SUSE: 2019:0881-1 moderate: Salt
Summary
This update fixes the following issues: salt: - Removing patch to add root paramet to zypper module - Patch modification due to offset caused by previous patch removal - Fix for -t parameter in mount module - Async batch implementation - Update to 2019.2 release - Add virt.volume_infos and virt.volume_delete functions - Bugfix: properly refresh pillars (bsc#1125015) - Removes version from python3 requirement completely - Alignment with Salt 2019.2.0 RC2 from upstream. - Update to 2019.2.0~rc2 - Add virt.all_capabilities to return all host and domain capabilities at once - Don't call zypper with more than one --no-refresh (PR#51382) - Switch to better version nomenclature. Using ~ for the rc1 suffix. - Add "id_" and "force" to the whitelist of API check - Add metadata to accepted keyword arguments (bsc#1122680) - Fix "pkg.list_pkgs" output when using "attr" to take the arch into account (bsc#1114029) - Update Salt to 2019.2.0rc1 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Tools 12-BETA: zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2019-881=1 Package List: - SUSE Manager Tools 12-BETA (aarch64 ppc64le s390x x86_64): libzmq3-4.0.4-18.2.1 libzmq3-debuginfo-4.0.4-18.2.1 python-MarkupSafe-0.18-6.3.1 python-MarkupSafe-debuginfo-0.18-6.3.1 python-MarkupSafe-debugsource-0.18-6.3.1 python-PyYAML-3.12-29.2.1 python-PyYAML-debuginfo-3.12-29.2.1 python-PyYAML-debugsource-3.12-29.2.1 python-msgpack-python-0.4.6-11.2.1 python-msgpack-python-debuginfo-0.4.6-11.2.1 python-msgpack-python-debugsource-0.4.6-11.2.1 python-psutil-5.2.2-18.2.1 python-psutil-debuginfo-5.2.2-18.2.1 python-psutil-debugsource-5.2.2-18.2.1 python-pycrypto-2.6.1-13.2.1 python-pyzmq-14.0.0-12.2.1 python-pyzmq-debuginfo-14.0.0-12.2.1 python-pyzmq-debugsource-14.0.0-12.2.1 python-tornado-4.2.1-20.2.1 python-tornado-debuginfo-4.2.1-20.2.1 python-tornado-debugsource-4.2.1-20.2.1 python2-salt-2019.2.0-49.3.8 python3-MarkupSafe-0.18-6.3.1 python3-PyYAML-3.12-29.2.1 python3-msgpack-python-0.4.6-11.2.1 python3-psutil-5.2.2-18.2.1 python3-pycrypto-2.6.1-13.2.1 python3-pyzmq-14.0.0-12.2.1 python3-salt-2019.2.0-49.3.8 python3-tornado-4.2.1-20.2.1 salt-2019.2.0-49.3.8 salt-doc-2019.2.0-49.3.8 salt-minion-2019.2.0-49.3.8 zeromq-debugsource-4.0.4-18.2.1 - SUSE Manager Tools 12-BETA (ppc64le s390x x86_64): python-pycrypto-debuginfo-2.6.1-13.2.1 - SUSE Manager Tools 12-BETA (noarch): python-Jinja2-2.8-22.2.1 python-futures-3.0.2-18.2.1 python-requests-2.11.1-9.2.1 python3-Jinja2-2.8-22.2.1 python3-requests-2.11.1-9.2.1
References
#1114029 #1122680 #1125015
Cross- CVE-2018-15750 CVE-2018-15751
Affected Products:
SUSE Manager Tools 12-BETA
https://www.suse.com/security/cve/CVE-2018-15750.html
https://www.suse.com/security/cve/CVE-2018-15751.html
https://bugzilla.suse.com/1114029
https://bugzilla.suse.com/1122680
https://bugzilla.suse.com/1125015