Victor Zhestkov (vzhestkov) accepted request 984544 from Pablo Suárez Hernández (PSuarezHernandez) almost 2 years ago (revision 423)

- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)
- Added:
  * fix-for-cve-2022-22967-bsc-1200566.patch

• Files Changed
• Browse Source

Alexander Graul (agraul) accepted request 978128 from Pablo Suárez Hernández (PSuarezHernandez) almost 2 years ago (revision 422)

- Make sure SaltCacheLoader use correct fileclient (bsc#1199149)
- Added:
  * make-sure-saltcacheloader-use-correct-fileclient-519.patch

• Files Changed
• Browse Source

Alexander Graul (agraul) committed almost 2 years ago (revision 421)

osc copypac from project:systemsmanagement:saltstack:products:next package:salt revision:406

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 975764 from Yeray Gutiérrez Cedrés (ygutierrez) about 2 years ago (revision 420)

- Remove redundant overrides causing confusing DEBUG logging (bsc#1189501) (#58)
- Added:
  * remove-redundand-overrides-causing-confusing-debug-l.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 969405 from Victor Zhestkov (vzhestkov) about 2 years ago (revision 419)

- Prevent data pollution between actions proceesed
  at the same time (bsc#1197637)
- Fix regression preventing bootstrapping new clients
  caused by redundant dependency on psutil (bsc#1197533)
- Added:
  * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
  * fix-regression-with-depending-client.ssh-on-psutil-b.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 966196 from Victor Zhestkov (vzhestkov) about 2 years ago (revision 418)

- Fix salt-ssh opts poisoning (bsc#1197637)
- Added:
  * fix-salt-ssh-opts-poisoning-bsc-1197637-3002.2-500.patch

• Files Changed
• Browse Source

Victor Zhestkov (vzhestkov) accepted request 966053 from Pablo Suárez Hernández (PSuarezHernandez) about 2 years ago (revision 417)

- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)
  * fix-state.orchestrate_single-to-not-pass-pillar-none.patch
- Renamed:
  * patch_for_cve_bsc1197417.patch -> fix-multiple-security-issues-bsc-1197417.patch
- Fix multiple security issues (bsc#1197417)
  * Sign authentication replies to prevent MiTM (CVE-2022-22935)
  * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
  * Prevent job and fileserver replays (CVE-2022-22936)
  * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
  * patch_for_cve_bsc1197417.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 959270 from Victor Zhestkov (vzhestkov) about 2 years ago (revision 416)

- Remove duplicated method definitions in salt.netapi
- Clear network interfaces cache on grains request (bsc#1196050)
- Add salt-ssh with Salt Bundle support (venv-salt-minion)
  (bsc#1182851, bsc#1196432)
- Added:
  * remove-duplicated-method-definitions-in-salt.netapi-.patch
  * clear-network-interface-cache-when-grains-are-reques.patch
  * add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch

• Files Changed
• Browse Source

Victor Zhestkov (vzhestkov) accepted request 955657 from Pablo Suárez Hernández (PSuarezHernandez) about 2 years ago (revision 415)

- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)
- Added:
  * fix-state.orchestrate_single-to-not-pass-pillar-none.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 949734 from Victor Zhestkov (vzhestkov) over 2 years ago (revision 414)

- Fix inspector module export function (bsc#1097531)
- Add all ssh kwargs to sanitize_kwargs method
- Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357)
- Added:
  * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
  * fix-inspector-module-export-function-bsc-1097531-480.patch
  * add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 941266 from Alexander Graul (agraul) over 2 years ago (revision 413)

- Don't check for cached pillar errors on state.apply (bsc#1190781)
- Added:
  * vendor-stateresult.patch
  * state.apply-don-t-check-for-cached-pillar-errors.patch

• Files Changed
• Browse Source

Victor Zhestkov (vzhestkov) accepted request 931551 from Pablo Suárez Hernández (PSuarezHernandez) over 2 years ago (revision 412)

- Simplify "transactional_update" module to not use SSH wrapper and allow more flexible execution
- Add "--no-return-event" option to salt-call to prevent sending return event back to master.
- Make "state.highstate" to acts on concurrent flag.
- Added:
  * refactor-and-improvements-for-transactional-updates-.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 930467 from Victor Zhestkov (vzhestkov) over 2 years ago (revision 411)

Fix the regression for yumnotify

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 930286 from Victor Zhestkov (vzhestkov) over 2 years ago (revision 410)

- Use dnfnotify instead yumnotify for relevant distros
- Remove wrong _parse_cpe_name from grains.core
- dnfnotify pkgset plugin implementation
- Add rpm_vercmp python library support for version comparison
- Prevent pkg plugins errors on missing cookie path (bsc#1186738)
- Added:
  * add-rpm_vercmp-python-library-for-version-comparison.patch
  * mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
  * remove-wrong-_parse_cpe_name-from-grains.core-452.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch

• Files Changed
• Browse Source

Victor Zhestkov (vzhestkov) accepted request 925495 from Pablo Suárez Hernández (PSuarezHernandez) over 2 years ago (revision 409)

- Fix ip6_interface grain to not leak secondary IPv4 aliases (bsc#1191412)
- Make "salt-api" package to require python3-cherrypy on RHEL systems
- Make "tar" as required for "salt-transactional-update" package
- Added:
  * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch

• Files Changed
• Browse Source

Alexander Graul (agraul) accepted request 923445 from Pablo Suárez Hernández (PSuarezHernandez) over 2 years ago (revision 408)

- Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446)
- Fix traceback.*_exc() calls
- Added:
  * 3002.2-do-not-consider-skipped-targets-as-failed-for.patch
  * fix-traceback.-_exc-calls-429.patch

• Files Changed
• Browse Source

Victor Zhestkov (vzhestkov) accepted request 921343 from Pablo Suárez Hernández (PSuarezHernandez) over 2 years ago (revision 407)

- Support querying for JSON data in external sql pillar
- Added:
  * 3002.2-postgresql-json-support-in-pillar-424.patch

• Files Changed
• Browse Source

Enno Gotthold (SchoolGuy) accepted request 919136 from Pablo Suárez Hernández (PSuarezHernandez) over 2 years ago (revision 406)

- Exclude the full path of a download URL to prevent injection of 
  malicious code (bsc#1190265) (CVE-2021-21996)
- Added:
  * exclude-the-full-path-of-a-download-url-to-prevent-i.patch

• Files Changed
• Browse Source

Enno Gotthold (SchoolGuy) accepted request 915246 from Victor Zhestkov (vzhestkov) over 2 years ago (revision 405)

- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
- Added:
  * templates-move-the-globals-up-to-the-environment-jin.patch

• Files Changed
• Browse Source

Pablo Suárez Hernández (PSuarezHernandez) accepted request 913171 from Victor Zhestkov (vzhestkov) over 2 years ago (revision 404)

- Don't pass shell="/sbin/nologin" to onlyif/unless checks (bsc#1188259)
- Add missing aarch64 to rpm package architectures
- Backport of upstream PR#59492
- Added:
  * backport-of-upstream-pr59492-to-3002.2-404.patch
  * add-missing-aarch64-to-rpm-package-architectures-405.patch
  * don-t-use-shell-sbin-nologin-in-requisites.patch

• Files Changed
• Browse Source