1
   - fix directory export in configchannel_export
   - use 755 as default permissions for directories in configfile_getinfo
   - fix directory creation in configchannel_addfile
   - print the list of systems in system_runscript
   - print the list of systems in system_reboot
   - return a unique set from expand_systems
   - print a clearer error message when duplicate system names are found
   - standardize the behavior for when a system ID is not returned
   - add a delay before regenerating the system cache after a delete
   - handle binary files correctly in configfile_getinfo
   - print the name in the confirmation message of snippet_create
   - don't reuse variable names in parse_arguments
   - print the function's help message when -h in the argument list
   - print file path in package_details
   - fixing broken export of configchannels with symlinks

   - version 1.7.7.8-1
   - prevent outputting escape sequences to non-terminals
   - Fixed small typo in spacecmd/src/lib/kickstart.py
   - do not quote argument of the help command (bsc#776615)

   - version 1.7.7.7-1
   - Fix kickstart_export with old API versions

   - command line parameter for "distribution path" was documented wrong in
     help text (bsc#769106)

   - "suse" was missing in the helptext of the CLI for distributions
     (bsc#769108)

   - version 1.7.7.6-1
   - enhancement add configchannel_sync
   - enhancement add softwarechannel_sync

   - version 1.7.7.5-1
   - fixing chroot option for addscript

   - version 1.7.7.4-1
   - kickstart_getcontents fix character encoding error
   - activationkey_import don't add empty package/group lists
   - fix activationkey_import when no base-channel specified
   - Fix reference to non-existent variable
   - improve configchannel_export operation on old API versions
   - *diff functions allow python 2.4 compatibility
   - changed get_string_diff_dicts to better fitting replacement method
   - remove reference to stage function
   - add do_SPACEWALKCOMPONENT_diff functions
   - system_comparewithchannel filter system packagelist
   - argument validation needed for configchannel_addfile
   - configchannel_addfile don't display b64 file contents

   - version 1.7.7.3-1
   - enhancement add system_addconfigfile
   - Fix usage for configchannel_addfile
   - enhancement Add system_listconfigfiles
   - add option to allow templating for spacecmd kickstarting

   - version 1.7.7.2-1
   - softwarechannel_clone avoid ISE on duplicate name
   - softwarechannel_adderrata mergeErrata should be cloneErrataAsOriginal
   - Add globbing support to distribution_details
   - Add globbing support to distribution_delete
   - Cleanup some typos in comments
   - custominfo_details add support for globbing key names
   - custominfo_deletekey add support for globbing key names
   - Add cryptokey_details globbing support
   - cryptokey_delete add support for globbing
   - Workaround missing date key in recent spacewalk listErrata
   - Add validation to softwarechannel_adderrata channel args
   - softwarechannel_adderrata add --skip mode
   - Add --quick mode to softwarechannel_adderrata
   - Allow config-channel export of b64 encoded files
   - Update the spacecmd copyright years

   - version 1.7.7.1-1
   - Bumping package version

   - debranding

   - backport upstrem fixes

   - Initial release of spacecmd


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA:

      zypper in -t patch suse-ubu204ct-suse-manager-client-tools-ubuntu2004-202006-14402=1



Package List:

   - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA (amd64):

      libnorm1-1.5.8+dfsg2-2build1
      libpgm-5.2-0-5.2.122~dfsg-3ubuntu1
      libzmq5-4.3.2-2ubuntu1
      prometheus-apache-exporter-0.7.0+ds-1
      prometheus-node-exporter-0.18.1+ds-2
      prometheus-postgres-exporter-0.8.0+ds-1
      python3-zmq-18.1.1-3

   - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA (all):

      salt-common-3000+ds-1+2.5.1
      salt-minion-3000+ds-1+2.5.1
      spacecmd-4.1.4-2.3.1


