SUSE-RU-2017:0169-1: moderate: Recommended update for Salt
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Tue Jan 17 05:08:50 MST 2017
SUSE Recommended Update: Recommended update for Salt
______________________________________________________________________________
Announcement ID: SUSE-RU-2017:0169-1
Rating: moderate
References: #1008933 #1012398 #1016475
Affected Products:
SUSE Manager Tools 12
SUSE Manager Server 3.0
SUSE Manager Proxy 3.0
SUSE Linux Enterprise Point of Sale 12-SP2
SUSE Enterprise Storage 3
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for Salt fixes one security issue and several non-security
issues.
The following security issue has been fixed:
- Fix possible information leak due to revoked keys still being used.
(bsc#1012398, CVE-2016-9639)
The following non-security issues have been fixed:
- Update to 2015.8.12
- Add pre-require to salt for minions.
- Do not restart salt-minion in salt package.
- Add try-restart to sys-v init scripts.
- Add "Restart=on-failure" for salt-minion systemd service.
- Various fixes for signal handling.
- Successfully exit of salt-api child processes when SIGTERM is received.
- Re-introduce "KillMode=process" for salt-minion systemd service.
- Fix changing default-timezone. (bsc#1008933)
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager Tools 12:
zypper in -t patch SUSE-SLE-Manager-Tools-12-2017-77=1
- SUSE Manager Server 3.0:
zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-77=1
- SUSE Manager Proxy 3.0:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2017-77=1
- SUSE Linux Enterprise Point of Sale 12-SP2:
zypper in -t patch SUSE-SLE-POS-12-SP2-2017-77=1
- SUSE Enterprise Storage 3:
zypper in -t patch SUSE-Storage-3-2017-77=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64):
salt-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-minion-2015.8.12-27.5
- SUSE Manager Server 3.0 (noarch):
salt-bash-completion-2015.8.12-27.5
salt-zsh-completion-2015.8.12-27.5
- SUSE Manager Server 3.0 (x86_64):
salt-2015.8.12-27.5
salt-api-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
salt-proxy-2015.8.12-27.5
salt-ssh-2015.8.12-27.5
salt-syndic-2015.8.12-27.5
- SUSE Manager Proxy 3.0 (noarch):
salt-bash-completion-2015.8.12-27.5
salt-zsh-completion-2015.8.12-27.5
- SUSE Manager Proxy 3.0 (x86_64):
salt-2015.8.12-27.5
salt-api-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
salt-proxy-2015.8.12-27.5
salt-ssh-2015.8.12-27.5
salt-syndic-2015.8.12-27.5
- SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64):
salt-2015.8.12-27.5
salt-minion-2015.8.12-27.5
- SUSE Enterprise Storage 3 (aarch64 x86_64):
salt-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
References:
https://www.suse.com/security/cve/CVE-2016-9639.html
https://bugzilla.suse.com/1008933
https://bugzilla.suse.com/1012398
https://bugzilla.suse.com/1016475
More information about the sle-updates
mailing list