This update for salt fixes the following issues:
* Security issues fixed:
* CVE-2025-67724: Fixed missing validation of supplied reason phrase
(bsc#1254903)
* CVE-2025-67725: Fixed DoS via malicious HTTP request (bsc#1254905)
* CVE-2025-67726: Fixed HTTP header parameter parsing algorithm (bsc#1254904)
* CVE-2025-13836: Set a safe limit to http.client response read (bsc#1254400)
* Made syntax in httputil_test compatible with Python 3.6
* Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325)
* Use internal deb classes instead of external aptsource lib
* Improved wheel key.finger call (bsc#1240532)
* Improved utils.find_json function (bsc#1246130)
* Extended warn_until period to 2027
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1029=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1029=1
* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1029=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1029=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1029=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1029=1
* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-1029=1
* openSUSE Leap 15.6
zypper in -t patch...
Read the Full Advisory* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* salt-cloud-3006.0-150500.4.68.2
* salt-standalone-formulas-configuration-3006.0-150500.4.68.2
* salt-ssh-3006.0-150500.4.68.2
* salt-syndic-3006.0-150500.4.68.2
* salt-minion-3006.0-150500.4.68.2
* salt-api-3006.0-150500.4.68.2
* salt-master-3006.0-150500.4.68.2
* salt-3006.0-150500.4.68.2
* salt-proxy-3006.0-150500.4.68.2
* salt-doc-3006.0-150500.4.68.2
* python3-salt-3006.0-150500.4.68.2
* python311-salt-3006.0-150500.4.68.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* salt-zsh-completion-3006.0-150500.4.68.2
* salt-bash-completion-3006.0-150500.4.68.2
* salt-fish-completion-3006.0-150500.4.68.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* salt-cloud-3006.0-150500.4.68.2
* salt-standalone-formulas-configuration-3006.0-150500.4.68.2
* salt-ssh-3006.0-150500.4.68.2
* salt-syndic-3006.0-150500.4.68.2
* salt-minion-3006.0-150500.4.68.2
*...
Read the Full Advisory* bsc#1240532
* bsc#1246130
* bsc#1254325
* bsc#1254400
* bsc#1254903
* bsc#1254904
* bsc#1254905
## References:
* https://www.suse.com/security/cve/CVE-2025-13836.html
* https://www.suse.com/security/cve/CVE-2025-67724.html
* https://www.suse.com/security/cve/CVE-2025-67725.html
* https://www.suse.com/security/cve/CVE-2025-67726.html
* https://bugzilla.suse.com/show_bug.cgi?id=1240532
* https://bugzilla.suse.com/show_bug.cgi?id=1246130
* https://bugzilla.suse.com/show_bug.cgi?id=1254325
* https://bugzilla.suse.com/show_bug.cgi?id=1254400
* https://bugzilla.suse.com/show_bug.cgi?id=1254903
* https://bugzilla.suse.com/show_bug.cgi?id=1254904
* https://bugzilla.suse.com/show_bug.cgi?id=1254905
Get the latest Linux and open source security news straight to your inbox.