Overview

File _patchinfo of Package patchinfo.5686

<patchinfo incident="5686">
  <name>salt-201709</name>
  <zypp_restart_needed/>
  <rating>moderate</rating>
  <packager>mcalmer</packager>
  <category>security</category>
  <summary>Security update for Salt</summary>
  <description>This update for salt fixes one security issue and bugs:

The following security issue has been fixed:

- CVE-2017-12791: Directory traversal vulnerability in minion id validation
  allowed remote minions with incorrect credentials to authenticate to a master
  via a crafted minion ID (bsc#1053955).

Additionally, the following non-security issues have been fixed:

- Added support for SUSE Manager scalability features. (bsc#1052264)
- Introduced the kubernetes module. (bsc#1051948)
- Notify systemd synchronously via NOTIFY_SOCKET. (bsc#1053376)</description>
  <issue id="1052264" tracker="bnc">Add patches to salt to support SUSE Manager scalability features</issue>
  <issue id="1051948" tracker="bnc">Backport kubernetes-modules to salt</issue>
  <issue id="1053376" tracker="bnc">Bootstrapping SLES12 minion invalid</issue>
  <issue id="1053955" tracker="bnc">CVE-2017-12791: salt: Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master</issue>
  <issue id="2017-12791" tracker="cve" />
</patchinfo>
openSUSE Build Service is sponsored by
Places