File venv-salt-minion.changes of Package venv-salt-minion
-------------------------------------------------------------------
Wed Mar 12 13:40:26 UTC 2025 - Marek Czernek <marek.czernek@suse.com>
- Fix aptpkg 'NoneType object has no attribute split' error
- Added:
* fix-deb822-nonetype-object-has-no-attribute-split-71.patch
-------------------------------------------------------------------
Mon Mar 10 14:18:41 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>
- Detect openEuler as RedHat family OS
- Ensure the correct crypt module is loaded
- Implement multiple inventory for ansible.targets
- Make x509 module compatible with M2Crypto 0.44.0
- Remove deprecated code from x509.certificate_managed test mode
- Move logrotate config to /usr/etc/logrotate.d where possible
- Added:
* detect-openeuler-as-redhat-family-os.patch
* ensure-the-correct-crypt-module-is-loaded.patch
* implement-multiple-inventory-for-ansible.targets.patch
* make-x509-module-compatible-with-m2crypto-0.44.0.patch
* remove-deprecated-code-from-x509.certificate_managed.patch
-------------------------------------------------------------------
Mon Mar 10 09:37:12 UTC 2025 - Marek Czernek <marek.czernek@suse.com>
- Add DEB822 apt repository format support
- Make Salt-SSH work with all SSH passwords (bsc#1215484)
- Added:
* remove-password-from-shell-after-functional-text-mat.patch
* add-deb822-apt-source-format-support-692.patch
-------------------------------------------------------------------
Fri Mar 7 12:19:13 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>
- Remove strict binary dependency for libcrypt.so for EL9 bundle
to make it compatible with openEuler and make using passlib instead.
-------------------------------------------------------------------
Fri Feb 21 12:47:02 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Fix virt_query outputter and add support for block devices
- Make _auth calls visible with master stats
- Repair mount.fstab_present always returning pending changes
- Set virtual grain in Podman systemd container
- Fix crash due wrong client reference on `SaltMakoTemplateLookup`
- Enhace batch async and fix some detected issues
- Added:
* repair-virt_query-outputter-655.patch
* make-_auth-calls-visible-with-master-stats-696.patch
* repair-fstab_present-test-mode-702.patch
* set-virtual-grain-in-podman-systemd-container-703.patch
* fixed-file-client-private-attribute-reference-on-sal.patch
* backport-batch-async-fixes-and-improvements-701.patch
-------------------------------------------------------------------
Wed Feb 19 16:40:12 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Fix tests failures after "repo.saltproject.io" deprecation
- Added:
* fix-tests-failures-after-repo.saltproject.io-depreca.patch
-------------------------------------------------------------------
Wed Jan 29 10:33:38 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Fix error to stat '/root/.gitconfig' on gitfs
(bsc#1230944) (bsc#1234881) (bsc#1220905)
- Added:
* fix-failed-to-stat-root-.gitconfig-issue-on-gitfs-bs.patch
-------------------------------------------------------------------
Mon Jan 27 13:46:20 UTC 2025 - Alexander Graul <alexander.graul@suse.com>
- Adapt to removal of hex attribute in pygit2 v1.15.0 (bsc#1230642)
- Added:
* update-for-deprecation-of-hex-in-pygit2-1.15.0-and-a.patch
-------------------------------------------------------------------
Thu Jan 23 16:45:30 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Enhance smart JSON parsing when garbage is present (bsc#1231605)
- Added:
* enhance-find_json-garbage-filtering-bsc-1231605-688.patch
-------------------------------------------------------------------
Wed Jan 22 13:13:24 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Fix virtual grains for VMs running on Nutanix AHV (bsc#1234022)
- Fix issues running on Python 3.12 and 3.13
- Added:
* fix-virtual-grains-for-vms-running-on-nutanix-ahv-bs.patch
* fix-issues-that-break-salt-in-python-3.12-and-3.13-6.patch
-------------------------------------------------------------------
Wed Jan 8 08:31:57 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>
- Include D-Bus python module for SUSE distros (bsc#1231618)
- Modified:
* include-rpm
* filter-requires.sh
-------------------------------------------------------------------
Tue Dec 17 08:20:43 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Revert setting SELinux context for minion service (bsc#1233667)
- Added:
* revert-setting-selinux-context-for-minion-service-bs.patch
-------------------------------------------------------------------
Tue Nov 26 14:53:34 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Make minion reconnecting on changing master IP (bsc#1228182)
- Added:
* make-minion-reconnecting-on-changing-master-ip-bsc-1.patch
-------------------------------------------------------------------
Tue Nov 26 14:53:17 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Fix post_start_cleanup.sh shebang to work on all systems (gh#uyuni-project/uyuni#9477)
- Modified:
* post_start_cleanup.sh
-------------------------------------------------------------------
Wed Oct 23 15:34:36 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Handle logger exception when flushing already closed file
- Added:
* handle-logger-flushing-already-closed-file-686.patch
-------------------------------------------------------------------
Wed Oct 23 15:25:09 UTC 2024 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Make Salt Bundle more tolerant to long running jobs (bsc#1228690)
- Added:
* enhance-cleanup-mechanism-after-salt-bundle-upgrade-.patch
- Modified:
* post_start_cleanup.sh
-------------------------------------------------------------------
Wed Oct 23 15:23:21 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Fix additional x509 tests and test_suse tests for SLE12
- Added:
* fix-x509-private-key-tests-and-test_suse-on-sle12-68.patch
-------------------------------------------------------------------
Wed Oct 23 14:46:45 UTC 2024 - Pablo Suárez Hernández <psuarezhernandez@suse.com>
- Fix zyppnotify plugin after latest zypp/libzypp upgrades
(bsc#1231697, bsc#1231045)
-------------------------------------------------------------------
Wed Oct 2 07:49:50 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Fix failing x509 tests with OpenSSL < 1.1
- Added:
* fix-x509-test-fails-on-old-openssl-systems-682.patch
-------------------------------------------------------------------
Wed Sep 25 12:00:37 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Avoid explicit reading of /etc/salt/minion (bsc#1220357)
- Allow NamedLoaderContexts to be returned from loader
- Revert the change making reactor less blocking (bsc#1230322)
- Use --cachedir for extension_modules in salt-call (bsc#1226141)
- Prevent using SyncWrapper with no reason
- Added:
* avoid-explicit-reading-of-etc-salt-minion-bsc-122035.patch
* allow-namedloadercontexts-to-be-returned-from-loader.patch
* revert-the-change-making-reactor-less-blocking-bsc-1.patch
* use-cachedir-for-extension_modules-in-salt-call-bsc-.patch
* prevent-using-syncwrapper-with-no-reason.patch
-------------------------------------------------------------------
Thu Sep 12 16:08:41 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Enable post_start_cleanup.sh to work in a transaction
- Added:
* post_start_cleanup.sh
-------------------------------------------------------------------
Tue Sep 10 12:52:23 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix the SELinux context for Salt Minion service (bsc#1219041)
- Added:
* fix-the-selinux-context-for-salt-minion-service-bsc-.patch
-------------------------------------------------------------------
Wed Sep 4 11:42:59 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Increase warn_until_date date for code we still support
- The test_debian test now uses port 80 for ubuntu keyserver
- Fix too frequent systemd service restart in test_system test
- Added:
* fix-test_debian-to-work-in-our-infrastructure-676.patch
* fix-test_system-flaky-setup_teardown-fn.patch
* fix-deprecated-code-677.patch
-------------------------------------------------------------------
Wed Sep 4 10:07:00 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Security updates on Python 3.11 interpreter:
* Fix quadratic complexity in parsing -quoted cookie values with
backslashes (bsc#1229873, bsc#1230059, CVE-2024-7592).
