Recommended update for salt

Announcement ID: SUSE-RU-2017:0171-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2016-9639 ( NVD ): 9.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
  • SUSE Enterprise Storage 4
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2

An update that solves one vulnerability and has seven fixes can now be installed.

Description:

This update for Salt fixes one security issue and several non-security issues.

The following security issue has been fixed:

  • Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)

The following non-security issues have been fixed:

  • Update to 2015.8.12
  • Add pre-require to salt for minions.
  • Do not restart salt-minion in salt package.
  • Add try-restart to sys-v init scripts.
  • Add "Restart=on-failure" for salt-minion systemd service.
  • Re-introduce "KillMode=process" for salt-minion systemd service.
  • Successfully exit of salt-api child processes when SIGTERM is received.
  • Fix exit codes of sysv init script. (bsc#999852)
  • Include resolution parameters in the Zypper debug-solver call during a dry-run dist-upgrade.
  • Fix Salt API crash via salt-ssh on empty roster. (bsc#1004723)
  • Add 'dist-upgrade' support to zypper module. (fate#320559)
  • Fix position of -X option to setfacl. (bsc#1004260)
  • Fix generated shebang in scripts on SLES-ES 7. (bsc#1004047)
  • Fix changing default-timezone. (bsc#1008933)

Special Instructions and Notes:

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Enterprise Storage 4
    zypper in -t patch SUSE-Storage-4-2017-77=1

Package List:

  • SUSE Enterprise Storage 4 (aarch64 x86_64)
    • salt-2015.8.12-27.5
    • salt-master-2015.8.12-27.5
    • salt-minion-2015.8.12-27.5

References: