{"affected":[],"aliases":[],"details":"This update fixes the following issues:\n\nsalt:\n\n- virt.network_update: handle missing ipv4 netmask attribute\n- Do not monkey patch yaml loaders: Prevent breaking Ansible filter modules (bsc#1177474)\n- Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110)\n- Allow extra_filerefs as sanitized kwargs for SSH client\n- Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)\n- Fix for multiple for security issues\n  (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144)\n  (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197)\n  (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560)\n  (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)\n- Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976)\n- Add sleep on exception handling on minion connection attempt to the master (bsc#1174855)\n- Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347)\n- Always require python-certifi (used by salt.ext.tornado)\n- Bring missing part of async batch implementation back (bsc#1182382) (CVE-2021-25315)\n- Master can read grains (bsc#1179696)\n\n","id":"SUSE-SU-2021:0914-1","modified":"2021-03-19T16:15:51Z","published":"2021-03-19T16:15:51Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20210914-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1099976"},{"type":"REPORT","url":"https://bugzilla.suse.com/1172110"},{"type":"REPORT","url":"https://bugzilla.suse.com/1174855"},{"type":"REPORT","url":"https://bugzilla.suse.com/1177474"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179696"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181347"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181550"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181556"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181557"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181558"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181559"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181560"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181561"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181562"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181563"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181564"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181565"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182382"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182740"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-28243"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-28972"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-35662"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25281"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25282"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25283"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25284"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25315"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3144"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3148"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-3197"}],"related":["CVE-2020-28243","CVE-2020-28972","CVE-2020-35662","CVE-2021-25281","CVE-2021-25282","CVE-2021-25283","CVE-2021-25284","CVE-2021-25315","CVE-2021-3144","CVE-2021-3148","CVE-2021-3197"],"summary":"Security Beta update for Salt","upstream":["CVE-2020-28243","CVE-2020-28972","CVE-2020-35662","CVE-2021-25281","CVE-2021-25282","CVE-2021-25283","CVE-2021-25284","CVE-2021-25315","CVE-2021-3144","CVE-2021-3148","CVE-2021-3197"]}