* Prevent malformed payload to cause infinite loops in zipfile.Path
(bsc#1229704, bsc#1230058, CVE-2024-8088).
* Prevent email header injection due to unquoted newlines
(bsc#1228780, CVE-2024-6923).
* Rearranging definition of private global IP addresses
(bsc#1226448, CVE-2024-4032).
* gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads (bsc#1226447, CVE-2024-0397).
- Security updates on Python dependencies:
* zipp: Add patch CVE-2024-5569.patch from upstream gh#jaraco/zipp@fd604bd34f03
(bsc#1227547, CVE-2024-5569, bsc#1229996).
* setuptools: Sanitize any VCS URL we download
(CVE-2024-6345, bsc#1228105, bsc#1229995).
* idna: Add CVE-2024-3651.patch, backported from upstream commit
gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
(bsc#1222842, bsc#1229994, CVE-2024-3651).
* urllib3: Added the ``Proxy-Authorization`` header to the list of headers
to strip from requests when redirecting to a different host
(bsc#1226469, bsc#1229654, CVE-2024-37891).
-------------------------------------------------------------------
Fri Aug 30 14:52:38 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Avoid crash on wrong output of systemctl version (bsc#1229539)
- Improve error handling with different OpenSSL versions
- Remove redundant run_func from salt.master.MWorker._handle_aes
- Added:
* avoid-crash-on-wrong-output-of-systemctl-version-bsc.patch
* improve-error-handling-with-different-openssl-versio.patch
* remove-redundant-run_func-from-salt.master.mworker._.patch
-------------------------------------------------------------------
Thu Aug 29 11:49:41 UTC 2024 - Yeray Gutiérrez Cedrés <yeray.gutierrez@suse.com>
- Fix cloud minion configuration for multiple masters (bsc#1229109)
- Added:
* join-masters-if-it-is-a-list-671.patch
-------------------------------------------------------------------
Wed Aug 21 14:37:22 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Use Pygit2 id instead of deprecated oid in gitfs
- Added:
* replace-use-of-pygit2-deprecated-and-removed-1.15.0-.patch
-------------------------------------------------------------------
Wed Aug 7 14:05:13 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Add passlib python module to the bundle
- Add yamllint and pathspec python modules to the testsuite
- Modified:
* include-rpm
* include-deb
-------------------------------------------------------------------
Wed Aug 7 09:47:57 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Fix few failing tests to work with both Salt and Salt bundle
- Skip testing unsupported OpenSSL crypto algorithms
- Added:
* make-tests-compatible-with-venv-bundle.patch
* skip-more-tests-related-to-old-openssl-algorithms.patch
-------------------------------------------------------------------
Wed Jul 24 10:13:27 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix rich rule comparison in firewalld module (bsc#1222684)
- Added:
* firewalld-normalize-new-rich-rules-before-comparing-.patch
-------------------------------------------------------------------
Tue Jul 9 11:24:07 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- test_vultrpy: adjust test expectation to prevent failure after Debian 10 EOL
- Added:
* test_vultrpy-adjust-test-expectation-to-prevent-fail.patch
-------------------------------------------------------------------
Mon Jul 8 16:03:27 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make auth.pam more robust with Salt Bundle and fix tests
- Added:
* some-more-small-tests-fixes-enhancements-661.patch
-------------------------------------------------------------------
Wed Jul 3 10:45:24 UTC 2024 - Flex Liu <fliu@suse.com>
- Fix performance of user.list_groups with many remote groups
(bsc#1226964)
- Added:
* fix-user.list_groups-omits-remote-groups.patch
-------------------------------------------------------------------
Tue Jun 18 15:01:28 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix "status.diskusage" function and exclude some tests for Salt Bundle
- Added:
* fix-status.diskusage-and-exclude-some-tests-to-run-w.patch
-------------------------------------------------------------------
Wed Jun 12 08:47:03 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Skip certain tests if necessary for some OSes and set flaky ones
- Added:
* skip-certain-tests-if-necessary-and-mark-some-flaky-.patch
-------------------------------------------------------------------
Thu Jun 6 08:41:14 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Add a timer to delete old env post update for venv-minion
- Added:
* provide-systemd-timer-unit.patch
-------------------------------------------------------------------
Mon May 27 11:10:14 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Several fixes for tests to avoid errors and failures in some OSes
- Added:
* several-fixes-for-tests-to-avoid-errors-and-failures.patch
-------------------------------------------------------------------
Wed May 15 12:45:30 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master
- Added:
* speed-up-salt.matcher.confirm_top-by-using-__context.patch
* do-not-call-the-async-wrapper-calls-with-the-separat.patch
* prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
* add-missing-contextvars-dependency-in-salt.version.patch
* skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
* remove-redundant-_file_find-call-to-the-master.patch
* prevent-possible-exception-in-tornado.concurrent.fut.patch
* make-reactor-engine-less-blocking-the-eventpublisher.patch
* make-salt-master-self-recoverable-on-killing-eventpu.patch
* improve-broken-events-catching-and-reporting.patch
* make-logging-calls-lighter.patch
* remove-unused-import-causing-delays-on-starting-salt.patch
-------------------------------------------------------------------
Mon May 6 10:37:17 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Include libffi and libyaml to the bundle for all of the clients
to avoid extra dependencies from the client OS.
