SUSE-SU-2021:0915-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20210915-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0915-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:0915-1
Related
Published
2021-03-19T16:16:02Z
Modified
2021-03-19T16:16:02Z
Summary
Security Beta update for Salt
Details

This update fixes the following issues:

salt:

  • Only require python-certifi for CentOS7
  • Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110)
  • Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976)
  • Fix recursion false detection in payload (bsc#1180101)
  • Add sleep on exception handling on minion connection attempt to the master (bsc#1174855)
  • Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347)
  • Always require python-certifi (used by salt.ext.tornado)
  • Exclude SLE 12 from requiring python-certifi
  • Do not crash when unexpected cmd output at listing patches (bsc#1181290)
  • Fix behavior for 'onlyif/unless' when multiple conditions (bsc#1180818)
  • Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
  • Allow extra_filerefs as sanitized kwargs for SSH client
  • Fix errors with virt.update
  • Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
  • Virt: search for grub.xen path
  • Xen spicevmc, DNS SRV records backports: Fix virtual network generated DNS XML for SRV records Don't add spicevmc channel to xen VMs
  • Virt UEFI fix: virt.update when efi=True
  • Master can read grains (bsc#1179696)
References

Affected packages