Overview

File _patchinfo of Package patchinfo.7211

<patchinfo incident="7211">
  <issue id="1053955" tracker="bnc">VUL-0: CVE-2017-12791: salt: Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master</issue>
  <issue id="1038855" tracker="bnc">wrong use of os_family string for Suse in the locale module and others</issue>
  <issue id="1043111" tracker="bnc">format error in log message</issue>
  <issue id="1035914" tracker="bnc">Trying to bootstrap any minion: "permission denied: '/tmp/.root_9e39f9_salt/running_data'"</issue>
  <issue id="1040886" tracker="bnc">salt-minion recommends mariadb</issue>
  <issue id="1036125" tracker="bnc">Jobs scheduled to run at a future time stay pending for Salt minions</issue>
  <issue id="2017-12791" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tampakrap</packager>
  <description>This update for salt fixes the following issues:

- Update to 2017.7.1
  See https://docs.saltstack.com/en/develop/topics/releases/2017.7.1.html
  for full changelog
- CVE-2017-12791: crafted minion ID could lead directory traversal on the Salt-master (boo#1053955)
 

- Run fdupes over all of /usr because it still warns about
  duplicate files. Remove ancient suse_version &gt; 1020 conditional.
- Replace unnecessary %__ indirections. Use grep -q in favor of
  &gt;/dev/null.
- Avoid bashisms in %pre.

- Update to 2017.7.0
  See https://docs.saltstack.com/en/develop/topics/releases/2017.7.0.html
  for full changelog
- fix ownership for whole master cache directory (boo#1035914)
- fix setting the language on SUSE systems (boo#1038855)
- wrong os_family grains on SUSE - fix unittests (boo#1038855)
- speed-up cherrypy by removing sleep call
- Disable 3rd party runtime packages to be explicitly recommended.
  (boo#1040886)
- fix format error (boo#1043111)
- Add a salt-minion watchdog for RHEL6 and SLES11 systems (sysV)
  to restart salt-minion in case of crashes during upgrade.
- Add procps as dependency.
- Bugfix: jobs scheduled to run at a future time stay
  pending for Salt minions (boo#1036125)
</description>
  <summary>Security update for salt</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places