-------------------------------------------------------------------
Fri Apr 5 11:19:27 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Update Python version from 3.10 to 3.11
- Fix updating the venv-salt-minion pkg with itself
- Enable build for SLE 11
- Added:
* venv-salt-minion.initd
-------------------------------------------------------------------
Fri Apr 5 11:11:11 UTC 2024 - Alexander Graul <alexander.graul@suse.com>
- Include salt-test in venv-salt-minion-testsuite
- Modified:
* include-deb
* include-rpm
* exclude-deb
* exclude-rpm
-------------------------------------------------------------------
Tue Mar 26 08:46:11 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Convert oscap output to UTF-8
- Added:
* switch-oscap-encoding-to-utf-8-639.patch
-------------------------------------------------------------------
Thu Mar 21 13:18:45 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Make Salt compatible with Python 3.11
- Added:
* fix-salt-warnings-and-testuite-for-python-3.11-635.patch
-------------------------------------------------------------------
Fri Mar 15 09:46:29 UTC 2024 - Yeray Gutiérrez Cedrés <yeray.gutierrez@suse.com>
- Ignore non-ascii chars in oscap output (bsc#1219001)
- Added:
* decode-oscap-byte-stream-to-string-bsc-1219001.patch
-------------------------------------------------------------------
Thu Mar 14 13:12:59 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix detected issues in Salt tests when running on VMs
- Added:
* fix-tests-failures-and-errors-when-detected-on-vm-ex.patch
-------------------------------------------------------------------
Wed Mar 6 14:12:20 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Make importing seco.range thread safe (bsc#1211649)
- Added:
* make-importing-seco.range-thread-safe-bsc-1211649.patch
-------------------------------------------------------------------
Mon Feb 26 10:45:12 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix problematic tests and allow smooth tests executions on containers
- Added:
* fix-problematic-tests-and-allow-smooth-tests-executi.patch
-------------------------------------------------------------------
Wed Feb 21 12:21:42 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Discover Ansible playbook files as "*.yml" or "*.yaml" files (bsc#1211888)
- Added:
* discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch
-------------------------------------------------------------------
Thu Feb 1 12:32:43 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Prevent directory traversal when creating syndic cache directory
on the master (CVE-2024-22231, bsc#1219430)
- Prevent directory traversal attacks in the master's serve_file
method (CVE-2024-22232, bsc#1219431)
- Added:
* fix-cve-2024-22231-and-cve-2024-22232-bsc-1219430-bs.patch
-------------------------------------------------------------------
Tue Jan 23 15:39:48 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Prevent exceptions with fileserver.update when called via state (bsc#1218482)
- Added:
* allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch
-------------------------------------------------------------------
Thu Jan 18 16:11:11 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Improve pip target override condition with VENV_PIP_TARGET
environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails
- Added:
* fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
* improve-pip-target-override-condition-with-venv_pip_.patch
-------------------------------------------------------------------
Thu Jan 18 12:55:04 UTC 2024 - Marek Czernek <marek.czernek@suse.com>
- Ensure that pillar refresh loads beacons from pillar without restart
- Fix the aptpkg.py unit test failure
- Prefer unittest.mock to python-mock in test suite
- Added:
* update-__pillar__-during-pillar_refresh.patch
* fix-the-aptpkg.py-unit-test-failure.patch
* prefer-unittest.mock-for-python-versions-that-are-su.patch
-------------------------------------------------------------------
Mon Jan 15 15:24:27 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>
- Add libffi to the bundle for EL8 based systems
to make it more compatible with the clones
-------------------------------------------------------------------
Fri Dec 1 11:06:57 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649)
- Added:
* enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch
-------------------------------------------------------------------
Thu Nov 16 10:34:15 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Revert changes to set Salt configured user early in the stack (bsc#1216284)
- Added:
* revert-make-sure-configured-user-is-properly-set-by-.patch
-------------------------------------------------------------------
Tue Nov 14 13:53:31 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Include python devel files to the bundle
- Modified:
* include-deb
* include-rpm
* venv-salt-minion-rpmlintrc
-------------------------------------------------------------------
Mon Nov 13 15:49:32 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Align behavior of some modules when using salt-call via symlink (bsc#1215963)
- Fix gitfs "__env__" and improve cache cleaning (bsc#1193948)
- Added:
* dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch
* fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch
-------------------------------------------------------------------
Thu Nov 2 11:20:38 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Add python dateutil module to the bundle
- Make salt bundle testsuite package using conditional build
- Prevent inconsistency on building the bundle
with the testsuite build enabled
- Avoid rpmlint warnings for testsuite files
- Modified:
* venv-salt-minion-rpmlintrc
-------------------------------------------------------------------
Thu Nov 2 11:01:16 UTC 2023 - Raúl Osuna <rosuna@suse.com>
- Include building for openEuler with rpm-vercmp and dnfnotify plugin
-------------------------------------------------------------------
Tue Oct 31 11:56:20 UTC 2023 - Alexander Graul <alexander.graul@suse.com>
- Randomize pre_flight_script path (CVE-2023-34049 bsc#1215157)
- Added:
* fix-cve-2023-34049-bsc-1215157.patch
-------------------------------------------------------------------
Tue Oct 17 13:41:59 UTC 2023 - Marek Czernek <marek.czernek@suse.com>
- Allow all primitive grain types for autosign_grains (bsc#1214477)
- Added:
* allow-all-primitive-grain-types-for-autosign_grains-.patch
-------------------------------------------------------------------
Mon Oct 2 13:24:46 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Add missing python modules to the bundle (bsc#1213926):
* pycurl
* tornado
- Add jmespath python module to align the features of the salt bundle
with classic salt-minion. Extra ply module was appended as
a dependency of jmespath (bsc#1210954)
- Add missing cryptography python module to the bundle
- Add conditional venv-salt-minion-testsuite subpackage
- Fix optimization_order opt to prevent testsuite fails
- Improve salt.utils.json.find_json to avoid fails
with transactional salt salt-ssh managed clients (bsc#1213293)
- Use salt-call from salt bundle with transactional_update
- Only call native_str on curl_debug message in tornado when needed
- Implement the calling for batch async from the salt CLI
- Added:
* fix-optimization_order-opt-to-prevent-test-fails.patch
* use-salt-call-from-salt-bundle-with-transactional_up.patch
* improve-salt.utils.json.find_json-bsc-1213293.patch
* only-call-native_str-on-curl_debug-message-in-tornad.patch
* implement-the-calling-for-batch-async-from-the-salt-.patch
- Modified:
* include-deb
* include-rpm
-------------------------------------------------------------------
Mon Oct 2 10:14:21 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make venv-dpkgnotify to use bundle python to run
-------------------------------------------------------------------
Mon Oct 2 09:52:53 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix calculation of SLS context vars when trailing dots
on targetted sls/state (bsc#1213518)
- Added:
* fix-calculation-of-sls-context-vars-when-trailing-do.patch
-------------------------------------------------------------------
Wed Sep 20 12:22:33 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix inconsistency in reported version by egg-info metadata (bsc#1215489)
- Added:
* write-salt-version-before-building-when-using-with-s.patch
-------------------------------------------------------------------
Fri Sep 1 07:40:28 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Revert usage of long running REQ channel to prevent possible
missing responses on requests and dublicated responses
(bsc#1213960, bsc#1213630, bsc#1213257)
- Added:
* revert-usage-of-long-running-req-channel-bsc-1213960.patch
-------------------------------------------------------------------
Thu Aug 31 09:55:10 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix gitfs cachedir basename to avoid hash collisions
(bsc#1193948, bsc#1214797, CVE-2023-20898)
- Added:
* fixed-gitfs-cachedir_basename-to-avoid-hash-collisio.patch
-------------------------------------------------------------------
Tue Aug 22 12:03:47 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Ship SELinux policy module version 19 to make it compatible
with broader list of Linux distributions
- Updated:
* venv-salt-minion-selinux.tar.gz
-------------------------------------------------------------------
Tue Aug 22 12:03:42 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make sure configured user is properly set by Salt (bsc#1210994)
- Do not fail on bad message pack message (bsc#1213441, CVE-2023-20897, bsc#1214796)
- Added:
* make-sure-configured-user-is-properly-set-by-salt-bs.patch
* do-not-fail-on-bad-message-pack-message-bsc-1213441-.patch
-------------------------------------------------------------------
Mon Aug 21 15:08:22 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Do not recompile SELinux policy module on building.
