Overview

File _patchinfo of Package patchinfo.30419

<patchinfo incident="30419">
  <issue tracker="bnc" id="1210994">salt gitfs cannot automatically refresh the git cache</issue>
  <issue tracker="bnc" id="1212794">Minion does not start after upgrade from 3004 to 3006</issue>
  <issue tracker="bnc" id="1212844">L3: TypeError: LoadedFunc object got multiple values for keyword argument 'saltenv'</issue>
  <issue tracker="bnc" id="1213441">L3: After latest updates getting tracebacks in salt-master and clients are not checking in</issue>
  <issue tracker="bnc" id="1212855">Salt: user.present does not leave existing groups alone when groups is unset</issue>
  <issue tracker="bnc" id="1213960">L3: venv-salt-minion-3006.0-150000.3.35.1 fails to report job results to SUMA GUI System History</issue>
  <issue tracker="bnc" id="1213630">L3: An extra return was detected from minion are logged for Salt Bundle version 3006 minions</issue>
  <issue tracker="bnc" id="1213257">L3: SP Migration from SLES 15 SP1 to SLES 15 SP3 is pickup but the status does not change to complete even though the migration completes successfully</issue>
  <issue tracker="bnc" id="1214797">VUL-0: CVE-2023-20898: salt: Git Providers can read from the wrong environment because they get the same cache directory base name</issue>
  <issue tracker="bnc" id="1193948">L3: Issue with salt and gitfs and multienvironment  with salt pillars</issue>
  <issue tracker="bnc" id="1214796">VUL-0: CVE-2023-20897: salt: DOS in minion return</issue>
  <issue tracker="bnc" id="1215489">egg-info for Salt has wrong version (including Salt Bundle)</issue>
  <issue tracker="cve" id="2023-20898"/>
  <issue tracker="cve" id="2023-20897"/>
  <packager>PSuarezHernandez</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for salt</summary>
  <description>This update for salt fixes the following issues:

Security issues fixed:

- CVE-2023-20897: Fixed DOS in minion return. (bsc#1214796, bsc#1213441)
- CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base
  name. (bsc#1214797, bsc#1193948)
  
Bugs fixed:

- Create minion_id with reproducible mtime
- Fix broken tests to make them running in the testsuite
- Fix detection of Salt codename by "salt_version" execution module
- Fix inconsistency in reported version by egg-info metadata (bsc#1215489)
- Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844)
- Fix the regression of user.present state when group is unset (bsc#1212855)
- Fix utf8 handling in 'pass' renderer and make it more robust
- Fix zypper repositories always being reconfigured
- Make sure configured user is properly set by Salt (bsc#1210994)
- Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794)
- Revert usage of long running REQ channel to prevent possible missing responses on requests and duplicated responses
  (bsc#1213960, bsc#1213630, bsc#1213257)
</description>
  <zypp_restart_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places