SUSE-RU-2017:0171-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2017/suse-ru-20170171-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2017:0171-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-RU-2017:0171-1
Related
Published
2017-01-17T09:06:09Z
Modified
2017-01-17T09:06:09Z
Summary
Recommended update for salt
Details

This update for Salt fixes one security issue and several non-security issues.

The following security issue has been fixed:

  • Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)

The following non-security issues have been fixed:

  • Update to 2015.8.12
  • Add pre-require to salt for minions.
  • Do not restart salt-minion in salt package.
  • Add try-restart to sys-v init scripts.
  • Add 'Restart=on-failure' for salt-minion systemd service.
  • Re-introduce 'KillMode=process' for salt-minion systemd service.
  • Successfully exit of salt-api child processes when SIGTERM is received.
  • Fix exit codes of sysv init script. (bsc#999852)
  • Include resolution parameters in the Zypper debug-solver call during a dry-run dist-upgrade.
  • Fix Salt API crash via salt-ssh on empty roster. (bsc#1004723)
  • Add 'dist-upgrade' support to zypper module. (fate#320559)
  • Fix position of -X option to setfacl. (bsc#1004260)
  • Fix generated shebang in scripts on SLES-ES 7. (bsc#1004047)
  • Fix changing default-timezone. (bsc#1008933)
References

Affected packages

SUSE:Enterprise Storage 4 / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%204

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2015.8.12-27.5

Ecosystem specific 

{
    "binaries": [
        {
            "salt-master": "2015.8.12-27.5",
            "salt-minion": "2015.8.12-27.5",
            "salt": "2015.8.12-27.5"
        }
    ]
}