File venv-salt-minion.changes of Package venv-salt-minion

-------------------------------------------------------------------
Wed Mar 12 13:40:26 UTC 2025 - Marek Czernek <marek.czernek@suse.com>

- Fix aptpkg 'NoneType object has no attribute split' error

- Added:
  * fix-deb822-nonetype-object-has-no-attribute-split-71.patch

-------------------------------------------------------------------
Mon Mar 10 14:18:41 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>

- Detect openEuler as RedHat family OS
- Ensure the correct crypt module is loaded
- Implement multiple inventory for ansible.targets
- Make x509 module compatible with M2Crypto 0.44.0
- Remove deprecated code from x509.certificate_managed test mode
- Move logrotate config to /usr/etc/logrotate.d where possible

- Added:
  * detect-openeuler-as-redhat-family-os.patch
  * ensure-the-correct-crypt-module-is-loaded.patch
  * implement-multiple-inventory-for-ansible.targets.patch
  * make-x509-module-compatible-with-m2crypto-0.44.0.patch
  * remove-deprecated-code-from-x509.certificate_managed.patch

-------------------------------------------------------------------
Mon Mar 10 09:37:12 UTC 2025 - Marek Czernek <marek.czernek@suse.com>

- Add DEB822 apt repository format support
- Make Salt-SSH work with all SSH passwords (bsc#1215484)

- Added:
  * remove-password-from-shell-after-functional-text-mat.patch
  * add-deb822-apt-source-format-support-692.patch

-------------------------------------------------------------------
Fri Mar  7 12:19:13 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>

- Remove strict binary dependency for libcrypt.so for EL9 bundle
  to make it compatible with openEuler and make using passlib instead.

-------------------------------------------------------------------
Fri Feb 21 12:47:02 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Fix virt_query outputter and add support for block devices
- Make _auth calls visible with master stats
- Repair mount.fstab_present always returning pending changes
- Set virtual grain in Podman systemd container
- Fix crash due wrong client reference on `SaltMakoTemplateLookup`
- Enhace batch async and fix some detected issues

- Added:
  * repair-virt_query-outputter-655.patch
  * make-_auth-calls-visible-with-master-stats-696.patch
  * repair-fstab_present-test-mode-702.patch
  * set-virtual-grain-in-podman-systemd-container-703.patch
  * fixed-file-client-private-attribute-reference-on-sal.patch
  * backport-batch-async-fixes-and-improvements-701.patch

-------------------------------------------------------------------
Wed Feb 19 16:40:12 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Fix tests failures after "repo.saltproject.io" deprecation

- Added:
  * fix-tests-failures-after-repo.saltproject.io-depreca.patch

-------------------------------------------------------------------
Wed Jan 29 10:33:38 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Fix error to stat '/root/.gitconfig' on gitfs
  (bsc#1230944) (bsc#1234881) (bsc#1220905)

- Added:
  * fix-failed-to-stat-root-.gitconfig-issue-on-gitfs-bs.patch

-------------------------------------------------------------------
Mon Jan 27 13:46:20 UTC 2025 - Alexander Graul <alexander.graul@suse.com>

- Adapt to removal of hex attribute in pygit2 v1.15.0 (bsc#1230642)

- Added:
  * update-for-deprecation-of-hex-in-pygit2-1.15.0-and-a.patch

-------------------------------------------------------------------
Thu Jan 23 16:45:30 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Enhance smart JSON parsing when garbage is present (bsc#1231605)

- Added:
  * enhance-find_json-garbage-filtering-bsc-1231605-688.patch

-------------------------------------------------------------------
Wed Jan 22 13:13:24 UTC 2025 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Fix virtual grains for VMs running on Nutanix AHV (bsc#1234022)
- Fix issues running on Python 3.12 and 3.13

- Added:
  * fix-virtual-grains-for-vms-running-on-nutanix-ahv-bs.patch
  * fix-issues-that-break-salt-in-python-3.12-and-3.13-6.patch

