SUSE: 2019:0882-1 moderate: Salt
Summary
This update fixes the following issues: salt: - Removing patch to add root paramet to zypper module - Patch modification due to offset caused by previous patch removal - Fix for -t parameter in mount module - Async batch implementation - Update to 2019.2 release - Add virt.volume_infos and virt.volume_delete functions - Bugfix: properly refresh pillars (bsc#1125015) - Removes version from python3 requirement completely - Alignment with Salt 2019.2.0 RC2 from upstream. - Update to 2019.2.0~rc2 - Add virt.all_capabilities to return all host and domain capabilities at once - Don't call zypper with more than one --no-refresh (PR#51382) - Switch to better version nomenclature. Using ~ for the rc1 suffix. - Add "id_" and "force" to the whitelist of API check - Add metadata to accepted keyword arguments (bsc#1122680) - Fix "pkg.list_pkgs" output when using "attr" to take the arch into account (bsc#1114029) - Update Salt to 2019.2.0rc1 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Tools 15-BETA: zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2019-882=1 Package List: - SUSE Manager Tools 15-BETA (aarch64 ppc64le s390x x86_64): python2-salt-2019.2.0-8.3.3 python3-salt-2019.2.0-8.3.3 salt-2019.2.0-8.3.3 salt-doc-2019.2.0-8.3.3 salt-minion-2019.2.0-8.3.3 - SUSE Manager Tools 15-BETA (noarch): salt-bash-completion-2019.2.0-8.3.3 salt-zsh-completion-2019.2.0-8.3.3
References
#1114029 #1122680 #1125015
Cross- CVE-2018-15750 CVE-2018-15751
Affected Products:
SUSE Manager Tools 15-BETA
https://www.suse.com/security/cve/CVE-2018-15750.html
https://www.suse.com/security/cve/CVE-2018-15751.html
https://bugzilla.suse.com/1114029
https://bugzilla.suse.com/1122680
https://bugzilla.suse.com/1125015