- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LSU
openSUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:1833-1
Rating: critical
References: #1159670 #1175987 #1176024 #1176294 #1176397
#1177867 #1178319 #1178361 #1178362
Cross-References: CVE-2020-16846 CVE-2020-17490 CVE-2020-25592
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that solves three vulnerabilities and has 6 fixes
is now available.
Description:
This update for salt fixes the following issues:
– Properly validate eauth credentials and tokens on SSH calls made by Salt
API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592,
CVE-2020-17490, CVE-2020-16846)
– Fix disk.blkid to avoid unexpected keyword argument ‘__pub_user’.
(bsc#1177867)
– Ensure virt.update stop_on_reboot is updated with its default value.
– Do not break package building for systemd OSes.
– Drop wrong mock from chroot unit test.
– Support systemd versions with dot. (bsc#1176294)
– Fix for grains.test_core unit test.
– Fix file/directory user and group ownership containing UTF-8 characters.
(bsc#1176024)
– Several changes to virtualization:
* Fix virt update when cpu and memory are changed.
* Memory Tuning GSoC.
* Properly fix memory setting regression in virt.update.
* Expose libvirt on_reboot in virt states.
– Support transactional systems (MicroOS).
– zypperpkg module ignores retcode 104 for search(). (bsc#1159670)
– Xen disk fixes. No longer generates volumes for Xen disks, but the
corresponding file or block disk. (bsc#1175987)
– Invalidate file list cache when cache file modified time is in the
future. (bsc#1176397)
– Prevent import errors when running test_btrfs unit tests.
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
– openSUSE Leap 15.2:
zypper in -t patch openSUSE-2020-1833=1
Package List:
– openSUSE Leap 15.2 (x86_64):
python2-salt-3000-lp152.3.15.1
python3-salt-3000-lp152.3.15.1
salt-3000-lp152.3.15.1
salt-api-3000-lp152.3.15.1
salt-cloud-3000-lp152.3.15.1
salt-doc-3000-lp152.3.15.1
salt-master-3000-lp152.3.15.1
salt-minion-3000-lp152.3.15.1
salt-proxy-3000-lp152.3.15.1
salt-ssh-3000-lp152.3.15.1
salt-standalone-formulas-configuration-3000-lp152.3.15.1
salt-syndic-3000-lp152.3.15.1
– openSUSE Leap 15.2 (noarch):
salt-bash-completion-3000-lp152.3.15.1
salt-fish-completion-3000-lp152.3.15.1
salt-zsh-completion-3000-lp152.3.15.1
References:
https://protect2.fireeye.com/v1/url?k=f42a8611-abb69c0f-f42d1bdd-000babd90757-3ead9d45f80a6eea&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-16846.html
https://protect2.fireeye.com/v1/url?k=b176c9df-eeead3c1-b1715413-000babd90757-1be788ecbffe7592&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-17490.html
https://protect2.fireeye.com/v1/url?k=9e01307c-c19d2a62-9e06adb0-000babd90757-3f93beb8b4f9b871&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fwww.suse.com%2Fsecurity%2Fcve%2FCVE-2020-25592.html
https://protect2.fireeye.com/v1/url?k=95bff2c1-ca23e8df-95b86f0d-000babd90757-7712ff9861ee137f&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1159670
https://protect2.fireeye.com/v1/url?k=fbe07f62-a47c657c-fbe7e2ae-000babd90757-737085add16ff49e&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1175987
https://protect2.fireeye.com/v1/url?k=903911b3-cfa50bad-903e8c7f-000babd90757-ed3ddf1ad01b19c7&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1176024
https://protect2.fireeye.com/v1/url?k=b8b6286c-e72a3272-b8b1b5a0-000babd90757-db6fbb34014c0a4f&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1176294
https://protect2.fireeye.com/v1/url?k=e85fcd30-b7c3d72e-e85850fc-000babd90757-1c82285c259c3e32&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1176397
https://protect2.fireeye.com/v1/url?k=f6715417-a9ed4e09-f676c9db-000babd90757-720c6e1787607702&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1177867
https://protect2.fireeye.com/v1/url?k=6bea981c-34768202-6bed05d0-000babd90757-bc38a3c109abe562&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1178319
https://protect2.fireeye.com/v1/url?k=786aa5bc-27f6bfa2-786d3870-000babd90757-88647175e113fe15&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1178361
https://protect2.fireeye.com/v1/url?k=10c766db-4f5b7cc5-10c0fb17-000babd90757-65cac9d9112223a9&q=1&e=0fb6f9a6-7000-4467-94f2-fb227e01dbf3&u=https%3A%2F%2Fbugzilla.suse.com%2F1178362
—
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
| Autor | Bruno Varga |
| Cert id | NCERT-REF-2020-11-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