-------------------------------------------------------------------
Wed Jan  8 08:31:57 UTC 2025 - Victor Zhestkov <vzhestkov@suse.com>

- Include D-Bus python module for SUSE distros (bsc#1231618)

- Modified:
  * include-rpm
  * filter-requires.sh

-------------------------------------------------------------------
Tue Dec 17 08:20:43 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Revert setting SELinux context for minion service (bsc#1233667)

- Added:
  * revert-setting-selinux-context-for-minion-service-bs.patch

-------------------------------------------------------------------
Tue Nov 26 14:53:34 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Make minion reconnecting on changing master IP (bsc#1228182)

- Added:
  * make-minion-reconnecting-on-changing-master-ip-bsc-1.patch

-------------------------------------------------------------------
Tue Nov 26 14:53:17 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Fix post_start_cleanup.sh shebang to work on all systems (gh#uyuni-project/uyuni#9477)

- Modified:
  * post_start_cleanup.sh

-------------------------------------------------------------------
Wed Oct 23 15:34:36 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Handle logger exception when flushing already closed file

- Added:
  * handle-logger-flushing-already-closed-file-686.patch

-------------------------------------------------------------------
Wed Oct 23 15:25:09 UTC 2024 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Make Salt Bundle more tolerant to long running jobs (bsc#1228690)

- Added:
  * enhance-cleanup-mechanism-after-salt-bundle-upgrade-.patch

- Modified:
  * post_start_cleanup.sh

-------------------------------------------------------------------
Wed Oct 23 15:23:21 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Fix additional x509 tests and test_suse tests for SLE12

- Added:
  * fix-x509-private-key-tests-and-test_suse-on-sle12-68.patch

-------------------------------------------------------------------
Wed Oct 23 14:46:45 UTC 2024 - Pablo Suárez Hernández <psuarezhernandez@suse.com>

- Fix zyppnotify plugin after latest zypp/libzypp upgrades
  (bsc#1231697, bsc#1231045)

-------------------------------------------------------------------
Wed Oct  2 07:49:50 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Fix failing x509 tests with OpenSSL < 1.1

- Added:
  * fix-x509-test-fails-on-old-openssl-systems-682.patch

-------------------------------------------------------------------
Wed Sep 25 12:00:37 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Avoid explicit reading of /etc/salt/minion (bsc#1220357)
- Allow NamedLoaderContexts to be returned from loader
- Revert the change making reactor less blocking (bsc#1230322)
- Use --cachedir for extension_modules in salt-call (bsc#1226141)
- Prevent using SyncWrapper with no reason

- Added:
  * avoid-explicit-reading-of-etc-salt-minion-bsc-122035.patch
  * allow-namedloadercontexts-to-be-returned-from-loader.patch
  * revert-the-change-making-reactor-less-blocking-bsc-1.patch
  * use-cachedir-for-extension_modules-in-salt-call-bsc-.patch
  * prevent-using-syncwrapper-with-no-reason.patch

-------------------------------------------------------------------
Thu Sep 12 16:08:41 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Enable post_start_cleanup.sh to work in a transaction

- Added:
  * post_start_cleanup.sh

-------------------------------------------------------------------
Tue Sep 10 12:52:23 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix the SELinux context for Salt Minion service (bsc#1219041)

- Added:
  * fix-the-selinux-context-for-salt-minion-service-bsc-.patch

-------------------------------------------------------------------
Wed Sep  4 11:42:59 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Increase warn_until_date date for code we still support
- The test_debian test now uses port 80 for ubuntu keyserver
- Fix too frequent systemd service restart in test_system test

- Added:
  * fix-test_debian-to-work-in-our-infrastructure-676.patch
  * fix-test_system-flaky-setup_teardown-fn.patch
  * fix-deprecated-code-677.patch

