{"affected":[{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-transactional-update":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-transactional-update":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-transactional-update":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-salt":"3006.0-150300.53.60.1","salt":"3006.0-150300.53.60.1","salt-api":"3006.0-150300.53.60.1","salt-bash-completion":"3006.0-150300.53.60.1","salt-cloud":"3006.0-150300.53.60.1","salt-doc":"3006.0-150300.53.60.1","salt-fish-completion":"3006.0-150300.53.60.1","salt-master":"3006.0-150300.53.60.1","salt-minion":"3006.0-150300.53.60.1","salt-proxy":"3006.0-150300.53.60.1","salt-ssh":"3006.0-150300.53.60.1","salt-standalone-formulas-configuration":"3006.0-150300.53.60.1","salt-syndic":"3006.0-150300.53.60.1","salt-transactional-update":"3006.0-150300.53.60.1","salt-zsh-completion":"3006.0-150300.53.60.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"salt","purl":"pkg:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150300.53.60.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for salt fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2023-20897: Fixed DOS in minion return. (bsc#1214796, bsc#1213441)\n- CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base\n  name. (bsc#1214797, bsc#1193948)\n  \nBugs fixed:\n\n- Create minion_id with reproducible mtime\n- Fix broken tests to make them running in the testsuite\n- Fix detection of Salt codename by 'salt_version' execution module\n- Fix inconsistency in reported version by egg-info metadata (bsc#1215489)\n- Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844)\n- Fix the regression of user.present state when group is unset (bsc#1212855)\n- Fix utf8 handling in 'pass' renderer and make it more robust\n- Fix zypper repositories always being reconfigured\n- Make sure configured user is properly set by Salt (bsc#1210994)\n- Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794)\n- Revert usage of long running REQ channel to prevent possible missing responses on requests and duplicated responses\n  (bsc#1213960, bsc#1213630, bsc#1213257)\n","id":"SUSE-SU-2023:3864-1","modified":"2023-09-28T11:40:37Z","published":"2023-09-28T11:40:37Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20233864-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193948"},{"type":"REPORT","url":"https://bugzilla.suse.com/1210994"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212794"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212844"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212855"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213257"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213441"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213630"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213960"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214796"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214797"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215489"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-20897"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-20898"}],"related":["CVE-2023-20897","CVE-2023-20898"],"summary":"Security update for salt","upstream":["CVE-2023-20897","CVE-2023-20898"]}