Revisions of salt
Victor Zhestkov (vzhestkov)
accepted
request 984544
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 423)
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566) - Added: * fix-for-cve-2022-22967-bsc-1200566.patch
Alexander Graul (agraul)
accepted
request 978128
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 422)
- Make sure SaltCacheLoader use correct fileclient (bsc#1199149) - Added: * make-sure-saltcacheloader-use-correct-fileclient-519.patch
Alexander Graul (agraul)
committed
(revision 421)
osc copypac from project:systemsmanagement:saltstack:products:next package:salt revision:406
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 975764
from
Yeray Gutiérrez Cedrés (ygutierrez)
(revision 420)
- Remove redundant overrides causing confusing DEBUG logging (bsc#1189501) (#58) - Added: * remove-redundand-overrides-causing-confusing-debug-l.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 969405
from
Victor Zhestkov (vzhestkov)
(revision 419)
- Prevent data pollution between actions proceesed at the same time (bsc#1197637) - Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533) - Added: * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch * fix-regression-with-depending-client.ssh-on-psutil-b.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 966196
from
Victor Zhestkov (vzhestkov)
(revision 418)
- Fix salt-ssh opts poisoning (bsc#1197637) - Added: * fix-salt-ssh-opts-poisoning-bsc-1197637-3002.2-500.patch
Victor Zhestkov (vzhestkov)
accepted
request 966053
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 417)
- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632) * fix-state.orchestrate_single-to-not-pass-pillar-none.patch - Renamed: * patch_for_cve_bsc1197417.patch -> fix-multiple-security-issues-bsc-1197417.patch - Fix multiple security issues (bsc#1197417) * Sign authentication replies to prevent MiTM (CVE-2022-22935) * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934) * Prevent job and fileserver replays (CVE-2022-22936) * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941) * patch_for_cve_bsc1197417.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 959270
from
Victor Zhestkov (vzhestkov)
(revision 416)
- Remove duplicated method definitions in salt.netapi - Clear network interfaces cache on grains request (bsc#1196050) - Add salt-ssh with Salt Bundle support (venv-salt-minion) (bsc#1182851, bsc#1196432) - Added: * remove-duplicated-method-definitions-in-salt.netapi-.patch * clear-network-interface-cache-when-grains-are-reques.patch * add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch
Victor Zhestkov (vzhestkov)
accepted
request 955657
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 415)
- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632) - Added: * fix-state.orchestrate_single-to-not-pass-pillar-none.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 949734
from
Victor Zhestkov (vzhestkov)
(revision 414)
- Fix inspector module export function (bsc#1097531) - Add all ssh kwargs to sanitize_kwargs method - Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357) - Added: * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch * fix-inspector-module-export-function-bsc-1097531-480.patch * add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 941266
from
Alexander Graul (agraul)
(revision 413)
- Don't check for cached pillar errors on state.apply (bsc#1190781) - Added: * vendor-stateresult.patch * state.apply-don-t-check-for-cached-pillar-errors.patch
Victor Zhestkov (vzhestkov)
accepted
request 931551
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 412)
- Simplify "transactional_update" module to not use SSH wrapper and allow more flexible execution - Add "--no-return-event" option to salt-call to prevent sending return event back to master. - Make "state.highstate" to acts on concurrent flag. - Added: * refactor-and-improvements-for-transactional-updates-.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 930467
from
Victor Zhestkov (vzhestkov)
(revision 411)
Fix the regression for yumnotify
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 930286
from
Victor Zhestkov (vzhestkov)
(revision 410)
- Use dnfnotify instead yumnotify for relevant distros - Remove wrong _parse_cpe_name from grains.core - dnfnotify pkgset plugin implementation - Add rpm_vercmp python library support for version comparison - Prevent pkg plugins errors on missing cookie path (bsc#1186738) - Added: * add-rpm_vercmp-python-library-for-version-comparison.patch * mock-ip_addrs-in-utils-minions.py-unit-test-444.patch * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch * remove-wrong-_parse_cpe_name-from-grains.core-452.patch * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
Victor Zhestkov (vzhestkov)
accepted
request 925495
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 409)
- Fix ip6_interface grain to not leak secondary IPv4 aliases (bsc#1191412) - Make "salt-api" package to require python3-cherrypy on RHEL systems - Make "tar" as required for "salt-transactional-update" package - Added: * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
Alexander Graul (agraul)
accepted
request 923445
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 408)
- Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446) - Fix traceback.*_exc() calls - Added: * 3002.2-do-not-consider-skipped-targets-as-failed-for.patch * fix-traceback.-_exc-calls-429.patch
Victor Zhestkov (vzhestkov)
accepted
request 921343
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 407)
- Support querying for JSON data in external sql pillar - Added: * 3002.2-postgresql-json-support-in-pillar-424.patch
Enno Gotthold (SchoolGuy)
accepted
request 919136
from
Pablo Suárez Hernández (PSuarezHernandez)
(revision 406)
- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265) (CVE-2021-21996) - Added: * exclude-the-full-path-of-a-download-url-to-prevent-i.patch
Enno Gotthold (SchoolGuy)
accepted
request 915246
from
Victor Zhestkov (vzhestkov)
(revision 405)
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories - Added: * templates-move-the-globals-up-to-the-environment-jin.patch
Pablo Suárez Hernández (PSuarezHernandez)
accepted
request 913171
from
Victor Zhestkov (vzhestkov)
(revision 404)
- Don't pass shell="/sbin/nologin" to onlyif/unless checks (bsc#1188259) - Add missing aarch64 to rpm package architectures - Backport of upstream PR#59492 - Added: * backport-of-upstream-pr59492-to-3002.2-404.patch * add-missing-aarch64-to-rpm-package-architectures-405.patch * don-t-use-shell-sbin-nologin-in-requisites.patch
Displaying revisions 61 - 80 of 483