SUSE-RU-2017:0171-1: moderate: Recommended update for salt

sle-updates at lists.suse.com sle-updates at lists.suse.com
Tue Jan 17 05:10:06 MST 2017


   SUSE Recommended Update: Recommended update for salt
______________________________________________________________________________

Announcement ID:    SUSE-RU-2017:0171-1
Rating:             moderate
References:         #1003449 #1004047 #1004260 #1004723 #1008933 
                    #1012398 #986019 #999852 
Affected Products:
                    SUSE Enterprise Storage 4
______________________________________________________________________________

   An update that solves one vulnerability and has 7 fixes is
   now available.

Description:


   This update for Salt fixes one security issue and several non-security
   issues.

   The following security issue has been fixed:

   - Fix possible information leak due to revoked keys still being used.
     (bsc#1012398, CVE-2016-9639)

   The following non-security issues have been fixed:

   - Update to 2015.8.12
   - Add pre-require to salt for minions.
   - Do not restart salt-minion in salt package.
   - Add try-restart to sys-v init scripts.
   - Add "Restart=on-failure" for salt-minion systemd service.
   - Re-introduce "KillMode=process" for salt-minion systemd service.
   - Successfully exit of salt-api child processes when SIGTERM is received.
   - Fix exit codes of sysv init script. (bsc#999852)
   - Include resolution parameters in the Zypper debug-solver call during a
     dry-run dist-upgrade.
   - Fix Salt API crash via salt-ssh on empty roster. (bsc#1004723)
   - Add 'dist-upgrade' support to zypper module. (fate#320559)
   - Fix position of -X option to setfacl. (bsc#1004260)
   - Fix generated shebang in scripts on SLES-ES 7. (bsc#1004047)
   - Fix changing default-timezone. (bsc#1008933)


Patch Instructions:

   To install this SUSE Recommended Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Enterprise Storage 4:

      zypper in -t patch SUSE-Storage-4-2017-77=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Enterprise Storage 4 (aarch64 x86_64):

      salt-2015.8.12-27.5
      salt-master-2015.8.12-27.5
      salt-minion-2015.8.12-27.5


References:

   https://www.suse.com/security/cve/CVE-2016-9639.html
   https://bugzilla.suse.com/1003449
   https://bugzilla.suse.com/1004047
   https://bugzilla.suse.com/1004260
   https://bugzilla.suse.com/1004723
   https://bugzilla.suse.com/1008933
   https://bugzilla.suse.com/1012398
   https://bugzilla.suse.com/986019
   https://bugzilla.suse.com/999852



More information about the sle-updates mailing list