Salt was updated to 2017.7.2 and also to fix various bugs and security issues.
See the following resources for the full changelog:
https://docs.saltstack.com/en/develop/topics/releases/2017.7.2.html
https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html
https://docs.saltstack.com/en/develop/topics/releases/2017.7.0.html
Security issues fixed:
- CVE-2017-14695: A directory traversal during minion id validation was fixed. (boo#1062462)
- CVE-2017-14696: A remote denial of service attack with a specially crafted authentication request was fixed. (boo#1062464)
- CVE-2017-12791: crafted minion ID could lead directory traversal on the Salt-master (boo#1053955)
Non security issues fixed:
- Add possibility to generate _version.py at the build time for
raw builds: https://github.com/saltstack/salt/pull/43955
- Fix salt target-type field returns "String" for existing
jids but an empty "Array" for non existing jids. (issue #1711)
- Fixed minion resource exhaustion when many functions are being
executed in parallel (boo#1059758)
- Remove 'TasksTask' attribute from salt-master.service in older
versions of systemd (boo#985112)
- Provide custom SUSE salt-master.service file.
- Fix wrong version reported by Salt (boo#1061407)
- list_pkgs: add parameter for returned attribute selection (boo#1052264)
- Adding the leftover for zypper and yum list_pkgs functionality.
- Use $HOME to get the user home directory instead using '~' char (boo#1042749)
- fix ownership for whole master cache directory (boo#1035914)
- fix setting the language on SUSE systems (boo#1038855)
- wrong os_family grains on SUSE - fix unittests (boo#1038855)
- speed-up cherrypy by removing sleep call
- Disable 3rd party runtime packages to be explicitly recommended.
(boo#1040886)
- fix format error (boo#1043111)
- Add a salt-minion watchdog for RHEL6 and SLES11 systems (sysV)
to restart salt-minion in case of crashes during upgrade.
- Add procps as dependency.
- Bugfix: jobs scheduled to run at a future time stay
pending for Salt minions (boo#1036125)
- Wrong os_family grains on SUSE - fix unittests. (boo#1038855)
- Fix setting the language on SUSE systems. (boo#1038855)
- Bugfix: unable to use hostname for minion ID as '127'. (upstream)
- Bugfix: remove sleep call in CheppryPy API handler. (upstream)
- Fix core grains constants for timezone. (boo#1032931)
- Prevents zero length error on Python 2.6.
- Fixes zypper test error after backporting.
- Refactoring on Zypper and Yum execution and state modules to allow
installation of patches/errata.
- Allows to set 'timeout' and 'gather_job_timeout' via kwargs.
- Add missing bootstrap script for Salt Cloud. (boo#1032452)
- raet protocol is no longer supported. (boo#1020831)
- Fix: add missing /var/cache/salt/cloud directory. (boo#1032213)
- Cleanup salt user environment preparation. (boo#1027722)
- Fix: race condition on cache directory creation.
- Fix: /var/log/salt/minion fails logrotate. (boo#1030009)
- Fix: Result of master_tops extension is mutually overwritten.
(boo#1030073)
- Allows to set custom timeouts for 'manage.up' and 'manage.status'.
- Keep fix for migrating salt home directory. (boo#1022562)
- Fix salt-minion update on RHEL. (boo#1022841)
- Prevents 'OSError' exception in case certain job cache path
doesn't exist. (boo#1023535)
- Submitted by Theo Chatzimichos (tampakrap)