SUSE-SU-2024:0510-1

Опубликовано: 15 фев. 2024

Источник: suse-cvrf

Описание

Security update for salt

This update for salt fixes the following issues:

Security issues fixed:

CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430)
CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431)

Bugs fixed:

Ensure that pillar refresh loads beacons from pillar without restart
Fix the aptpkg.py unit test failure
Prefer unittest.mock to python-mock in test suite
Enable 'KeepAlive' probes for Salt SSH executions (bsc#1211649)
Revert changes to set Salt configured user early in the stack (bsc#1216284)
Align behavior of some modules when using salt-call via symlink (bsc#1215963)
Fix gitfs 'env' and improve cache cleaning (bsc#1193948)
Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed

Список пакетов

Container suse/manager/5.0/x86_64/server:latest

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-api-3006.0-150500.4.29.1

salt-master-3006.0-150500.4.29.1

Image SLES15-SP5-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-HPC-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-HPC-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-HPC-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-Hardened-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-Hardened-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-Hardened-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-Micro-5-5-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-HPC-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-Hardened-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-Hardened-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-Hardened-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-Hardened-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-Hardened-BYOS

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image SLES15-SP6-SAP-Hardened-EC2

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

Image server-image

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-api-3006.0-150500.4.29.1

salt-master-3006.0-150500.4.29.1

SUSE Linux Enterprise Micro 5.5

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-bash-completion-3006.0-150500.4.29.1

salt-doc-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-zsh-completion-3006.0-150500.4.29.1

SUSE Linux Enterprise Module for Server Applications 15 SP5

salt-api-3006.0-150500.4.29.1

salt-cloud-3006.0-150500.4.29.1

salt-fish-completion-3006.0-150500.4.29.1

salt-master-3006.0-150500.4.29.1

salt-proxy-3006.0-150500.4.29.1

salt-ssh-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

salt-syndic-3006.0-150500.4.29.1

SUSE Linux Enterprise Module for Transactional Server 15 SP5

salt-transactional-update-3006.0-150500.4.29.1

openSUSE Leap 15.5

python3-salt-3006.0-150500.4.29.1

salt-3006.0-150500.4.29.1

salt-api-3006.0-150500.4.29.1

salt-bash-completion-3006.0-150500.4.29.1

salt-cloud-3006.0-150500.4.29.1

salt-doc-3006.0-150500.4.29.1

salt-fish-completion-3006.0-150500.4.29.1

salt-master-3006.0-150500.4.29.1

salt-minion-3006.0-150500.4.29.1

salt-proxy-3006.0-150500.4.29.1

salt-ssh-3006.0-150500.4.29.1

salt-standalone-formulas-configuration-3006.0-150500.4.29.1

salt-syndic-3006.0-150500.4.29.1

salt-transactional-update-3006.0-150500.4.29.1

salt-zsh-completion-3006.0-150500.4.29.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20240510-1/
Link for SUSE-SU-2024:0510-1
https://lists.suse.com/pipermail/sle-security-updates/2024-February/017926.html
E-Mail link for SUSE-SU-2024:0510-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1193948
SUSE Bug 1193948
https://bugzilla.suse.com/1211649
SUSE Bug 1211649
https://bugzilla.suse.com/1215963
SUSE Bug 1215963
https://bugzilla.suse.com/1216284
SUSE Bug 1216284
https://bugzilla.suse.com/1219430
SUSE Bug 1219430
https://bugzilla.suse.com/1219431
SUSE Bug 1219431
https://www.suse.com/security/cve/CVE-2024-22231/
SUSE CVE CVE-2024-22231 page
https://www.suse.com/security/cve/CVE-2024-22232/
SUSE CVE CVE-2024-22232 page

Описание

Syndic cache directory creation is vulnerable to a directory traversal attack in salt project which can lead a malicious attacker to create an arbitrary directory on a Salt master.