Use precompiled module instead to avoid incompatibility errors.
-------------------------------------------------------------------
Mon Aug 21 13:06:39 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Fix broken tests to make them running in the testsuite
- Prevent possible exceptions on salt.utils.user.get_group_dict
(bsc#1212794)
- Added:
* prevent-possible-exceptions-on-salt.utils.user.get_g.patch
* fix-tests-to-make-them-running-with-salt-testsuite.patch
-------------------------------------------------------------------
Wed Aug 9 15:18:55 UTC 2023 - Alexander Graul <alexander.graul@suse.com>
- Create minion_id with reproducible mtime
-------------------------------------------------------------------
Thu Aug 3 09:17:37 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix detection of Salt codename by "salt_version" execution module
- Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844)
- Fix the regression of user.present state when group is unset (bsc#1212855)
- Added:
* fix-the-regression-of-user.present-state-when-group-.patch
* fix-regression-multiple-values-for-keyword-argument-.patch
* mark-salt-3006-as-released-586.patch
-------------------------------------------------------------------
Wed Aug 2 07:44:07 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>
- Adding missing file references:
* exclude-deb
* exclude-rpm
* filter-requires.sh
* include-deb
* venv-salt-minion-rpmlintrc
-------------------------------------------------------------------
Wed Jun 28 14:47:40 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix zypper repositories always being reconfigured
- Fix utf8 handling in 'pass' renderer and make it more robust
- Added:
* fix-utf8-handling-in-pass-renderer-and-make-it-more-.patch
* zypper-pkgrepo-alreadyconfigured-585.patch
-------------------------------------------------------------------
Tue Jun 27 10:34:09 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Prevent _pygit2.GitError: error loading known_hosts when $HOME is not set (bsc#1210994)
- Added:
* 3006.0-prevent-_pygit2.giterror-error-loading-known_.patch
-------------------------------------------------------------------
Fri Jun 23 12:29:02 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fix ModuleNotFoundError and other issues raised by salt-support module (bsc#1211591)
- Added:
* fix-some-issues-detected-in-salt-support-cli-module-.patch
-------------------------------------------------------------------
Thu Jun 22 15:48:01 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- tornado: Fix an open redirect in StaticFileHandler (CVE-2023-28370, bsc#1211741)
- Added:
* tornado-fix-an-open-redirect-in-staticfilehandler-cv.patch
-------------------------------------------------------------------
Mon Jun 19 14:44:13 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make master_tops compatible with Salt 3000 and older minions (bsc#1212516) (bsc#1212517)
- Added:
* make-master_tops-compatible-with-salt-3000-and-older.patch
-------------------------------------------------------------------
Fri May 26 15:56:57 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Avoid failures due transactional_update module not available
in Salt 3006.0 (bsc#1211754)
- Added:
* define-__virtualname__-for-transactional_update-modu.patch
-------------------------------------------------------------------
Tue May 23 09:58:55 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Avoid conflicts with Salt dependencies versions (bsc#1211612)
- Added:
* avoid-conflicts-with-dependencies-versions-bsc-12116.patch
-------------------------------------------------------------------
Fri Apr 28 12:11:37 UTC 2023 - Alexander Graul <alexander.graul@suse.com>
- Update to Salt release version 3006.0 (jsc#PED-3139)
* See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html
- Add missing patch after rebase to fix collections Mapping issues
- Add python3-looseversion as new dependency for salt
- Add python3-packaging as new dependency for salt
- Allow entrypoint compatibility for "importlib-metadata>=5.0.0" (bsc#1207071)
- Create new salt-tests subpackage containing Salt tests
- Drop conflictive patch dicarded from upstream
- Fix version detection and avoid building and testing failures
- Prevent deadlocks in salt-ssh executions
- Require python3-jmespath runtime dependency (bsc#1209233)
- Fix SLS rendering error when Jinja macros are used
- Added:
* fix-version-detection-and-avoid-building-and-testing.patch
* make-sure-the-file-client-is-destroyed-upon-used.patch
* use-rlock-to-avoid-deadlocks-in-salt-ssh.patch
- Renamed:
* 3004-implement-zypper-removeptf-574.patch -> 3005.1-implement-zypper-removeptf-573.patch
- Modified:
* activate-all-beacons-sources-config-pillar-grains.patch
* add-custom-suse-capabilities-as-grains.patch
* add-environment-variable-to-know-if-yum-is-invoked-f.patch
* add-migrated-state-and-gpg-key-management-functions-.patch
* add-publish_batch-to-clearfuncs-exposed-methods.patch
* add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
* add-sleep-on-exception-handling-on-minion-connection.patch
* add-standalone-configuration-file-for-enabling-packa.patch
* add-support-for-gpgautoimport-539.patch
* allow-vendor-change-option-with-zypper.patch
* async-batch-implementation.patch
* avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
* bsc-1176024-fix-file-directory-user-and-group-owners.patch
* change-the-delimeters-to-prevent-possible-tracebacks.patch
* control-the-collection-of-lvm-grains-via-config.patch
* debian-info_installed-compatibility-50453.patch
* dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
* do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
* don-t-use-shell-sbin-nologin-in-requisites.patch
* drop-serial-from-event.unpack-in-cli.batch_async.patch
* early-feature-support-config.patch
* enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
* enhance-openscap-module-add-xccdf_eval-call-386.patch
* fix-bsc-1065792.patch
* fixes-for-python-3.10-502.patch
* fix-for-suse-expanded-support-detection.patch
* fix-issue-2068-test.patch
* fix-missing-minion-returns-in-batch-mode-360.patch
* fix-ownership-of-salt-thin-directory-when-using-the-.patch
* fix-regression-with-depending-client.ssh-on-psutil-b.patch
* fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
* fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
* fix-the-regression-for-yumnotify-plugin-456.patch
* fix-traceback.print_exc-calls-for-test_pip_state-432.patch
* include-aliases-in-the-fqdns-grains.patch
* info_installed-works-without-status-attr-now.patch
* let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
* make-aptpkg.list_repos-compatible-on-enabled-disable.patch
* make-setup.py-script-to-not-require-setuptools-9.1.patch
* pass-the-context-to-pillar-ext-modules.patch
* prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
* prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
* prevent-shell-injection-via-pre_flight_script_args-4.patch
* read-repo-info-without-using-interpolation-bsc-11356.patch
* restore-default-behaviour-of-pkg-list-return.patch
* return-the-expected-powerpc-os-arch-bsc-1117995.patch
* revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
* run-salt-api-as-user-salt-bsc-1064520.patch
* run-salt-master-as-dedicated-salt-user.patch
* save-log-to-logfile-with-docker.build.patch
* skip-package-names-without-colon-bsc-1208691-578.patch
* switch-firewalld-state-to-use-change_interface.patch
* temporary-fix-extend-the-whitelist-of-allowed-comman.patch
