Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

SUSE Manager Debian 9.0: 2021:0910-1 Moderate Fixes for Client Tools

suse
Calendar Grey March 19, 2021
Dist Suse Esm H88
An update for SUSE Manager Client Tools has been released, resolving 10 moderate severity issues. Discover the detailed fixes implemented in this version.
An update that solves 10 vulnerabilities and has 10 fixes is now available

Summary

This update fixes the following issues: salt: - Only require python-certifi for CentOS7 - Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110) - Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976) - Fix recursion false detection in payload (bsc#1180101) - Add sleep on exception handling on minion connection attempt to the master (bsc#1174855) - Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347) - Always require python-certifi (used by salt.ext.tornado) - Exclude SLE 12 from requiring python-certifi - Do not crash when unexpected cmd output at listing patches (bsc#1181290) - Fix behavior for "onlyif/unless" when multiple conditions (bsc#1180818)

References

#1099976 #1172110 #1174855 #1179696 #1180101

#1180818 #1181290 #1181347 #1181550 #1181556

#1181557 #1181558 #1181559 #1181560 #1181561

#1181562 #1181563 #1181564 #1181565 #1182740

Cross- CVE-2020-28243 CVE-2020-28972 CVE-2020-35662

CVE-2021-25281 CVE-2021-25282 CVE-2021-25283

CVE-2021-25284 CVE-2021-3144 CVE-2021-3148

CVE-2021-3197

CVSS scores:

CVE-2020-28243 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-28243 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-28972 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2020-28972 (SUSE): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE-2020-35662 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Announcement ID: SUSE-SU-2021:0910-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.