An update that solves 7 vulnerabilities, contains three
features and has three fixes is now available.
Description:
This update for salt fixes the following issues:
Update to Salt release version 3002.2 (jsc#ECO-3212, jsc#SLE-18033,
jsc#SLE-18028)
- Check if dpkgnotify is executable (bsc#1186674)
- Drop support for Python2. Obsoletes
python2-salt
package
(jsc#SLE-18028)
- virt module updates
- network: handle missing ipv4 netmask attribute
- more network support
- PCI/USB host devices passthrough support
- Set distro requirement to oldest supported version in
requirements/base.txt
- Bring missing part of async batch implementation back (CVE-2021-25315,
bsc#1182382)
- Always require
python3-distro
(bsc#1182293)
- Remove deprecated warning that breaks minion execution when
βserver_id_use_crcβ opts is missing
- Fix pkg states when DEB package has βallβ arch
- Do not force beacons configuration to be a list.
- Remove msgpack < 1.0.0 from base requirements (bsc#1176293)
- msgpack support for version >= 1.0.0 (bsc#1171257)
- Fix issue parsing errors in ansiblegate state module
- Prevent command injection in the snapper module (bsc#1185281,
CVE-2021-31607)
- transactional_update: detect recursion in the executor
- Add subpackage salt-transactional-update (jsc#SLE-18033)
- Improvements on βansiblegateβ module (bsc#1185092):
- New methods: ansible.targets / ansible.discover_playbooks
- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)
- Regression fix of salt-ssh on processing targets
- Update target fix for salt-ssh and avoiding race condition on salt-ssh
event processing (bsc#1179831, bsc#1182281)
- Add notify beacon for Debian/Ubuntu systems
- Fix zmq bug that causes salt-call to freeze (bsc#1181368)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or βzypper patchβ.
Alternatively you can run the command listed for your product: