Support querying for JSON data in external sql pillar.
Exclude the full path of a download URL to prevent injection of malicious code.
(bsc#1190265, CVE-2021-21996)
Affected Packages(15 packages)
python3-salt
SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2
Fixed in:
3002.2-49.2
salt
SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2SUSE Linux Enterprise Module for Server Applications 15 SP2SUSE Linux Enterprise Module for Transactional Server 15 SP2
Fixed in:
3002.2-49.2
salt-minion
SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2
Fixed in:
3002.2-49.2
salt-transactional-update
SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Transactional Server 15 SP2
Fixed in:
3002.2-49.2
salt-bash-completion
SUSE Linux Enterprise Module for Basesystem 15 SP2
Fixed in:
3002.2-49.2
salt-doc
SUSE Linux Enterprise Module for Basesystem 15 SP2
Fixed in:
3002.2-49.2
salt-zsh-completion
SUSE Linux Enterprise Module for Basesystem 15 SP2
Fixed in:
3002.2-49.2
salt-api
SUSE Linux Enterprise Module for Server Applications 15 SP2
Fixed in:
3002.2-49.2
salt-cloud
SUSE Linux Enterprise Module for Server Applications 15 SP2
Fixed in:
3002.2-49.2
salt-fish-completion
SUSE Linux Enterprise Module for Server Applications 15 SP2