* update-target-fix-for-salt-ssh-to-process-targets-li.patch
* use-adler32-algorithm-to-compute-string-checksums.patch
* use-salt-bundle-in-dockermod.patch
* x509-fixes-111.patch
* zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
- Removed:
* 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
* 3003.3-postgresql-json-support-in-pillar-423.patch
* add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
* add-missing-ansible-module-functions-to-whitelist-in.patch
* add-rpm_vercmp-python-library-for-version-comparison.patch
* adds-explicit-type-cast-for-port.patch
* add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
* align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
* backport-syndic-auth-fixes.patch
* batch.py-avoid-exception-when-minion-does-not-respon.patch
* check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
* clarify-pkg.installed-pkg_verify-documentation.patch
* detect-module.run-syntax.patch
* do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
* enhance-logging-when-inotify-beacon-is-missing-pyino.patch
* fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
* fix-crash-when-calling-manage.not_alive-runners.patch
* fixes-56144-to-enable-hotadd-profile-support.patch
* fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
* fix-for-cve-2022-22967-bsc-1200566.patch
* fix-inspector-module-export-function-bsc-1097531-481.patch
* fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
* fix-issues-with-salt-ssh-s-extra-filerefs.patch
* fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
* fix-multiple-security-issues-bsc-1197417.patch
* fix-salt-call-event.send-call-with-grains-and-pillar.patch
* fix-salt.states.file.managed-for-follow_symlinks-tru.patch
* fix-state.apply-in-test-mode-with-file-state-module-.patch
* fix-test_ipc-unit-tests.patch
* fix-the-regression-in-schedule-module-releasded-in-3.patch
* fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
* fopen-workaround-bad-buffering-for-binary-mode-563.patch
* force-zyppnotify-to-prefer-packages.db-than-packages.patch
* ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
* ignore-extend-declarations-from-excluded-sls-files.patch
* ignore-non-utf8-characters-while-reading-files-with-.patch
* implementation-of-held-unheld-functions-for-state-pk.patch
* implementation-of-suse_ip-execution-module-bsc-10999.patch
* improvements-on-ansiblegate-module-354.patch
* include-stdout-in-error-message-for-zypperpkg-559.patch
* make-pass-renderer-configurable-other-fixes-532.patch
* make-sure-saltcacheloader-use-correct-fileclient-519.patch
* mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
* normalize-package-names-once-with-pkg.installed-remo.patch
* notify-beacon-for-debian-ubuntu-systems-347.patch
* refactor-and-improvements-for-transactional-updates-.patch
* retry-if-rpm-lock-is-temporarily-unavailable-547.patch
* set-default-target-for-pip-from-venv_pip_target-envi.patch
* state.apply-don-t-check-for-cached-pillar-errors.patch
* state.orchestrate_single-does-not-pass-pillar-none-4.patch
* support-transactional-systems-microos.patch
* wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
-------------------------------------------------------------------
Mon Feb 27 10:56:49 UTC 2023 - Alexander Graul <alexander.graul@suse.com>
- Fix problem with detecting PTF packages (bsc#1208691)
- Added:
* skip-package-names-without-colon-bsc-1208691-578.patch
-------------------------------------------------------------------
Tue Feb 14 10:05:54 UTC 2023 - Ondrej Holecek <oholecek@suse.com>
- Do not hide SELinux installation errors and notify users (bsc#1205687)
-------------------------------------------------------------------
Tue Jan 31 12:10:08 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Fixes pkg.version_cmp on openEuler systems and a few other OS flavors
- Added:
* fixes-pkg.version_cmp-on-openeuler-systems-and-a-few.patch
-------------------------------------------------------------------
Mon Jan 23 13:46:01 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make pkg.remove function from zypperpkg module to handle also PTF packages
- Added:
* 3004-implement-zypper-removeptf-574.patch
-------------------------------------------------------------------
Tue Jan 10 15:20:27 UTC 2023 - Alexander Graul <alexander.graul@suse.com>
- Control the collection of lvm grains via config (bsc#1204939)
- Added:
* control-the-collection-of-lvm-grains-via-config.patch
-------------------------------------------------------------------
Fri Oct 28 12:10:34 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Pass the context to pillar ext modules
- Align Amazon EC2 (Nitro) grains with upstream (bsc#1203685)
- Detect module run syntax version
- Implement automated patches alignment for the Salt Bundle
- Added:
* detect-module.run-syntax.patch
* align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
* pass-the-context-to-pillar-ext-modules.patch
-------------------------------------------------------------------
Fri Oct 21 13:22:15 UTC 2022 - Alexander Graul <alexander.graul@suse.com>
- Ignore extend declarations from excluded SLS files (bsc#1203886)
- Clarify pkg.installed pkg_verify documentation
- Enhance capture of error messages for Zypper calls in zypperpkg module
- Added:
* include-stdout-in-error-message-for-zypperpkg-559.patch
* clarify-pkg.installed-pkg_verify-documentation.patch
* ignore-extend-declarations-from-excluded-sls-files.patch
-------------------------------------------------------------------
Wed Oct 12 10:11:41 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make pass renderer configurable and fix detected issues
- Workaround fopen line buffering for binary mode (bsc#1203834)
- Added:
* fopen-workaround-bad-buffering-for-binary-mode-563.patch
* make-pass-renderer-configurable-other-fixes-532.patch
-------------------------------------------------------------------
Tue Oct 11 12:21:46 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Removed dependency to policycoreutils for Ubuntu 20.04 and higher
(bsc#1204206)
-------------------------------------------------------------------
Thu Sep 15 10:55:47 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Remove kiwi python module from the bundle as no longer required
- Updated:
* include-rpm
* remove-file
-------------------------------------------------------------------
Wed Sep 14 12:07:44 UTC 2022 - Alexander Graul <alexander.graul@suse.com>
- Handle non-UTF-8 bytes in core grains generation (bsc#1202165)
- Added:
* ignore-non-utf8-characters-while-reading-files-with-.patch
-------------------------------------------------------------------
Tue Sep 13 13:52:59 UTC 2022 - Alexander Graul <alexander.graul@suse.com>
- Don't include kiwi binaries
- Fix Syndic authentication errors (bsc#1199562)
- Added:
* backport-syndic-auth-fixes.patch
- Updated:
* remove-file
-------------------------------------------------------------------
Thu Sep 1 13:10:30 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Add Amazon EC2 detection for virtual grains (bsc#1195624)
- Fix the regression in schedule module releasded in 3004 (bsc#1202631)
- Fix state.apply in test mode with file state module
on user/group checking (bsc#1202167)
- Change the delimeters to prevent possible tracebacks
on some packages with dpkg_lowpkg
- Added:
* add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
* fix-state.apply-in-test-mode-with-file-state-module-.patch
* fix-the-regression-in-schedule-module-releasded-in-3.patch
* change-the-delimeters-to-prevent-possible-tracebacks.patch
-------------------------------------------------------------------
Mon Aug 29 13:50:01 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make zypperpkg to retry if RPM lock is temporarily unavailable (bsc#1200596)
- Added:
* retry-if-rpm-lock-is-temporarily-unavailable-547.patch
-------------------------------------------------------------------
Tue Jul 19 08:11:32 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Add SELinux profile to the package instead of using semanage
- Remove Build ID links from the virtual environment
and disable generating new links on building the package
- Remove packages.log from the virtual environment
- Added:
* venv-salt-minion-selinux.tar.gz
-------------------------------------------------------------------
Tue Jul 12 12:45:30 UTC 2022 - Alexander Graul <alexander.graul@suse.com>
- Fix test_ipc unit test
- Added:
* fix-test_ipc-unit-tests.patch
-------------------------------------------------------------------
Fri Jul 8 09:46:44 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Add support for gpgautoimport in zypperpkg module
- Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744)
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082)
- Added:
* add-support-for-gpgautoimport-539.patch
* fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
* fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
* fix-salt.states.file.managed-for-follow_symlinks-tru.patch
-------------------------------------------------------------------
Thu Jul 7 15:01:36 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Add support for name, pkgs and diff_attr parameters to upgrade
function for zypper and yum (bsc#1198489)
- Added:
* add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
-------------------------------------------------------------------
Mon Jun 27 16:05:49 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Fix possible errors on running post install script
if semanage is present on the system, but SELinux is not configured
- Remove unused imports in the venv wrappers
- Set VENV_PIP_TARGET to /var/lib/venv-salt-minion/local
to force PIP use it as the destination to install modules
- Updated:
* venv.py.src
* venv-startup
-------------------------------------------------------------------
Mon Jun 27 15:55:24 UTC 2022 - Victor Zhestkov <vzhestkov@suse.com>
- Fix ownership of salt thin directory when using the Salt Bundle
- Set default target for pip from VENV_PIP_TARGET environment variable
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
- Save log to logfile with docker.build
- Use Salt Bundle in dockermod
- Ignore erros on reading license files with dpkg_lowpkg (bsc#1197288)
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)
- Added:
* normalize-package-names-once-with-pkg.installed-remo.patch
* set-default-target-for-pip-from-venv_pip_target-envi.patch
* ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
* fix-for-cve-2022-22967-bsc-1200566.patch
* fix-ownership-of-salt-thin-directory-when-using-the-.patch
* use-salt-bundle-in-dockermod.patch
* save-log-to-logfile-with-docker.build.patch
-------------------------------------------------------------------
Thu May 19 11:32:42 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Make sure SaltCacheLoader use correct fileclient (bsc#1199149)
- Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533)
- Prevent data pollution between actions proceesed at the same time (bsc#1197637)
- Added:
* prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
* fix-regression-with-depending-client.ssh-on-psutil-b.patch
* make-sure-saltcacheloader-use-correct-fileclient-519.patch
-------------------------------------------------------------------
Thu Apr 28 06:39:33 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Rename the python startup script to venv-startup so we can avoid
python cache files creation in bin directory of the bundle
* Removed: venv-exec.py.src
* Added: venv-startup
- Remove wsdump files from bin directory as they are not needed
* Updated: remove-file
-------------------------------------------------------------------
Mon Apr 18 08:25:50 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Fix the regression caused by the patch removing strict requirement for
OpenSSL 1.1.1 leading to read/write issues with ssl module for
SLE 15, SLE 12, CentOS 7, Debian 9 (bsc#1198556)
-------------------------------------------------------------------
Tue Apr 5 09:39:08 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Fixes for Python 3.10
- Fix salt-ssh opts poisoning (bsc#1197637)
- Fix multiple security issues (bsc#1197417)
* Sign authentication replies to prevent MiTM (CVE-2022-22935)
* Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
* Prevent job and fileserver replays (CVE-2022-22936)
* Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
- Added:
* fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
* fixes-for-python-3.10-502.patch
* fix-multiple-security-issues-bsc-1197417.patch
-------------------------------------------------------------------
Fri Apr 1 08:16:25 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Salt version bump to 3004
- Python version bump to 3.10.2
- Added:
* v3004.tar.gz
* 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
* 3003.3-postgresql-json-support-in-pillar-423.patch
* add-missing-ansible-module-functions-to-whitelist-in.patch
* add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
* allow-vendor-change-option-with-zypper.patch
* drop-serial-from-event.unpack-in-cli.batch_async.patch
* fix-crash-when-calling-manage.not_alive-runners.patch
* fix-inspector-module-export-function-bsc-1097531-481.patch
* fix-issues-with-salt-ssh-s-extra-filerefs.patch
* fix-salt-call-event.send-call-with-grains-and-pillar.patch
* fix-traceback.print_exc-calls-for-test_pip_state-432.patch
* mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
* prevent-shell-injection-via-pre_flight_script_args-4.patch
* state.orchestrate_single-does-not-pass-pillar-none-4.patch
* support-transactional-systems-microos.patch
- Removed:
* v3002.2.tar.gz
* 3002.2-do-not-consider-skipped-targets-as-failed-for.patch
* 3002.2-postgresql-json-support-in-pillar-424.patch
* 3002.2-xen-spicevmc-dns-srv-records-backports-314.patch
* 3002-set-distro-requirement-to-oldest-supported-vers.patch
* accumulated-changes-from-yomi-167.patch
* accumulated-changes-required-for-yomi-165.patch
* add-alibaba-cloud-linux-2-by-backporting-upstream-s-.patch
* add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch
* add-all_versions-parameter-to-include-all-installed-.patch
* add-almalinux-and-alibaba-cloud-linux-to-the-os-fami.patch
* add-astra-linux-common-edition-to-the-os-family-list.patch
* add-batch_presence_ping_timeout-and-batch_presence_p.patch
* add-cpe_name-for-osversion-grain-parsing-u-49946.patch
* add-docker-logout-237.patch
* add-hold-unhold-functions.patch
* adding-preliminary-support-for-rocky.-59682-391.patch
* add-missing-aarch64-to-rpm-package-architectures-405.patch
* add-multi-file-support-and-globbing-to-the-filetree-.patch
* add-new-custom-suse-capability-for-saltutil-state-mo.patch
* add-patch-support-for-allow-vendor-change-option-wit.patch
* add-pkg.services_need_restart-302.patch
* add-saltssh-multi-version-support-across-python-inte.patch
* add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch
* add-supportconfig-module-for-remote-calls-and-saltss.patch
* add-virt.all_capabilities.patch
* allow-extra_filerefs-as-sanitized-kwargs-for-ssh-cli.patch
* allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch
* allow-vendor-change-option-with-zypper-313.patch
* ansiblegate-take-care-of-failed-skipped-and-unreacha.patch
* apply-patch-from-upstream-to-support-python-3.8.patch
* async-batch-implementation-fix-320.patch
* avoid-traceback-when-http.query-request-cannot-be-pe.patch
* backport-a-few-virt-prs-272.patch
* backport-of-upstream-pr59492-to-3002.2-404.patch
* backport-thread.is_alive-fix-390.patch
* backport-virt-patches-from-3001-256.patch
* batch_async-avoid-using-fnmatch-to-match-event-217.patch
* batch-async-catch-exceptions-and-safety-unregister-a.patch
* better-handling-of-bad-public-keys-from-minions-bsc-.patch
* calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch
* changed-imports-to-vendored-tornado.patch
* clear-network-interface-cache-when-grains-are-reques.patch
* do-noop-for-services-states-when-running-systemd-in-.patch
* do-not-break-repo-files-with-multiple-line-values-on.patch
* do-not-crash-when-there-are-ipv6-established-connect.patch
* do-not-make-ansiblegate-to-crash-on-python3-minions.patch
* do-not-monkey-patch-yaml-bsc-1177474.patch
* do-not-raise-streamclosederror-traceback-but-only-lo.patch
* don-t-call-zypper-with-more-than-one-no-refresh.patch
* drop-wrong-mock-from-chroot-unit-test.patch
* drop-wrong-virt-capabilities-code-after-rebasing-pat.patch
* ensure-virt.update-stop_on_reboot-is-updated-with-it.patch
* exclude-the-full-path-of-a-download-url-to-prevent-i.patch
* fall-back-to-pymysql.patch
* figure-out-python-interpreter-to-use-inside-containe.patch
* fix-aptpkg.normalize_name-when-package-arch-is-all.patch
* fix-aptpkg-systemd-call-bsc-1143301.patch
* fix-async-batch-multiple-done-events.patch
* fix-async-batch-race-conditions.patch
* fix-a-test-and-some-variable-names-229.patch
* fix-a-wrong-rebase-in-test_core.py-180.patch
* fix-batch_async-obsolete-test.patch
* fix-cve-2020-25592-and-add-tests-bsc-1178319.patch
* fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch
* fix-error-handling-in-openscap-module-bsc-1188647-40.patch
* fixes-cve-2018-15750-cve-2018-15751.patch
* fix-failing-unit-tests-for-batch-async.patch
* fix-failing-unit-tests-for-systemd.patch
* fix-for-log-checking-in-x509-test.patch
* fix-for-some-cves-bsc1181550.patch
* fix-for-temp-folder-definition-in-loader-unit-test.patch
* fix-git_pillar-merging-across-multiple-__env__-repos.patch
* fix-grains.test_core-unit-test-277.patch
* fixing-streamclosed-issue.patch
* fix-inspector-module-export-function-bsc-1097531-480.patch
* fix-ipv6-scope-bsc-1108557.patch
* fix-issue-parsing-errors-in-ansiblegate-state-module.patch
* fix-memory-leak-produced-by-batch-async-find_jobs-me.patch
* fix-__mount_device-wrapper-254.patch
* fix-novendorchange-option-284.patch
* fix-onlyif-unless-when-multiple-conditions-bsc-11808.patch
* fix-regression-on-cmd.run-when-passing-tuples-as-cmd.patch
* fix-save-for-iptables-state-module-bsc-1185131-372.patch
* fix-state.orchestrate_single-to-not-pass-pillar-none.patch
* fix-the-removed-six.itermitems-and-six.-_type-262.patch
* fix-traceback.-_exc-calls-429.patch
* fix-unit-test-for-grains-core.patch
* fix-unit-tests-for-batch-async-after-refactor.patch
* fix-virt.update-with-cpu-defined-263.patch
* fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch
* fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch
* get-os_arch-also-without-rpm-package-installed.patch
* grains.extra-support-old-non-intel-kernels-bsc-11806.patch
* grains-master-can-read-grains.patch
* handle-master-tops-data-when-states-are-applied-by-t.patch
* handle-volumes-on-stopped-pools-in-virt.vm_info-373.patch
* implement-network.fqdns-module-function-bsc-1134860-.patch
* improve-batch_async-to-release-consumed-memory-bsc-1.patch
* integration-of-msi-authentication-with-azurearm-clou.patch
* invalidate-file-list-cache-when-cache-file-modified-.patch
* loop-fix-variable-names-for-until_no_eval.patch
* loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch
* make-profiles-a-package.patch
* mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
* move-server_id-deprecation-warning-to-reduce-log-spa.patch
* move-vendor-change-logic-to-zypper-class-355.patch
* opensuse-3000.2-virt-backports-236-257.patch
* opensuse-3000.3-spacewalk-runner-parse-command-250.patch
* opensuse-3000-libvirt-engine-fixes-251.patch
* opensuse-3000-virt-defined-states-222.patch
* open-suse-3002.2-bigvm-310.patch
* open-suse-3002.2-virt-network-311.patch
* open-suse-3002.2-xen-grub-316.patch
* option-to-en-disable-force-refresh-in-zypper-215.patch
* parsing-epoch-out-of-version-provided-during-pkg-rem.patch
* path-replace-functools.wraps-with-six.wraps-bsc-1177.patch
* pkgrepo-support-python-2.7-function-call-295.patch
* prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch
* prevent-command-injection-in-the-snapper-module-bsc-.patch
* prevent-import-errors-when-running-test_btrfs-unit-t.patch
* prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch
* prevent-race-condition-on-sigterm-for-the-minion-bsc.patch
* prevent-systemd-run-description-issue-when-running-a.patch
* prevent-test_mod_del_repo_multiline_values-to-fail.patch
* provide-the-missing-features-required-for-yomi-yet-o.patch
* python3.8-compatibility-pr-s-235.patch
* re-adding-function-to-test-for-root.patch
* regression-fix-of-salt-ssh-on-processing-targets-353.patch
* reintroducing-reverted-changes.patch
* remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch
* remove-deprecated-usage-of-no_mock-and-no_mock_reaso.patch
* remove-deprecated-warning-that-breaks-miniion-execut.patch
* remove-duplicated-method-definitions-in-salt.netapi-.patch
* remove-msgpack-1.0.0-requirement-in-the-installed-me.patch
* remove-unnecessary-yield-causing-badyielderror-bsc-1.patch
* remove-vendored-backports-abc-from-requirements.patch
* remove-wrong-_parse_cpe_name-from-grains.core-452.patch
* revert-add-patch-support-for-allow-vendor-change-opt.patch
* sanitize-grains-loaded-from-roster_grains.json.patch
* strip-trailing-from-repo.uri-when-comparing-repos-in.patch
* support-config-non-root-permission-issues-fixes-u-50.patch
* support-for-btrfs-and-xfs-in-parted-and-mkfs.patch
* support-transactional-systems-microos-271.patch
* templates-move-the-globals-up-to-the-environment-jin.patch
* transactional_update-detect-recursion-in-the-executo.patch
* transactional_update-unify-with-chroot.call.patch
* use-current-ioloop-for-the-localclient-instance-of-b.patch
* use-threadpool-from-multiprocessing.pool-to-avoid-le.patch
* vendor-stateresult.patch
* virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch
* virt._get_domain-don-t-raise-an-exception-if-there-i.patch
* virt.network_update-handle-missing-ipv4-netmask-attr.patch
* virt-pass-emulator-when-getting-domain-capabilities-.patch
* virt-uefi-fix-backport-312.patch
* virt-use-dev-kvm-to-detect-kvm-383.patch
* xen-disk-fixes-264.patch
* xfs-do-not-fails-if-type-is-not-present.patch
* zypperpkg-filter-patterns-that-start-with-dot-244.patch
- Updated:
* activate-all-beacons-sources-config-pillar-grains.patch
* add-custom-suse-capabilities-as-grains.patch
* add-environment-variable-to-know-if-yum-is-invoked-f.patch
* add-migrated-state-and-gpg-key-management-functions-.patch
* add-publish_batch-to-clearfuncs-exposed-methods.patch
* add-rpm_vercmp-python-library-for-version-comparison.patch
* adds-explicit-type-cast-for-port.patch
* add-sleep-on-exception-handling-on-minion-connection.patch
