SUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1757-1
Rating: moderate
References: #1059291 #1061407 #1062464 #1064520 #1075950
#1079048 #1081592 #1087055 #1087278 #1087581
#1087891 #1088888 #1089112 #1089362 #1089526
#1090242 #1091371 #1092161 #1092373 #1094055
#1097174 #1097413
Cross-References: CVE-2017-14695 CVE-2017-14696
Affected Products:
SUSE Manager Tools 12
SUSE Manager Server 3.1
SUSE Manager Server 3.0
SUSE Manager Proxy 3.1
SUSE Manager Proxy 3.0
SUSE Linux Enterprise Point of Sale 12-SP2
SUSE Linux Enterprise Module for Advanced Systems Management 12
______________________________________________________________________________
An update that solves two vulnerabilities and has 20 fixes
is now available.
Description:
This update for salt provides version 2018.3 and brings many fixes and
improvements:
- Fix for sorting of multi-version packages (bsc#1097174 and bsc#1097413)
- Align SUSE salt-master.service 'LimitNOFILES' limit with upstream Salt
- Add 'other' attribute to GECOS fields to avoid inconsistencies with chfn
- Prevent zypper from parsing repo configuration from not .repo files
(bsc#1094055)
- Collect all versions of installed packages on SUSE and RHEL systems
(bsc#1089526)
- No more AWS EC2 rate limitations in salt-cloud. (bsc#1088888)
- MySQL returner now also allows to use Unix sockets. (bsc#1091371)
- Do not override jid on returners, only sending back to master.
(bsc#1092373)
- Remove minion/thin/version if exists to force thin regeneration.
(bsc#1092161)
- Fix minion scheduler to return a 'retcode' attribute. (bsc#1089112)
- Fix for logging during network interface querying. (bsc#1087581)
- Fix rhel packages requires both net-tools and iproute. (bsc#1087055)
- Fix patchinstall on yum module. Bad comparison. (bsc#1087278)
- Strip trailing commas on Linux user's GECOS fields. (bsc#1089362)
- Fallback to PyMySQL. (bsc#1087891)
- Fix for [Errno 0] Resolver Error 0 (no error). (bsc#1087581)
- Add python-2.6 support to salt-ssh.
- Make it possible to use docker login, pull and push from module.run and
detect errors.
- Fix unicode decode error with salt-ssh.
- Fix cp.push empty file. (bsc#1075950)
- Fix grains containing trailing "\n".
- Remove salt-minion python2 requirement when python3 is default.
(bsc#1081592)
- Restoring installation of packages for Rhel 6 and 7.
- Prevent queryformat pattern from expanding. (bsc#1079048)
- Fix for delete_deployment in Kubernetes module. (bsc#1059291)
- Fix bsc#1062464 and CVE-2017-14696 already included in 2017.7.2.
- Fix wrong version reported by Salt. (bsc#1061407)
- Run salt-api as user salt. (bsc#1064520)
For a detailed description, please refer to the upstream-changelog at
https://docs.saltstack.com/en/latest/topics/releases/index.html or to the
rpm-changelog.
supportutils-plugin-salt:
- Collect salt-api, salt-broker and salt-ssh log files (bsc#1090242)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Tools 12:
zypper in -t patch SUSE-SLE-Manager-Tools-12-2018-1157=1
- SUSE Manager Server 3.1:
zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-1157=1
- SUSE Manager Server 3.0:
zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-1157=1
- SUSE Manager Proxy 3.1:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.1-2018-1157=1
- SUSE Manager Proxy 3.0:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2018-1157=1
- SUSE Linux Enterprise Point of Sale 12-SP2:
zypper in -t patch SUSE-SLE-POS-12-SP2-2018-1157=1
- SUSE Linux Enterprise Module for Advanced Systems Management 12:
zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2018-1157=1
Package List:
- SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Manager Tools 12 (noarch):
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Server 3.1 (ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-cloud-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Manager Server 3.1 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Server 3.0 (s390x x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Manager Server 3.0 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.1 (ppc64le x86_64):
python2-salt-2018.3.0-46.28.1
python3-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Manager Proxy 3.1 (noarch):
