Security update for SUSE Manager Salt Bundle
Announcement ID: | SUSE-SU-2022:3184-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability and has six security fixes can now be installed.
Description:
This update fixes the following issues:
venv-salt-minion:
- Add support for gpgautoimport in zypperpkg module
- Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744)
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082)
- Add support for name, pkgs and diff_attr parameters to upgrade function for zypper and yum (bsc#1198489)
- Fix possible errors on running post install script if semanage is present on the system, but SELinux is not configured
- Remove unused imports in the venv wrappers
- Set VENV_PIP_TARGET to /var/lib/venv-salt-minion/local to force PIP use it as the destination to install modules
- Fix ownership of salt thin directory when using the Salt Bundle
- Set default target for pip from VENV_PIP_TARGET environment variable
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
- Save log to logfile with docker.build
- Use Salt Bundle in dockermod
- Ignore errors on reading license files with dpkg_lowpkg (bsc#1197288)
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)
Special Instructions and Notes:
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Manager Client Tools for Debian 10
zypper in -t patch SUSE-Debian-10-CLIENT-TOOLS-x86_64-2022-3184=1
Package List:
-
SUSE Manager Client Tools for Debian 10 (amd64)
- venv-salt-minion-3004-2.11.2
References:
- https://www.suse.com/security/cve/CVE-2022-22967.html
- https://bugzilla.suse.com/show_bug.cgi?id=1195895
- https://bugzilla.suse.com/show_bug.cgi?id=1197288
- https://bugzilla.suse.com/show_bug.cgi?id=1198489
- https://bugzilla.suse.com/show_bug.cgi?id=1198744
- https://bugzilla.suse.com/show_bug.cgi?id=1199372
- https://bugzilla.suse.com/show_bug.cgi?id=1200566
- https://bugzilla.suse.com/show_bug.cgi?id=1201082