-------------------------------------------------------------------
Wed Sep  4 10:07:00 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Security updates on Python 3.11 interpreter:
  * Fix quadratic complexity in parsing -quoted cookie values with
    backslashes (bsc#1229873, bsc#1230059, CVE-2024-7592).
  * Prevent malformed payload to cause infinite loops in zipfile.Path
    (bsc#1229704, bsc#1230058, CVE-2024-8088).
  * Prevent email header injection due to unquoted newlines
    (bsc#1228780, CVE-2024-6923).
  * Rearranging definition of private global IP addresses
    (bsc#1226448, CVE-2024-4032).
  * gh-114572: ssl.SSLContext.cert_store_stats() and
    ssl.SSLContext.get_ca_certs() now correctly lock access to the
    certificate store, when the ssl.SSLContext is shared across
    multiple threads (bsc#1226447, CVE-2024-0397).

- Security updates on Python dependencies:
  * zipp: Add patch CVE-2024-5569.patch from upstream gh#jaraco/zipp@fd604bd34f03
    (bsc#1227547, CVE-2024-5569, bsc#1229996).
  * setuptools: Sanitize any VCS URL we download
    (CVE-2024-6345, bsc#1228105, bsc#1229995).
  * idna: Add CVE-2024-3651.patch, backported from upstream commit
    gh#kjd/idna#172/commits/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7
    (bsc#1222842, bsc#1229994, CVE-2024-3651).
  * urllib3: Added the ``Proxy-Authorization`` header to the list of headers
    to strip from requests when redirecting to a different host
    (bsc#1226469, bsc#1229654, CVE-2024-37891).

-------------------------------------------------------------------
Fri Aug 30 14:52:38 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Avoid crash on wrong output of systemctl version (bsc#1229539)
- Improve error handling with different OpenSSL versions
- Remove redundant run_func from salt.master.MWorker._handle_aes

- Added:
  * avoid-crash-on-wrong-output-of-systemctl-version-bsc.patch
  * improve-error-handling-with-different-openssl-versio.patch
  * remove-redundant-run_func-from-salt.master.mworker._.patch

-------------------------------------------------------------------
Thu Aug 29 11:49:41 UTC 2024 - Yeray Gutiérrez Cedrés <yeray.gutierrez@suse.com>

- Fix cloud minion configuration for multiple masters (bsc#1229109)

- Added:
  * join-masters-if-it-is-a-list-671.patch

-------------------------------------------------------------------
Wed Aug 21 14:37:22 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Use Pygit2 id instead of deprecated oid in gitfs

- Added:
  * replace-use-of-pygit2-deprecated-and-removed-1.15.0-.patch

-------------------------------------------------------------------
Wed Aug  7 14:05:13 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Add passlib python module to the bundle
- Add yamllint and pathspec python modules to the testsuite

- Modified:
  * include-rpm
  * include-deb

-------------------------------------------------------------------
Wed Aug  7 09:47:57 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Fix few failing tests to work with both Salt and Salt bundle
- Skip testing unsupported OpenSSL crypto algorithms

- Added:
  * make-tests-compatible-with-venv-bundle.patch
  * skip-more-tests-related-to-old-openssl-algorithms.patch

-------------------------------------------------------------------
Wed Jul 24 10:13:27 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix rich rule comparison in firewalld module (bsc#1222684)

- Added:
  * firewalld-normalize-new-rich-rules-before-comparing-.patch

-------------------------------------------------------------------
Tue Jul  9 11:24:07 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- test_vultrpy: adjust test expectation to prevent failure after Debian 10 EOL

- Added:
  * test_vultrpy-adjust-test-expectation-to-prevent-fail.patch

-------------------------------------------------------------------
Mon Jul  8 16:03:27 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make auth.pam more robust with Salt Bundle and fix tests

- Added:
  * some-more-small-tests-fixes-enhancements-661.patch

-------------------------------------------------------------------
Wed Jul  3 10:45:24 UTC 2024 - Flex Liu <fliu@suse.com>

- Fix performance of user.list_groups with many remote groups
  (bsc#1226964)