References:

   https://www.suse.com/security/cve/CVE-2016-1866.html
   https://www.suse.com/security/cve/CVE-2016-9639.html
   https://www.suse.com/security/cve/CVE-2017-12791.html
   https://www.suse.com/security/cve/CVE-2017-14695.html
   https://www.suse.com/security/cve/CVE-2017-14696.html
   https://www.suse.com/security/cve/CVE-2018-15750.html
   https://www.suse.com/security/cve/CVE-2018-15751.html
   https://www.suse.com/security/cve/CVE-2019-17361.html
   https://www.suse.com/security/cve/CVE-2019-18897.html
   https://www.suse.com/security/cve/CVE-2020-11651.html
   https://www.suse.com/security/cve/CVE-2020-11652.html
   https://bugzilla.suse.com/1002529
   https://bugzilla.suse.com/1003449
   https://bugzilla.suse.com/1004047
   https://bugzilla.suse.com/1004260
   https://bugzilla.suse.com/1004723
   https://bugzilla.suse.com/1008933
   https://bugzilla.suse.com/1011304
   https://bugzilla.suse.com/1011800
   https://bugzilla.suse.com/1012398
   https://bugzilla.suse.com/1012999
   https://bugzilla.suse.com/1013876
   https://bugzilla.suse.com/1013938
   https://bugzilla.suse.com/1015882
   https://bugzilla.suse.com/1017078
   https://bugzilla.suse.com/1019386
   https://bugzilla.suse.com/1020831
   https://bugzilla.suse.com/1022562
   https://bugzilla.suse.com/1022841
   https://bugzilla.suse.com/1023535
   https://bugzilla.suse.com/1024406
   https://bugzilla.suse.com/1025896
   https://bugzilla.suse.com/1027044
   https://bugzilla.suse.com/1027240
   https://bugzilla.suse.com/1027426
   https://bugzilla.suse.com/1027722
   https://bugzilla.suse.com/1030009
   https://bugzilla.suse.com/1030073
   https://bugzilla.suse.com/1032213
   https://bugzilla.suse.com/1032452
   https://bugzilla.suse.com/1032931
   https://bugzilla.suse.com/1035914
   https://bugzilla.suse.com/1036125
   https://bugzilla.suse.com/1038855
   https://bugzilla.suse.com/1039370
   https://bugzilla.suse.com/1040886
   https://bugzilla.suse.com/1041993
   https://bugzilla.suse.com/1042749
   https://bugzilla.suse.com/1043111
   https://bugzilla.suse.com/1044719
   https://bugzilla.suse.com/1050003
   https://bugzilla.suse.com/1051948
   https://bugzilla.suse.com/1052264
   https://bugzilla.suse.com/1053376
   https://bugzilla.suse.com/1053955
   https://bugzilla.suse.com/1057635
   https://bugzilla.suse.com/1059291
   https://bugzilla.suse.com/1059758
   https://bugzilla.suse.com/1060230
   https://bugzilla.suse.com/1061407
   https://bugzilla.suse.com/1062462
   https://bugzilla.suse.com/1062464
   https://bugzilla.suse.com/1063419
   https://bugzilla.suse.com/1064520
   https://bugzilla.suse.com/1065792
   https://bugzilla.suse.com/1068446
   https://bugzilla.suse.com/1068566
   https://bugzilla.suse.com/1070372
   https://bugzilla.suse.com/1071322
   https://bugzilla.suse.com/1072599
   https://bugzilla.suse.com/1075950
   https://bugzilla.suse.com/1076578
   https://bugzilla.suse.com/1079048
   https://bugzilla.suse.com/1080290
   https://bugzilla.suse.com/1081151
   https://bugzilla.suse.com/1081592
   https://bugzilla.suse.com/1083294
   https://bugzilla.suse.com/1085667
   https://bugzilla.suse.com/1087055
   https://bugzilla.suse.com/1087278
   https://bugzilla.suse.com/1087581
   https://bugzilla.suse.com/1087891
   https://bugzilla.suse.com/1088070
   https://bugzilla.suse.com/1088888
   https://bugzilla.suse.com/1089112
