Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
patchinfo.16896
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.16896
<patchinfo incident="16896"> <issue tracker="bnc" id="1178485">Regression: salt ssh identity file is created with double quotes as passphrase</issue> <issue tracker="bnc" id="1176397">Failed to apply highstate and errors "...was not found in SLS"</issue> <issue tracker="bnc" id="1177867">L3: salt: blkid() got an unexpected keyword argument '__pub_user'</issue> <issue tracker="bnc" id="1175987">Xen virtual machine created with Salt fails to boot</issue> <issue tracker="bnc" id="1176294">salt RPM scriptlet contains syntax error</issue> <issue tracker="bnc" id="1176024">UTF-8 trouble in Python 2.7 minion environment</issue> <issue tracker="bnc" id="1159670">Salt's pkg.search logs unnecessary errors</issue> <issue tracker="bnc" id="1178361">VUL-0: CVE-2020-16846: salt: unauthenticated user with network access to the Salt API can use shell injections to run code on the Salt-API using the SSH client.</issue> <issue tracker="bnc" id="1178319">VUL-0: CVE-2020-25592: salt: Salt-netapi improperly validates eauth credentials and tokens.</issue> <issue tracker="bnc" id="1178362">VUL-0: CVE-2020-17490: salt: SSL keys were not created with correct file permissions</issue> <issue tracker="cve" id="2020-16846"/> <issue tracker="cve" id="2020-25592"/> <issue tracker="cve" id="2020-17490"/> <packager>PSuarezHernandez</packager> <rating>critical</rating> <category>security</category> <summary>Security update for salt</summary> <description>This update for salt fixes the following issues: - Avoid regression on "salt-master": set passphrase for salt-ssh keys to empty string (bsc#1178485) - Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846) - Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867) - Ensure virt.update stop_on_reboot is updated with its default value. - Do not break package building for systemd OSes. - Drop wrong mock from chroot unit test. - Support systemd versions with dot. (bsc#1176294) - Fix for grains.test_core unit test. - Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024) - Several changes to virtualization: * Fix virt update when cpu and memory are changed. * Memory Tuning GSoC. * Properly fix memory setting regression in virt.update. * Expose libvirt on_reboot in virt states. - Support transactional systems (MicroOS). - zypperpkg module ignores retcode 104 for search(). (bsc#1159670) - Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987) - Invalidate file list cache when cache file modified time is in the future. (bsc#1176397) - Prevent import errors when running test_btrfs unit tests </description> <zypp_restart_needed/> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor