Overview

File _patchinfo of Package patchinfo.39501

<patchinfo incident="39501">
  <issue tracker="ijsc" id="MSQA-993"/>
  <issue tracker="bnc" id="1244570">VUL-0: CVE-2025-22241: salt: Path traversal in salt.utils.virt</issue>
  <issue tracker="bnc" id="1244575">VUL-0: CVE-2025-22242: salt: worker process denial of service through file read operation</issue>
  <issue tracker="bnc" id="1244561">VUL-0: CVE-2024-38822: salt: multiple methods in the salt master skip minion token validation</issue>
  <issue tracker="bnc" id="1244574">VUL-0: CVE-2025-22239: salt: the master's "_minion_event" method can be used by and authorized minion to send arbitrary events onto the master's event bus</issue>
  <issue tracker="bnc" id="1244566">VUL-0: CVE-2024-38825: salt: the salt.auth.pki module does not properly authenticate callers</issue>
  <issue tracker="bnc" id="1243268">VUL-0: CVE-2025-47287: python-tornado,python-tornado6: denial-of-service via generation of an extremely high volume of logs due to multipart/form-data parser</issue>
  <issue tracker="bnc" id="1244571">VUL-0: CVE-2025-22237: salt: access to a minion key allows for exploitation of the 'on demand' pillar functionality such that arbitrary commands cn be run on the master with the same privileges as the master process</issue>
  <issue tracker="bnc" id="1244565">VUL-0: CVE-2024-38824: salt: directory traversal in recv_file method allows arbitrary files to be written to the master cache directory</issue>
  <issue tracker="bnc" id="1236621">IP address in the webui is showing up as unknown</issue>
  <issue tracker="bnc" id="1244568">VUL-0: CVE-2025-22236: salt: attackers with access to a minion key can craft a message which may be able to execute a job on other minions</issue>
  <issue tracker="bnc" id="1244564">VUL-0: CVE-2024-38823: salt: request server can be affected by replay attacks when not using a TLS encrypted transport</issue>
  <issue tracker="bnc" id="1244572">VUL-0: CVE-2025-22238: salt: directory traversal in minion file cache creation can be leveraged to write or overwrite 'cache' files outside of the cache directory</issue>
  <issue tracker="bnc" id="1244567">VUL-0: CVE-2025-22240: salt: Path traversal in GitFS find_file()</issue>
  <issue tracker="cve" id="2025-22237"/>
  <issue tracker="cve" id="2024-38822"/>
  <issue tracker="cve" id="2025-22242"/>
  <issue tracker="cve" id="2025-22236"/>
  <issue tracker="cve" id="2024-38825"/>
  <issue tracker="cve" id="2025-22240"/>
  <issue tracker="cve" id="2025-47287"/>
  <issue tracker="cve" id="2024-38823"/>
  <issue tracker="cve" id="2024-38824"/>
  <issue tracker="cve" id="2025-22239"/>
  <issue tracker="cve" id="2025-22241"/>
  <issue tracker="cve" id="2025-22238"/>
  <packager>PSuarezHernandez</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for salt</summary>
  <description>This update for salt fixes the following issues:

- Security issues fixed:
  
  - CVE-2024-38822: Fixed Minion token validation (bsc#1244561)
  - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport (bsc#1244564)
  - CVE-2024-38824: Fixed directory traversal vulnerability in recv_file method (bsc#1244565)
  - CVE-2024-38825: Fixed salt.auth.pki module authentication issue (bsc#1244566)
  - CVE-2025-22240: Fixed arbitrary directory creation or file deletion with GitFS (bsc#1244567)
  - CVE-2025-22236: Fixed Minion event bus authorization bypass (bsc#1244568)
  - CVE-2025-22241: Fixed the use of un-validated input in the VirtKey class (bsc#1244570)
  - CVE-2025-22237: Fixed exploitation of the 'on demand' pillar functionality (bsc#1244571)
  - CVE-2025-22238: Fixed the master's default cache vulnerability to a directory traversal attack (bsc#1244572)
  - CVE-2025-22239: Fixed the arbitrary event injection on the Salt Master (bsc#1244574) 
  - CVE-2025-22242: Fixed a Denial of Service vulnerability through file read operation (bsc#1244575)
  - CVE-2025-47287: Fixed a Denial of Service vulnerability in Tornado logging behavior (bsc#1243268)

- Other bugs fixed:

  - Added subsystem filter to udev.exportdb (bsc#1236621)
  - Fixed Ubuntu 24.04 test failures
  - Fixed refresh of osrelease and related grains on Python 3.10+
  - Fixed issue requiring proper Python flavor for dependencies
</description>
  <zypp_restart_needed/>
</patchinfo>
openSUSE Build Service is sponsored by
Places