Описание
Security update for salt
This update for salt fixes the following issues:
- Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
- Allow
extra_filerefsas sanitizedkwargsfor SSH client - Fix errors with virt.update
- Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
- virt: search for
grub.xenpath - Xen spicevmc, DNS SRV records backports:
- Fix virtual network generated DNS XML for SRV records
- Don't add spicevmc channel to xen VMs
- virt UEFI fix: virt.update when
efi=True
Список пакетов
Image SLES15-SAP-Azure-BYOS
Image SLES15-SAP-EC2-HVM-BYOS
Image SLES15-SAP-GCE-BYOS
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
Ссылки
- Link for SUSE-SU-2021:0628-1
- E-Mail link for SUSE-SU-2021:0628-1
- SUSE Security Ratings
- SUSE Bug 1181550
- SUSE Bug 1181556
- SUSE Bug 1181557
- SUSE Bug 1181558
- SUSE Bug 1181559
- SUSE Bug 1181560
- SUSE Bug 1181561
- SUSE Bug 1181562
- SUSE Bug 1181563
- SUSE Bug 1181564
- SUSE Bug 1181565
- SUSE Bug 1182740
- SUSE CVE CVE-2020-28243 page
- SUSE CVE CVE-2020-28972 page
- SUSE CVE CVE-2020-35662 page
- SUSE CVE CVE-2021-25281 page
- SUSE CVE CVE-2021-25282 page
Описание
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.
Затронутые продукты
Ссылки
- CVE-2020-28243
- SUSE Bug 1181550
- SUSE Bug 1181556
Описание
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
Затронутые продукты
Ссылки
- CVE-2020-28972
- SUSE Bug 1181550
- SUSE Bug 1181557
Описание
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
Затронутые продукты
Ссылки
- CVE-2020-35662
- SUSE Bug 1181550
- SUSE Bug 1181565
Описание
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
Затронутые продукты
Ссылки
- CVE-2021-25281
- SUSE Bug 1181550
- SUSE Bug 1181559
Описание
An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.
Затронутые продукты
Ссылки
- CVE-2021-25282
- SUSE Bug 1181550
- SUSE Bug 1181560
Описание
An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.
Затронутые продукты
Ссылки
- CVE-2021-25283
- SUSE Bug 1181550
- SUSE Bug 1181561
Описание
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
Затронутые продукты
Ссылки
- CVE-2021-25284
- SUSE Bug 1181550
Описание
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
Затронутые продукты
Ссылки
- CVE-2021-3144
- SUSE Bug 1181550
- SUSE Bug 1181562
Описание
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
Затронутые продукты
Ссылки
- CVE-2021-3148
- SUSE Bug 1181550
- SUSE Bug 1181558
Описание
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.
Затронутые продукты
Ссылки
- CVE-2021-3197
- SUSE Bug 1181550
- SUSE Bug 1181564