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.0 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
supportutils-plugin-salt-1.1.4-6.9.1
- SUSE Manager Proxy 3.0 (x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64):
python2-salt-2018.3.0-46.28.1
salt-2018.3.0-46.28.1
salt-api-2018.3.0-46.28.1
salt-cloud-2018.3.0-46.28.1
salt-doc-2018.3.0-46.28.1
salt-master-2018.3.0-46.28.1
salt-minion-2018.3.0-46.28.1
salt-proxy-2018.3.0-46.28.1
salt-ssh-2018.3.0-46.28.1
salt-syndic-2018.3.0-46.28.1
- SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch):
salt-bash-completion-2018.3.0-46.28.1
salt-zsh-completion-2018.3.0-46.28.1
References:
https://www.suse.com/security/cve/CVE-2017-14695.html
https://www.suse.com/security/cve/CVE-2017-14696.html
https://bugzilla.suse.com/1059291
https://bugzilla.suse.com/1061407
https://bugzilla.suse.com/1062464
https://bugzilla.suse.com/1064520
https://bugzilla.suse.com/1075950
https://bugzilla.suse.com/1079048
https://bugzilla.suse.com/1081592
https://bugzilla.suse.com/1087055
https://bugzilla.suse.com/1087278
https://bugzilla.suse.com/1087581
https://bugzilla.suse.com/1087891
https://bugzilla.suse.com/1088888
https://bugzilla.suse.com/1089112
https://bugzilla.suse.com/1089362
https://bugzilla.suse.com/1089526
https://bugzilla.suse.com/1090242
https://bugzilla.suse.com/1091371
https://bugzilla.suse.com/1092161
https://bugzilla.suse.com/1092373
https://bugzilla.suse.com/1094055
https://bugzilla.suse.com/1097174
https://bugzilla.suse.com/1097413
SUSE: 2018:1757-1 moderate: salt
June 19, 2018
An update that solves two vulnerabilities and has 20 fixes is now available
Summary
This update for salt provides version 2018.3 and brings many fixes and improvements: - Fix for sorting of multi-version packages (bsc#1097174 and bsc#1097413) - Align SUSE salt-master.service 'LimitNOFILES' limit with upstream Salt - Add 'other' attribute to GECOS fields to avoid inconsistencies with chfn - Prevent zypper from parsing repo configuration from not .repo files (bsc#1094055) - Collect all versions of installed packages on SUSE and RHEL systems (bsc#1089526) - No more AWS EC2 rate limitations in salt-cloud. (bsc#1088888) - MySQL returner now also allows to use Unix sockets. (bsc#1091371) - Do not override jid on returners, only sending back to master. (bsc#1092373) - Remove minion/thin/version if exists to force thin regeneration. (bsc#1092161) - Fix minion scheduler to return a 'retcode' attribute. (bsc#1089112) - Fix for logging during network interface querying. (bsc#1087581) - Fix rhel packages requires both net-tools and iproute. (bsc#1087055) - Fix patchinstall on yum module. Bad comparison. (bsc#1087278) - Strip trailing commas on Linux user's GECOS fields. (bsc#1089362) - Fallback to PyMySQL. (bsc#1087891) - Fix for [Errno 0] Resolver Error 0 (no error). (bsc#1087581) - Add python-2.6 support to salt-ssh. - Make it possible to use docker login, pull and push from module.run and detect errors. - Fix unicode decode error with salt-ssh. - Fix cp.push empty file. (bsc#1075950) - Fix grains containing trailing "\n". - Remove salt-minion python2 requirement when python3 is default. (bsc#1081592) - Restoring installation of packages for Rhel 6 and 7. - Prevent queryformat pattern from expanding. (bsc#1079048) - Fix for delete_deployment in Kubernetes module. (bsc#1059291) - Fix bsc#1062464 and CVE-2017-14696 already included in 2017.7.2. - Fix wrong version reported by Salt. (bsc#1061407) - Run salt-api as user salt. (bsc#1064520) For a detailed description, please refer to the upstream-changelog at https://docs.saltstack.com/en/latest/topics/releases/index.html or to the rpm-changelog. supportutils-plugin-salt: - Collect salt-api, salt-broker and salt-ssh log files (bsc#1090242) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Tools 12: zypper in -t patch SUSE-SLE-Manager-Tools-12-2018-1157=1 - SUSE Manager Server 3.1: zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-1157=1 - SUSE Manager Server 3.0: zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-1157=1 - SUSE Manager Proxy 3.1: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.1-2018-1157=1 - SUSE Manager Proxy 