Описание
Recommended update for Salt
This update for Salt fixes one security issue and several non-security issues.
The following security issue has been fixed:
- Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639)
The following non-security issues have been fixed:
- Update to 2015.8.12
- Add pre-require to salt for minions.
- Do not restart salt-minion in salt package.
- Add try-restart to sys-v init scripts.
- Add 'Restart=on-failure' for salt-minion systemd service.
- Various fixes for signal handling.
- Successfully exit of salt-api child processes when SIGTERM is received.
- Re-introduce 'KillMode=process' for salt-minion systemd service.
- Fix changing default-timezone. (bsc#1008933)
Список пакетов
SUSE Enterprise Storage 3
salt-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
SUSE Linux Enterprise Point of Sale 12 SP2
salt-2015.8.12-27.5
salt-minion-2015.8.12-27.5
SUSE Manager Client Tools 12
salt-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-minion-2015.8.12-27.5
SUSE Manager Proxy 3.0
salt-2015.8.12-27.5
salt-api-2015.8.12-27.5
salt-bash-completion-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
salt-proxy-2015.8.12-27.5
salt-ssh-2015.8.12-27.5
salt-syndic-2015.8.12-27.5
salt-zsh-completion-2015.8.12-27.5
SUSE Manager Server 3.0
salt-2015.8.12-27.5
salt-api-2015.8.12-27.5
salt-bash-completion-2015.8.12-27.5
salt-doc-2015.8.12-27.5
salt-master-2015.8.12-27.5
salt-minion-2015.8.12-27.5
salt-proxy-2015.8.12-27.5
salt-ssh-2015.8.12-27.5
salt-syndic-2015.8.12-27.5
salt-zsh-completion-2015.8.12-27.5
Ссылки
- Link for SUSE-RU-2017:0169-1
- E-Mail link for SUSE-RU-2017:0169-1
- SUSE Security Ratings
- SUSE Bug 1008933
- SUSE Bug 1012398
- SUSE Bug 1016475
- SUSE CVE CVE-2016-9639 page
Описание
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching.
Затронутые продукты
SUSE Enterprise Storage 3:salt-2015.8.12-27.5
SUSE Enterprise Storage 3:salt-master-2015.8.12-27.5
SUSE Enterprise Storage 3:salt-minion-2015.8.12-27.5
SUSE Linux Enterprise Point of Sale 12 SP2:salt-2015.8.12-27.5
Ссылки
- CVE-2016-9639
- SUSE Bug 1012398