openSUSE-SU-2026:20000-1

Опубликовано: 23 дек. 2025

Источник: suse-cvrf

Описание

Security update for salt

This update for salt fixes the following issues:

Changes in salt:

Add minimum_auth_version to enforce security (CVE-2025-62349)
Backport security fixes for vendored tornado
- BDSA-2024-3438
- BDSA-2024-3439
- BDSA-2024-9026
Junos module yaml loader fix (CVE-2025-62348)
Require Python dependencies only for used Python version
Fix TLS and x509 modules for OSes with older cryptography module
Fix Salt for Python > 3.11 (bsc#1252285, bsc#1252244)
Fix payload signature verification on Tumbleweed (bsc#1251776)
Fix broken symlink on migration to Leap 16.0 (bsc#1250755)
Use versioned python interpreter for salt-ssh
Fix known_hosts error on gitfs (bsc#1250520, bsc#1227207)
Revert require M2Crypto >= 0.44.0 for SUSE Family distros
Improve SL Micro 6.2 detection with grains
Fix the tests failing on AlmaLinux 10 and other clones

Список пакетов

openSUSE Leap 16.0

python313-salt-3006.0-160000.3.1

python313-salt-testsuite-3006.0-160000.3.1

salt-3006.0-160000.3.1

salt-api-3006.0-160000.3.1

salt-bash-completion-3006.0-160000.3.1

salt-cloud-3006.0-160000.3.1

salt-doc-3006.0-160000.3.1

salt-fish-completion-3006.0-160000.3.1

salt-master-3006.0-160000.3.1

salt-minion-3006.0-160000.3.1

salt-proxy-3006.0-160000.3.1

salt-ssh-3006.0-160000.3.1

salt-standalone-formulas-configuration-3006.0-160000.3.1

salt-syndic-3006.0-160000.3.1

salt-transactional-update-3006.0-160000.3.1

salt-zsh-completion-3006.0-160000.3.1

Ссылки

https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1227207
SUSE Bug 1227207
https://bugzilla.suse.com/1250520
SUSE Bug 1250520
https://bugzilla.suse.com/1250755
SUSE Bug 1250755
https://bugzilla.suse.com/1251776
SUSE Bug 1251776
https://bugzilla.suse.com/1252244
SUSE Bug 1252244
https://bugzilla.suse.com/1252285
SUSE Bug 1252285
https://www.suse.com/security/cve/CVE-2025-62348/
SUSE CVE CVE-2025-62348 page
https://www.suse.com/security/cve/CVE-2025-62349/
SUSE CVE CVE-2025-62349 page

Описание

unknown

Затронутые продукты

openSUSE Leap 16.0:python313-salt-3006.0-160000.3.1

openSUSE Leap 16.0:python313-salt-testsuite-3006.0-160000.3.1

openSUSE Leap 16.0:salt-3006.0-160000.3.1

openSUSE Leap 16.0:salt-api-3006.0-160000.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-62348.html
CVE-2025-62348
https://bugzilla.suse.com/1254256
SUSE Bug 1254256

Описание

unknown

Затронутые продукты

openSUSE Leap 16.0:python313-salt-3006.0-160000.3.1

openSUSE Leap 16.0:python313-salt-testsuite-3006.0-160000.3.1

openSUSE Leap 16.0:salt-3006.0-160000.3.1

openSUSE Leap 16.0:salt-api-3006.0-160000.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-62349.html
CVE-2025-62349
https://bugzilla.suse.com/1254257
SUSE Bug 1254257

openSUSE-SU-2026:20000-1

Описание

Список пакетов

openSUSE Leap 16.0

Ссылки

Уязвимость: CVE-2025-62348

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2025-62349

Описание

Затронутые продукты

Ссылки