3.0: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.0-2018-1157=1 - SUSE Linux Enterprise Point of Sale 12-SP2: zypper in -t patch SUSE-SLE-POS-12-SP2-2018-1157=1 - SUSE Linux Enterprise Module for Advanced Systems Management 12: zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2018-1157=1 Package List: - SUSE Manager Tools 12 (aarch64 ppc64le s390x x86_64): python2-salt-2018.3.0-46.28.1 python3-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-doc-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 - SUSE Manager Tools 12 (noarch): supportutils-plugin-salt-1.1.4-6.9.1 - SUSE Manager Server 3.1 (ppc64le s390x x86_64): python2-salt-2018.3.0-46.28.1 python3-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-api-2018.3.0-46.28.1 salt-cloud-2018.3.0-46.28.1 salt-doc-2018.3.0-46.28.1 salt-master-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 salt-proxy-2018.3.0-46.28.1 salt-ssh-2018.3.0-46.28.1 salt-syndic-2018.3.0-46.28.1 - SUSE Manager Server 3.1 (noarch): salt-bash-completion-2018.3.0-46.28.1 salt-zsh-completion-2018.3.0-46.28.1 supportutils-plugin-salt-1.1.4-6.9.1 - SUSE Manager Server 3.0 (s390x x86_64): python2-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-api-2018.3.0-46.28.1 salt-doc-2018.3.0-46.28.1 salt-master-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 salt-proxy-2018.3.0-46.28.1 salt-ssh-2018.3.0-46.28.1 salt-syndic-2018.3.0-46.28.1 - SUSE Manager Server 3.0 (noarch): salt-bash-completion-2018.3.0-46.28.1 salt-zsh-completion-2018.3.0-46.28.1 supportutils-plugin-salt-1.1.4-6.9.1 - SUSE Manager Proxy 3.1 (ppc64le x86_64): python2-salt-2018.3.0-46.28.1 python3-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 - SUSE Manager Proxy 3.1 (noarch): supportutils-plugin-salt-1.1.4-6.9.1 - SUSE Manager Proxy 3.0 (noarch): salt-bash-completion-2018.3.0-46.28.1 salt-zsh-completion-2018.3.0-46.28.1 supportutils-plugin-salt-1.1.4-6.9.1 - SUSE Manager Proxy 3.0 (x86_64): python2-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-api-2018.3.0-46.28.1 salt-doc-2018.3.0-46.28.1 salt-master-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 salt-proxy-2018.3.0-46.28.1 salt-ssh-2018.3.0-46.28.1 salt-syndic-2018.3.0-46.28.1 - SUSE Linux Enterprise Point of Sale 12-SP2 (x86_64): python2-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (ppc64le s390x x86_64): python2-salt-2018.3.0-46.28.1 salt-2018.3.0-46.28.1 salt-api-2018.3.0-46.28.1 salt-cloud-2018.3.0-46.28.1 salt-doc-2018.3.0-46.28.1 salt-master-2018.3.0-46.28.1 salt-minion-2018.3.0-46.28.1 salt-proxy-2018.3.0-46.28.1 salt-ssh-2018.3.0-46.28.1 salt-syndic-2018.3.0-46.28.1 - SUSE Linux Enterprise Module for Advanced Systems Management 12 (noarch): salt-bash-completion-2018.3.0-46.28.1 salt-zsh-completion-2018.3.0-46.28.1
References
#1059291 #1061407 #1062464 #1064520 #1075950
#1079048 #1081592 #1087055 #1087278 #1087581
#1087891 #1088888 #1089112 #1089362 #1089526
#1090242 #1091371 #1092161 #1092373 #1094055
#1097174 #1097413
Cross- CVE-2017-14695 CVE-2017-14696
Affected Products:
SUSE Manager Tools 12
SUSE Manager Server 3.1
SUSE Manager Server 3.0
SUSE Manager Proxy 3.1
SUSE Manager Proxy 3.0
SUSE Linux Enterprise Point of Sale 12-SP2
SUSE Linux Enterprise Module for Advanced Systems Management 12
https://www.suse.com/security/cve/CVE-2017-14695.html
https://www.suse.com/security/cve/CVE-2017-14696.html
https://bugzilla.suse.com/1059291
https://bugzilla.suse.com/1061407
https://bugzilla.suse.com/1062464
https://bugzilla.suse.com/1064520
https://bugzilla.suse.com/1075950
https://bugzilla.suse.com/1079048
https://bugzilla.suse.com/1081592
https://bugzilla.suse.com/1087055
https://bugzilla.suse.com/1087278
https://bugzilla.suse.com/1087581
https://bugzilla.suse.com/1087891
https://bugzilla.suse.com/1088888
https://bugzilla.suse.com/1089112
https://bugzilla.suse.com/1089362
https://bugzilla.suse.com/1089526
https://bugzilla.suse.com/1090242
https://bugzilla.suse.com/1091371
https://bugzilla.suse.com/1092161
https://bugzilla.suse.com/1092373
https://bugzilla.suse.com/1094055
https://bugzilla.suse.com/1097174
https://bugzilla.suse.com/1097413
Severity
Announcement ID: SUSE-SU-2018:1757-1
Rating: moderate
News
HOWTOs
About Us
Powered By
