Security Beta update for Salt

SUSE Security Update: Security Beta update for Salt
Announcement ID: SUSE-SU-2020:14301-1
Rating: moderate
References: #1163981
Cross-References:CVE-2019-17361
Affected Products:
  • SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA

An update that fixes one vulnerability is now available.

Description:


This update fixes the following issues:
salt:

  • Fix 'os_family' grain for Astra Linux Common Edition
  • Update to Salt version 2019.2.3 (CVE-2019-17361) (bsc#1163981) See release notes: https://docs.saltstack.com/en/latest/topics/releases/2019.2.3.html
  • Enable passing grains to start event based on 'start_event_grains' configuration parameter

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA:
    zypper in -t patch suse-ubu164ct-salt-beta-202002-14301=1

Package List:

  • SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA (all):
    • salt-common-2019.2.2+ds-1.1+9.6.1
    • salt-minion-2019.2.2+ds-1.1+9.6.1

References: