Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2021:0347-1

Опубликовано: 26 фев. 2021
Источник: suse-cvrf

Описание

Security update for salt

This update for salt fixes the following issues:

  • Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
  • Allow extra_filerefs as sanitized kwargs for SSH client
  • Fix errors with virt.update
  • Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
  • virt: search for grub.xen path
  • Xen spicevmc, DNS SRV records backports:
    • Fix virtual network generated DNS XML for SRV records
    • Don't add spicevmc channel to xen VMs
  • virt UEFI fix: virt.update when efi=True

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2
python2-salt-3000-lp152.3.27.1
python3-salt-3000-lp152.3.27.1
salt-3000-lp152.3.27.1
salt-api-3000-lp152.3.27.1
salt-bash-completion-3000-lp152.3.27.1
salt-cloud-3000-lp152.3.27.1
salt-doc-3000-lp152.3.27.1
salt-fish-completion-3000-lp152.3.27.1
salt-master-3000-lp152.3.27.1
salt-minion-3000-lp152.3.27.1
salt-proxy-3000-lp152.3.27.1
salt-ssh-3000-lp152.3.27.1
salt-standalone-formulas-configuration-3000-lp152.3.27.1
salt-syndic-3000-lp152.3.27.1
salt-zsh-completion-3000-lp152.3.27.1

Ссылки

Описание

An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки

Описание

An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

Затронутые продукты
openSUSE Leap 15.2:python2-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:python3-salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-3000-lp152.3.27.1
openSUSE Leap 15.2:salt-api-3000-lp152.3.27.1
Ссылки
Уязвимость openSUSE-SU-2021:0347-1