* add-standalone-configuration-file-for-enabling-packa.patch
* async-batch-implementation.patch
* avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
* batch.py-avoid-exception-when-minion-does-not-respon.patch
* bsc-1176024-fix-file-directory-user-and-group-owners.patch
* check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
* debian-info_installed-compatibility-50453.patch
* dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
* do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
* do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
* don-t-use-shell-sbin-nologin-in-requisites.patch
* early-feature-support-config.patch
* enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
* enhance-logging-when-inotify-beacon-is-missing-pyino.patch
* enhance-openscap-module-add-xccdf_eval-call-386.patch
* fix-bsc-1065792.patch
* fixes-56144-to-enable-hotadd-profile-support.patch
* fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
* fix-for-suse-expanded-support-detection.patch
* fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
* fix-issue-2068-test.patch
* fix-missing-minion-returns-in-batch-mode-360.patch
* fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
* fix-the-regression-for-yumnotify-plugin-456.patch
* fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
* force-zyppnotify-to-prefer-packages.db-than-packages.patch
* implementation-of-held-unheld-functions-for-state-pk.patch
* implementation-of-suse_ip-execution-module-bsc-10999.patch
* improvements-on-ansiblegate-module-354.patch
* include-aliases-in-the-fqdns-grains.patch
* info_installed-works-without-status-attr-now.patch
* let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
* make-aptpkg.list_repos-compatible-on-enabled-disable.patch
* make-setup.py-script-to-not-require-setuptools-9.1.patch
* notify-beacon-for-debian-ubuntu-systems-347.patch
* prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
* read-repo-info-without-using-interpolation-bsc-11356.patch
* refactor-and-improvements-for-transactional-updates-.patch
* restore-default-behaviour-of-pkg-list-return.patch
* return-the-expected-powerpc-os-arch-bsc-1117995.patch
* revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
* run-salt-api-as-user-salt-bsc-1064520.patch
* run-salt-master-as-dedicated-salt-user.patch
* state.apply-don-t-check-for-cached-pillar-errors.patch
* switch-firewalld-state-to-use-change_interface.patch
* temporary-fix-extend-the-whitelist-of-allowed-comman.patch
* update-target-fix-for-salt-ssh-to-process-targets-li.patch
* use-adler32-algorithm-to-compute-string-checksums.patch
* wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
* x509-fixes-111.patch
* zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch
-------------------------------------------------------------------
Thu Mar 3 17:00:12 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Clear network interfaces cache on grains request (bsc#1196050)
- Remove duplicated method definitions in salt.netapi
- Add salt-ssh with Salt Bundle support (venv-salt-minion)
(bsc#1182851, bsc#1196432)
- Remove not required binaries from virtual environment
- Added:
* clear-network-interface-cache-when-grains-are-reques.patch
* remove-duplicated-method-definitions-in-salt.netapi-.patch
* add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch
- Updated:
* remove-file
-------------------------------------------------------------------
Thu Feb 17 15:43:59 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>
- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)
- Added:
* fix-state.orchestrate_single-to-not-pass-pillar-none.patch
-------------------------------------------------------------------
Thu Feb 3 08:35:38 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Refactor venv-exec.py wrapper and the way of calling it
with PYTHONSTARTUP environment variable
- Updated:
* venv-exec.py.src
-------------------------------------------------------------------
Wed Feb 2 07:58:48 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Fix inspector module export function (bsc#1097531)
- Add all ssh kwargs to sanitize_kwargs method
- Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357)
- Don't check for cached pillar errors on state.apply (bsc#1190781)
- Move the logic of cleaning PYTHONHOME environment variable
and fixing sys.executable value to venv-exec.py wrapper
from venv executor module to prevent some side effects found
- Added:
* state.apply-don-t-check-for-cached-pillar-errors.patch
* add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch
* wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
* fix-inspector-module-export-function-bsc-1097531-480.patch
* vendor-stateresult.patch
- Updated:
* venv-exec.py.src
* venv.py.src
-------------------------------------------------------------------
Thu Jan 13 12:04:32 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>
- Add venv-exec.py wrapper to prevent errors on using cmdmod module
- Added:
* venv-exec.py.src
-------------------------------------------------------------------
Wed Dec 29 11:56:11 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Fix condition to identify correct python sitelib for dnfnotify
-------------------------------------------------------------------
Mon Dec 20 10:47:53 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Remove some specific binary library dependencies
-------------------------------------------------------------------
Mon Dec 20 09:33:29 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Handle transactional_update executor for the relevant systems
- Add policycoreutils and policycoreutils-python-utils to post
install requirements for CentOS 8+ and Fedora 22+ packages
-------------------------------------------------------------------
Thu Dec 16 11:46:41 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Set sys.executable pointing to the wrapper script instead
of real python executable with venv executor module
-------------------------------------------------------------------
Wed Nov 17 19:49:43 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Simplify "transactional_update" module to not use SSH wrapper and allow more flexible execution
- Add "--no-return-event" option to salt-call to prevent sending return event back to master.
- Make "state.highstate" to acts on concurrent flag.
- Added:
* refactor-and-improvements-for-transactional-updates-.patch
-------------------------------------------------------------------
Tue Nov 9 10:53:20 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>
- Use dnfnotify instead yumnotify for relevant distros
- Remove wrong _parse_cpe_name from grains.core
- dnfnotify pkgset plugin implementation
- Add rpm_vercmp python library support for version comparison
- Prevent pkg plugins errors on missing cookie path (bsc#1186738)
- Added:
* mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
* add-rpm_vercmp-python-library-for-version-comparison.patch
* prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
* remove-wrong-_parse_cpe_name-from-grains.core-452.patch
* dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
-------------------------------------------------------------------
Wed Oct 13 08:24:21 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
- Add propagate python_ver into the venvjail
-------------------------------------------------------------------
Tue Jan 26 14:26:18 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
- Initial package based on victor.zhestkov@suse.com one
