Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SUSE: 2019:0882-1 Moderate Security Patch for Salt Released

suse
Calendar Grey April 4, 2019
Dist Suse Esm H88
SUSE has issued a Security Update addressing vulnerabilities found in the Salt framework, complete with severity ratings and detailed installation guidelines.
An update that solves two vulnerabilities and has one errata is now available

Summary

This update fixes the following issues: salt: - Removing patch to add root paramet to zypper module - Patch modification due to offset caused by previous patch removal - Fix for -t parameter in mount module - Async batch implementation - Update to 2019.2 release - Add virt.volume_infos and virt.volume_delete functions - Bugfix: properly refresh pillars (bsc#1125015) - Removes version from python3 requirement completely - Alignment with Salt 2019.2.0 RC2 from upstream. - Update to 2019.2.0~rc2 - Add virt.all_capabilities to return all host and domain capabilities at once - Don't call zypper with more than one --no-refresh (PR#51382) - Switch to better version nomenclature. Using ~ for the rc1 suffix. - Add "id_" and "force" to the whitelist of API check - Add metadata to accepted keyword arguments (bsc#1122680)

References

#1114029 #1122680 #1125015

Cross- CVE-2018-15750 CVE-2018-15751

Affected Products:

SUSE Manager Tools 15-BETA

https://www.suse.com/security/cve/CVE-2018-15750.html

https://www.suse.com/security/cve/CVE-2018-15751.html

https://bugzilla.suse.com/1114029

https://bugzilla.suse.com/1122680

https://bugzilla.suse.com/1125015

Announcement ID: SUSE-SU-2019:0882-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.