{"affected":[{"ecosystem_specific":{"binaries":[{"python3-distro":"1.5.0-3.5.1","python3-salt":"3002.2-37.1","salt":"3002.2-37.1","salt-bash-completion":"3002.2-37.1","salt-doc":"3002.2-37.1","salt-minion":"3002.2-37.1","salt-zsh-completion":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP2","name":"python-distro","purl":"pkg:rpm/suse/python-distro&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0-3.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-distro":"1.5.0-3.5.1","python3-salt":"3002.2-37.1","salt":"3002.2-37.1","salt-bash-completion":"3002.2-37.1","salt-doc":"3002.2-37.1","salt-minion":"3002.2-37.1","salt-zsh-completion":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3002.2-37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-distro":"1.5.0-3.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP3","name":"python-distro","purl":"pkg:rpm/suse/python-distro&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0-3.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-distro":"1.5.0-3.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Python 2 15 SP2","name":"python-distro","purl":"pkg:rpm/suse/python-distro&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0-3.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python2-distro":"1.5.0-3.5.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Python 2 15 SP3","name":"python-distro","purl":"pkg:rpm/suse/python-distro&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0-3.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"salt-api":"3002.2-37.1","salt-cloud":"3002.2-37.1","salt-fish-completion":"3002.2-37.1","salt-master":"3002.2-37.1","salt-proxy":"3002.2-37.1","salt-ssh":"3002.2-37.1","salt-standalone-formulas-configuration":"3002.2-37.1","salt-syndic":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3002.2-37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"salt-transactional-update":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Transactional Server 15 SP2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Transactional%20Server%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3002.2-37.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-distro":"1.5.0-3.5.1","python3-salt":"3002.2-37.1","salt":"3002.2-37.1","salt-minion":"3002.2-37.1","salt-transactional-update":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.0","name":"python-distro","purl":"pkg:rpm/suse/python-distro&distro=SUSE%20Linux%20Enterprise%20Micro%205.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.5.0-3.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-distro":"1.5.0-3.5.1","python3-salt":"3002.2-37.1","salt":"3002.2-37.1","salt-minion":"3002.2-37.1","salt-transactional-update":"3002.2-37.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.0","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3002.2-37.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for salt fixes the following issues:\n\nUpdate to Salt release version 3002.2 (jsc#ECO-3212, jsc#SLE-18033, jsc#SLE-18028) \n\n- Check if dpkgnotify is executable (bsc#1186674)\n- Drop support for Python2. Obsoletes `python2-salt` package (jsc#SLE-18028)\n- virt module updates\n  * network: handle missing ipv4 netmask attribute\n  * more network support\n  * PCI/USB host devices passthrough support\n- Set distro requirement to oldest supported version in requirements/base.txt\n- Bring missing part of async batch implementation back (CVE-2021-25315, bsc#1182382)\n- Always require `python3-distro` (bsc#1182293)\n- Remove deprecated warning that breaks minion execution when 'server_id_use_crc' opts is missing\n- Fix pkg states when DEB package has 'all' arch\n- Do not force beacons configuration to be a list.\n- Remove msgpack < 1.0.0 from base requirements (bsc#1176293)\n- msgpack support for version >= 1.0.0 (bsc#1171257)\n- Fix issue parsing errors in ansiblegate state module\n- Prevent command injection in the snapper module (bsc#1185281, CVE-2021-31607)\n- transactional_update: detect recursion in the executor\n- Add subpackage salt-transactional-update (jsc#SLE-18033)\n- Improvements on 'ansiblegate' module (bsc#1185092):\n  * New methods: ansible.targets / ansible.discover_playbooks\n- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)\n- Regression fix of salt-ssh on processing targets\n- Update target fix for salt-ssh and avoiding race condition on salt-ssh event processing (bsc#1179831, bsc#1182281)\n- Add notify beacon for Debian/Ubuntu systems\n- Fix zmq bug that causes salt-call to freeze (bsc#1181368)\n","id":"SUSE-SU-2021:2106-1","modified":"2021-06-21T17:26:18Z","published":"2021-06-21T17:26:18Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20212106-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171257"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176293"},{"type":"REPORT","url":"https://bugzilla.suse.com/1179831"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181368"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182281"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182293"},{"type":"REPORT","url":"https://bugzilla.suse.com/1182382"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185092"},{"type":"REPORT","url":"https://bugzilla.suse.com/1185281"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186674"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-15750"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-15751"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-11651"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-11652"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-25592"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-25315"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-31607"}],"related":["CVE-2018-15750","CVE-2018-15751","CVE-2020-11651","CVE-2020-11652","CVE-2020-25592","CVE-2021-25315","CVE-2021-31607"],"summary":"Security update for salt","upstream":["CVE-2018-15750","CVE-2018-15751","CVE-2020-11651","CVE-2020-11652","CVE-2020-25592","CVE-2021-25315","CVE-2021-31607"]}