SUSE-RU-2017:0169-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2017:0169-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-RU-2017:0169-1

Related

CVE-2016-9639

Published

2017-01-17T09:06:28Z

Modified

2017-01-17T09:06:28Z

Summary

Recommended update for Salt

Details

This update for Salt fixes one security issue and several non-security issues.

The following security issue has been fixed:

Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)

The following non-security issues have been fixed:

Update to 2015.8.12
Add pre-require to salt for minions.
Do not restart salt-minion in salt package.
Add try-restart to sys-v init scripts.
Add 'Restart=on-failure' for salt-minion systemd service.
Various fixes for signal handling.
Successfully exit of salt-api child processes when SIGTERM is received.
Re-introduce 'KillMode=process' for salt-minion systemd service.
Fix changing default-timezone. (bsc#1008933)

References

Affected packages

SUSE:Manager Tools 12 / salt

Package

Name: salt
Purl: purl:rpm/suse/salt&distro=SUSE%20Manager%20Tools%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2015.8.12-27.5

Ecosystem specific

{
    "binaries": [
        {
            "salt-doc": "2015.8.12-27.5",
            "salt-minion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5"
        }
    ]
}

SUSE:Linux Enterprise Point of Sale 12 SP2 / salt

Package

Name: salt
Purl: purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2015.8.12-27.5

Ecosystem specific

{
    "binaries": [
        {
            "salt-minion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5"
        }
    ]
}

SUSE:Manager Proxy 3.0 / salt

Package

Name: salt
Purl: purl:rpm/suse/salt&distro=SUSE%20Manager%20Proxy%203.0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2015.8.12-27.5

Ecosystem specific

{
    "binaries": [
        {
            "salt-zsh-completion": "2015.8.12-27.5",
            "salt-bash-completion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5",
            "salt-ssh": "2015.8.12-27.5",
            "salt-master": "2015.8.12-27.5",
            "salt-doc": "2015.8.12-27.5",
            "salt-api": "2015.8.12-27.5",
            "salt-minion": "2015.8.12-27.5",
            "salt-syndic": "2015.8.12-27.5",
            "salt-proxy": "2015.8.12-27.5"
        }
    ]
}

SUSE:Manager Server 3.0 / salt

Package

Name: salt
Purl: purl:rpm/suse/salt&distro=SUSE%20Manager%20Server%203.0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2015.8.12-27.5

Ecosystem specific

{
    "binaries": [
        {
            "salt-zsh-completion": "2015.8.12-27.5",
            "salt-bash-completion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5",
            "salt-ssh": "2015.8.12-27.5",
            "salt-master": "2015.8.12-27.5",
            "salt-doc": "2015.8.12-27.5",
            "salt-api": "2015.8.12-27.5",
            "salt-minion": "2015.8.12-27.5",
            "salt-syndic": "2015.8.12-27.5",
            "salt-proxy": "2015.8.12-27.5"
        }
    ]
}

SUSE:Enterprise Storage 3 / salt

Package

Name: salt
Purl: purl:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%203

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2015.8.12-27.5

Ecosystem specific

{
    "binaries": [
        {
            "salt-master": "2015.8.12-27.5",
            "salt-minion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5"
        }
    ]
}