Early Access — Mondoo Vulnerability Intelligence is currently in preview.

SUSE-RU-2017:0169-1

UNKNOWN

Recommended update for Salt

Published Jan 17, 2017

Modified 9 years ago

Fix available

Details

This update for Salt fixes one security issue and several non-security issues.

The following security issue has been fixed:

Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)

The following non-security issues have been fixed:

Update to 2015.8.12
Add pre-require to salt for minions.
Do not restart salt-minion in salt package.
Add try-restart to sys-v init scripts.
Add 'Restart=on-failure' for salt-minion systemd service.
Various fixes for signal handling.
Successfully exit of salt-api child processes when SIGTERM is received.
Re-introduce 'KillMode=process' for salt-minion systemd service.
Fix changing default-timezone. (bsc#1008933)

Affected Packages

salt

SUSE Enterprise Storage 3SUSE Linux Enterprise Point of Sale 12 SP2SUSE Manager Client Tools 12SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-master

SUSE Enterprise Storage 3SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-minion

SUSE Enterprise Storage 3SUSE Linux Enterprise Point of Sale 12 SP2SUSE Manager Client Tools 12SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-doc

SUSE Manager Client Tools 12SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-api

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-bash-completion

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-proxy

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-ssh

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-syndic

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

salt-zsh-completion

SUSE Manager Proxy 3.0SUSE Manager Server 3.0

Fixed in:

2015.8.12-27.5

References

REPORThttps://bugzilla.suse.com/1008933 REPORThttps://bugzilla.suse.com/1012398 REPORThttps://bugzilla.suse.com/1016475 WEBhttps://www.suse.com/security/cve/CVE-2016-9639 ADVISORYhttps://www.suse.com/support/update/announcement//suse-ru-20170169-1/

Upstream

Related

Ecosystems

SUSE Enterprise Storage 3 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Manager Client Tools 12 SUSE Manager Proxy 3.0 SUSE Manager Server 3.0

Timeline

PublishedJan 17, 2017

ModifiedJan 17, 2017

SUSE-RU-2017:0169-1 | Mondoo Vulnerability Intelligence