   https://bugzilla.suse.com/1089362
   https://bugzilla.suse.com/1089526
   https://bugzilla.suse.com/1091371
   https://bugzilla.suse.com/1092161
   https://bugzilla.suse.com/1092373
   https://bugzilla.suse.com/1094055
   https://bugzilla.suse.com/1094190
   https://bugzilla.suse.com/1095507
   https://bugzilla.suse.com/1095651
   https://bugzilla.suse.com/1095942
   https://bugzilla.suse.com/1096514
   https://bugzilla.suse.com/1097174
   https://bugzilla.suse.com/1097413
   https://bugzilla.suse.com/1098394
   https://bugzilla.suse.com/1099323
   https://bugzilla.suse.com/1099460
   https://bugzilla.suse.com/1099887
   https://bugzilla.suse.com/1099945
   https://bugzilla.suse.com/1100142
   https://bugzilla.suse.com/1100225
   https://bugzilla.suse.com/1100697
   https://bugzilla.suse.com/1101780
   https://bugzilla.suse.com/1101812
   https://bugzilla.suse.com/1101880
   https://bugzilla.suse.com/1102013
   https://bugzilla.suse.com/1102218
   https://bugzilla.suse.com/1102265
   https://bugzilla.suse.com/1102819
   https://bugzilla.suse.com/1103090
   https://bugzilla.suse.com/1103530
   https://bugzilla.suse.com/1103696
   https://bugzilla.suse.com/1104034
   https://bugzilla.suse.com/1104154
   https://bugzilla.suse.com/1104491
   https://bugzilla.suse.com/1106164
   https://bugzilla.suse.com/1107333
   https://bugzilla.suse.com/1108557
   https://bugzilla.suse.com/1108834
   https://bugzilla.suse.com/1108969
   https://bugzilla.suse.com/1108995
   https://bugzilla.suse.com/1109023
   https://bugzilla.suse.com/1109893
   https://bugzilla.suse.com/1110938
   https://bugzilla.suse.com/1111542
   https://bugzilla.suse.com/1112874
   https://bugzilla.suse.com/1113698
   https://bugzilla.suse.com/1113699
   https://bugzilla.suse.com/1113784
   https://bugzilla.suse.com/1114029
   https://bugzilla.suse.com/1114197
   https://bugzilla.suse.com/1114474
   https://bugzilla.suse.com/1114824
   https://bugzilla.suse.com/1116343
   https://bugzilla.suse.com/1116837
   https://bugzilla.suse.com/1117995
   https://bugzilla.suse.com/1121091
   https://bugzilla.suse.com/1121439
   https://bugzilla.suse.com/1122663
   https://bugzilla.suse.com/1122680
   https://bugzilla.suse.com/1123044
   https://bugzilla.suse.com/1123512
   https://bugzilla.suse.com/1123865
   https://bugzilla.suse.com/1124277
   https://bugzilla.suse.com/1125015
   https://bugzilla.suse.com/1125610
   https://bugzilla.suse.com/1125744
   https://bugzilla.suse.com/1127389
   https://bugzilla.suse.com/1128061
   https://bugzilla.suse.com/1128554
   https://bugzilla.suse.com/1129079
   https://bugzilla.suse.com/1129243
   https://bugzilla.suse.com/1130077
   https://bugzilla.suse.com/1130588
   https://bugzilla.suse.com/1130784
   https://bugzilla.suse.com/1131114
   https://bugzilla.suse.com/1132076
   https://bugzilla.suse.com/1133523
   https://bugzilla.suse.com/1133647
   https://bugzilla.suse.com/1134860
   https://bugzilla.suse.com/1135360
   https://bugzilla.suse.com/1135507
   https://bugzilla.suse.com/1135567
   https://bugzilla.suse.com/1135732
   https://bugzilla.suse.com/1135881
   https://bugzilla.suse.com/1137642
   https://bugzilla.suse.com/1138454
   https://bugzilla.suse.com/1139761
   https://bugzilla.suse.com/1140193
   https://bugzilla.suse.com/1140912
   https://bugzilla.suse.com/1143301
   https://bugzilla.suse.com/1146192
   https://bugzilla.suse.com/1146382
   https://bugzilla.suse.com/1148311
   https://bugzilla.suse.com/1148714
   https://bugzilla.suse.com/1150447
   https://bugzilla.suse.com/1151650
   https://bugzilla.suse.com/1151947
   https://bugzilla.suse.com/1152366
   https://bugzilla.suse.com/1153090
   https://bugzilla.suse.com/1153277
   https://bugzilla.suse.com/1153611
   https://bugzilla.suse.com/1154620
   https://bugzilla.suse.com/1154940
   https://bugzilla.suse.com/1155372
   https://bugzilla.suse.com/1157465
   https://bugzilla.suse.com/1157479
   https://bugzilla.suse.com/1158441
   https://bugzilla.suse.com/1159284
   https://bugzilla.suse.com/1162327
   https://bugzilla.suse.com/1162504
   https://bugzilla.suse.com/1163871
   https://bugzilla.suse.com/1163981
   https://bugzilla.suse.com/1165425
   https://bugzilla.suse.com/1165572
   https://bugzilla.suse.com/1167437
   https://bugzilla.suse.com/1167556
   https://bugzilla.suse.com/1168340
   https://bugzilla.suse.com/1169604
   https://bugzilla.suse.com/1169800
   https://bugzilla.suse.com/1170104
   https://bugzilla.suse.com/1170288
   https://bugzilla.suse.com/1170595
   https://bugzilla.suse.com/1171687
   https://bugzilla.suse.com/1171906
   https://bugzilla.suse.com/1172075
   https://bugzilla.suse.com/1173072
   https://bugzilla.suse.com/769106
   https://bugzilla.suse.com/769108
   https://bugzilla.suse.com/776615
   https://bugzilla.suse.com/849184
   https://bugzilla.suse.com/849204
   https://bugzilla.suse.com/849205
   https://bugzilla.suse.com/879904
   https://bugzilla.suse.com/887879
   https://bugzilla.suse.com/889605
   https://bugzilla.suse.com/892707
   https://bugzilla.suse.com/902494
   https://bugzilla.suse.com/908849
   https://bugzilla.suse.com/926318
   https://bugzilla.suse.com/932288
   https://bugzilla.suse.com/945380
   https://bugzilla.suse.com/948245
   https://bugzilla.suse.com/955373
   https://bugzilla.suse.com/958350
   https://bugzilla.suse.com/959572
   https://bugzilla.suse.com/963322
   https://bugzilla.suse.com/965403
   https://bugzilla.suse.com/967803
   https://bugzilla.suse.com/969320
   https://bugzilla.suse.com/970669
   https://bugzilla.suse.com/971372
   https://bugzilla.suse.com/972311
   https://bugzilla.suse.com/972490
   https://bugzilla.suse.com/975093
   https://bugzilla.suse.com/975303
   https://bugzilla.suse.com/975306
   https://bugzilla.suse.com/975733
   https://bugzilla.suse.com/975757
   https://bugzilla.suse.com/976148
   https://bugzilla.suse.com/977264
   https://bugzilla.suse.com/978150
   https://bugzilla.suse.com/978833
   https://bugzilla.suse.com/979448
   https://bugzilla.suse.com/979676
   https://bugzilla.suse.com/980313
   https://bugzilla.suse.com/983017
   https://bugzilla.suse.com/983512
   https://bugzilla.suse.com/985112
   https://bugzilla.suse.com/985661
   https://bugzilla.suse.com/986019
   https://bugzilla.suse.com/987798
   https://bugzilla.suse.com/988506
   https://bugzilla.suse.com/989193
   https://bugzilla.suse.com/989798
   https://bugzilla.suse.com/990029
   https://bugzilla.suse.com/990439
   https://bugzilla.suse.com/990440
   https://bugzilla.suse.com/991048
   https://bugzilla.suse.com/993039
   https://bugzilla.suse.com/993549
   https://bugzilla.suse.com/996455
   https://bugzilla.suse.com/999852



More information about the sle-security-updates mailing list