SUSE-SU-2021:3906-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:3906-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2021:3906-1
- Related
- Published
- 2021-12-03T11:04:20Z
- Modified
- 2021-12-03T11:04:20Z
- Summary
- Security Beta update for Salt
- Details
-
This update fixes the following issues:
salt:
- Remove wrong parsecpe_name from grains.core
- Prevent tracebacks if directory for cookie is missing
- Fix file.find tracebacks with non utf8 file names (bsc#1190114)
- Fix ip6_interface grain to not leak secondary IPv4 aliases (bsc#1191412)
- Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446)
- Fix traceback.*_exc() calls
- Fix the regression of docker_container state module
- Support querying for JSON data in external sql pillar
- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265) (CVE-2021-21996)
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
- Fix python-MarkupSafe dependency (bsc#1189043)
- Add missing aarch64 to rpm package architectures
- Consolidate some state requisites (bsc#1188641)
- Fix failing unit test for systemd
- Fix error handling in openscap module (bsc#1188647)
- Better handling of bad public keys from minions (bsc#1189040)
- Define license macro as doc in spec file if not existing
- Add standalone formulas configuration for salt minion and remove salt-master requirement (bsc#1168327)
- Do noop for services states when running systemd in offline mode (bsc#1187787)
- Transactional_updates: do not execute states in parallel but use a queue (bsc#1188170)
- Handle 'master tops' data when states are applied by 'transactional_update' (bsc#1187787)
- Enhance openscap module: add 'xccdf_eval' call
- Virt: pass emulator when getting domain capabilities from libvirt
- Implementation of held/unheld functions for state pkg (bsc#1187813)
- Fix exception in yumpkg.remove for not installed package
- Fix save for iptables state module (bsc#1185131)
- Virt: use /dev/kvm to detect KVM
- Zypperpkg: improve logic for handling vendorchange flags
- Add bundled provides for tornado to the spec file
- Enhance logging when inotify beacon is missing pyinotify (bsc#1186310)
- Add 'python3-pyinotify' as a recommended package for Salt in SUSE/openSUSE distros
- Check if dpkgnotify is executable (bsc#1186674)
- Detect Python version to use inside container (bsc#1167586) (bsc#1164192)
- Handle volumes on stopped pools in virt.vm_info (bsc#1186287)
- Grains.extra: support old non-intel kernels (bsc#1180650)
- Fix missing minion returns in batch mode (bsc#1184659)
- References
-
- https://www.suse.com/support/update/announcement/2021/suse-su-20213906-1/
- https://bugzilla.suse.com/1164192
- https://bugzilla.suse.com/1167586
- https://bugzilla.suse.com/1168327
- https://bugzilla.suse.com/1180650
- https://bugzilla.suse.com/1184659
- https://bugzilla.suse.com/1185131
- https://bugzilla.suse.com/1186287
- https://bugzilla.suse.com/1186310
- https://bugzilla.suse.com/1186674
- https://bugzilla.suse.com/1187787
- https://bugzilla.suse.com/1187813
- https://bugzilla.suse.com/1188170
- https://bugzilla.suse.com/1188641
- https://bugzilla.suse.com/1188647
- https://bugzilla.suse.com/1189040
- https://bugzilla.suse.com/1189043
- https://bugzilla.suse.com/1190114
- https://bugzilla.suse.com/1190265
- https://bugzilla.suse.com/1190446
- https://bugzilla.suse.com/1191412
- https://www.suse.com/security/cve/CVE-2021-21996