Затронутые продукты

Container suse/manager/5.0/x86_64/server:latest:python3-salt-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-api-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-master-3006.0-150500.4.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-22231.html
CVE-2024-22231
https://bugzilla.suse.com/1219430
SUSE Bug 1219430

Описание

A specially crafted url can be created which leads to a directory traversal in the salt file server. A malicious user can read an arbitrary file from a Salt master's filesystem.

Затронутые продукты

Container suse/manager/5.0/x86_64/server:latest:python3-salt-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-api-3006.0-150500.4.29.1

Container suse/manager/5.0/x86_64/server:latest:salt-master-3006.0-150500.4.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-22232.html
CVE-2024-22232
https://bugzilla.suse.com/1219431
SUSE Bug 1219431

SUSE-SU-2024:0510-1

Описание

Список пакетов

Container suse/manager/5.0/x86_64/server:latest

Image SLES15-SP5-BYOS-Azure

Image SLES15-SP5-BYOS-EC2

Image SLES15-SP5-BYOS-GCE

Image SLES15-SP5-HPC-BYOS-Azure

Image SLES15-SP5-HPC-BYOS-EC2

Image SLES15-SP5-HPC-BYOS-GCE

Image SLES15-SP5-Hardened-BYOS-Azure

Image SLES15-SP5-Hardened-BYOS-EC2

Image SLES15-SP5-Hardened-BYOS-GCE

Image SLES15-SP5-Manager-Proxy-5-0-BYOS

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-Azure

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2

Image SLES15-SP5-Manager-Proxy-5-0-BYOS-GCE

Image SLES15-SP5-Manager-Server-5-0

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

Image SLES15-SP5-Manager-Server-5-0-BYOS

Image SLES15-SP5-Manager-Server-5-0-BYOS-Azure

Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2

Image SLES15-SP5-Manager-Server-5-0-BYOS-GCE

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

Image SLES15-SP5-Micro-5-5

Image SLES15-SP5-Micro-5-5-Azure

Image SLES15-SP5-Micro-5-5-BYOS

Image SLES15-SP5-Micro-5-5-BYOS-Azure

Image SLES15-SP5-Micro-5-5-BYOS-EC2

Image SLES15-SP5-Micro-5-5-BYOS-GCE

Image SLES15-SP5-Micro-5-5-EC2

Image SLES15-SP5-Micro-5-5-GCE

Image SLES15-SP5-SAP-BYOS-Azure

Image SLES15-SP5-SAP-BYOS-EC2

Image SLES15-SP5-SAP-BYOS-GCE

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

Image SLES15-SP6-BYOS

Image SLES15-SP6-BYOS-Azure

Image SLES15-SP6-BYOS-EC2

Image SLES15-SP6-BYOS-GCE

Image SLES15-SP6-HPC-BYOS

Image SLES15-SP6-HPC-BYOS-Azure

Image SLES15-SP6-HPC-BYOS-EC2

Image SLES15-SP6-HPC-BYOS-GCE

Image SLES15-SP6-HPC-EC2

Image SLES15-SP6-HPC-GCE

Image SLES15-SP6-Hardened-BYOS

Image SLES15-SP6-Hardened-BYOS-Azure

Image SLES15-SP6-Hardened-BYOS-EC2

Image SLES15-SP6-Hardened-BYOS-GCE

Image SLES15-SP6-SAP-BYOS

Image SLES15-SP6-SAP-BYOS-Azure

Image SLES15-SP6-SAP-BYOS-EC2

Image SLES15-SP6-SAP-BYOS-GCE

Image SLES15-SP6-SAP-Hardened-BYOS

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

Image SLES15-SP6-SAP-Hardened-EC2

Image server-image

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Module for Basesystem 15 SP5

SUSE Linux Enterprise Module for Server Applications 15 SP5

SUSE Linux Enterprise Module for Transactional Server 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-22231

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2024-22232

Описание

Затронутые продукты

Ссылки