SUSE-SU-2021:0914-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20210914-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0914-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:0914-1
Related
Published
2021-03-19T16:15:51Z
Modified
2021-03-19T16:15:51Z
Summary
Security Beta update for Salt
Details

This update fixes the following issues:

salt:

  • virt.network_update: handle missing ipv4 netmask attribute
  • Do not monkey patch yaml loaders: Prevent breaking Ansible filter modules (bsc#1177474)
  • Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110)
  • Allow extra_filerefs as sanitized kwargs for SSH client
  • Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
  • Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
  • Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976)
  • Add sleep on exception handling on minion connection attempt to the master (bsc#1174855)
  • Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347)
  • Always require python-certifi (used by salt.ext.tornado)
  • Bring missing part of async batch implementation back (bsc#1182382) (CVE-2021-25315)
  • Master can read grains (bsc#1179696)
References

Affected packages