drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Salt
Name: |
Zwei Probleme in Salt |
|
ID: |
SUSE-SU-2019:0881-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Manager Tools 12-BETA |
|
Datum: |
Fr, 5. April 2019, 07:44 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15750 |
|
Applikationen: |
Salt |
|
Originalnachricht |
SUSE Security Update: Security update for Salt ______________________________________________________________________________
Announcement ID: SUSE-SU-2019:0881-1 Rating: moderate References: #1114029 #1122680 #1125015 Cross-References: CVE-2018-15750 CVE-2018-15751 Affected Products: SUSE Manager Tools 12-BETA ______________________________________________________________________________
An update that solves two vulnerabilities and has one errata is now available.
Description:
This update fixes the following issues:
salt:
- Removing patch to add root paramet to zypper module - Patch modification due to offset caused by previous patch removal - Fix for -t parameter in mount module - Async batch implementation - Update to 2019.2 release - Add virt.volume_infos and virt.volume_delete functions - Bugfix: properly refresh pillars (bsc#1125015) - Removes version from python3 requirement completely - Alignment with Salt 2019.2.0 RC2 from upstream. - Update to 2019.2.0~rc2 - Add virt.all_capabilities to return all host and domain capabilities at once - Don't call zypper with more than one --no-refresh (PR#51382) - Switch to better version nomenclature. Using ~ for the rc1 suffix. - Add "id_" and "force" to the whitelist of API check - Add metadata to accepted keyword arguments (bsc#1122680) - Fix "pkg.list_pkgs" output when using "attr" to take the arch into account (bsc#1114029) - Update Salt to 2019.2.0rc1
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Tools 12-BETA:
zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2019-881=1
Package List:
- SUSE Manager Tools 12-BETA (aarch64 ppc64le s390x x86_64):
libzmq3-4.0.4-18.2.1 libzmq3-debuginfo-4.0.4-18.2.1 python-MarkupSafe-0.18-6.3.1 python-MarkupSafe-debuginfo-0.18-6.3.1 python-MarkupSafe-debugsource-0.18-6.3.1 python-PyYAML-3.12-29.2.1 python-PyYAML-debuginfo-3.12-29.2.1 python-PyYAML-debugsource-3.12-29.2.1 python-msgpack-python-0.4.6-11.2.1 python-msgpack-python-debuginfo-0.4.6-11.2.1 python-msgpack-python-debugsource-0.4.6-11.2.1 python-psutil-5.2.2-18.2.1 python-psutil-debuginfo-5.2.2-18.2.1 python-psutil-debugsource-5.2.2-18.2.1 python-pycrypto-2.6.1-13.2.1 python-pyzmq-14.0.0-12.2.1 python-pyzmq-debuginfo-14.0.0-12.2.1 python-pyzmq-debugsource-14.0.0-12.2.1 python-tornado-4.2.1-20.2.1 python-tornado-debuginfo-4.2.1-20.2.1 python-tornado-debugsource-4.2.1-20.2.1 python2-salt-2019.2.0-49.3.8 python3-MarkupSafe-0.18-6.3.1 python3-PyYAML-3.12-29.2.1 python3-msgpack-python-0.4.6-11.2.1 python3-psutil-5.2.2-18.2.1 python3-pycrypto-2.6.1-13.2.1 python3-pyzmq-14.0.0-12.2.1 python3-salt-2019.2.0-49.3.8 python3-tornado-4.2.1-20.2.1 salt-2019.2.0-49.3.8 salt-doc-2019.2.0-49.3.8 salt-minion-2019.2.0-49.3.8 zeromq-debugsource-4.0.4-18.2.1
- SUSE Manager Tools 12-BETA (ppc64le s390x x86_64):
python-pycrypto-debuginfo-2.6.1-13.2.1
- SUSE Manager Tools 12-BETA (noarch):
python-Jinja2-2.8-22.2.1 python-futures-3.0.2-18.2.1 python-requests-2.11.1-9.2.1 python3-Jinja2-2.8-22.2.1 python3-requests-2.11.1-9.2.1
References:
https://www.suse.com/security/cve/CVE-2018-15750.html https://www.suse.com/security/cve/CVE-2018-15751.html https://bugzilla.suse.com/1114029 https://bugzilla.suse.com/1122680 https://bugzilla.suse.com/1125015
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|