- Added:
  * fix-user.list_groups-omits-remote-groups.patch

-------------------------------------------------------------------
Tue Jun 18 15:01:28 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix "status.diskusage" function and exclude some tests for Salt Bundle

- Added:
  * fix-status.diskusage-and-exclude-some-tests-to-run-w.patch

-------------------------------------------------------------------
Wed Jun 12 08:47:03 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Skip certain tests if necessary for some OSes and set flaky ones

- Added:
  * skip-certain-tests-if-necessary-and-mark-some-flaky-.patch

-------------------------------------------------------------------
Thu Jun  6 08:41:14 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Add a timer to delete old env post update for venv-minion

- Added:
  * provide-systemd-timer-unit.patch

-------------------------------------------------------------------
Mon May 27 11:10:14 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Several fixes for tests to avoid errors and failures in some OSes

- Added:
  * several-fixes-for-tests-to-avoid-errors-and-failures.patch

-------------------------------------------------------------------
Wed May 15 12:45:30 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Speed up salt.matcher.confirm_top by using __context__
- Do not call the async wrapper calls with the separate thread
- Prevent OOM with high amount of batch async calls (bsc#1216063)
- Add missing contextvars dependency in salt.version
- Skip tests for unsupported algorithm on old OpenSSL version
- Remove redundant `_file_find` call to the master
- Prevent possible exception in tornado.concurrent.Future._set_done
- Make reactor engine less blocking the EventPublisher
- Make salt-master self recoverable on killing EventPublisher
- Improve broken events catching and reporting
- Make logging calls lighter
- Remove unused import causing delays on starting salt-master

- Added:
  * speed-up-salt.matcher.confirm_top-by-using-__context.patch
  * do-not-call-the-async-wrapper-calls-with-the-separat.patch
  * prevent-oom-with-high-amount-of-batch-async-calls-bs.patch
  * add-missing-contextvars-dependency-in-salt.version.patch
  * skip-tests-for-unsupported-algorithm-on-old-openssl-.patch
  * remove-redundant-_file_find-call-to-the-master.patch
  * prevent-possible-exception-in-tornado.concurrent.fut.patch
  * make-reactor-engine-less-blocking-the-eventpublisher.patch
  * make-salt-master-self-recoverable-on-killing-eventpu.patch
  * improve-broken-events-catching-and-reporting.patch
  * make-logging-calls-lighter.patch
  * remove-unused-import-causing-delays-on-starting-salt.patch

-------------------------------------------------------------------
Mon May  6 10:37:17 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Include libffi and libyaml to the bundle for all of the clients
  to avoid extra dependencies from the client OS.

-------------------------------------------------------------------
Fri Apr  5 11:19:27 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Update Python version from 3.10 to 3.11
- Fix updating the venv-salt-minion pkg with itself
- Enable build for SLE 11

- Added:
  * venv-salt-minion.initd

-------------------------------------------------------------------
Fri Apr  5 11:11:11 UTC 2024 - Alexander Graul <alexander.graul@suse.com>

- Include salt-test in venv-salt-minion-testsuite

- Modified:
  * include-deb
  * include-rpm
  * exclude-deb
  * exclude-rpm

-------------------------------------------------------------------
Tue Mar 26 08:46:11 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Convert oscap output to UTF-8

- Added:
  * switch-oscap-encoding-to-utf-8-639.patch

-------------------------------------------------------------------
Thu Mar 21 13:18:45 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Make Salt compatible with Python 3.11

- Added:
  * fix-salt-warnings-and-testuite-for-python-3.11-635.patch

-------------------------------------------------------------------
Fri Mar 15 09:46:29 UTC 2024 - Yeray Gutiérrez Cedrés <yeray.gutierrez@suse.com>

- Ignore non-ascii chars in oscap output (bsc#1219001)

- Added:
  * decode-oscap-byte-stream-to-string-bsc-1219001.patch

-------------------------------------------------------------------
Thu Mar 14 13:12:59 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix detected issues in Salt tests when running on VMs

- Added:
  * fix-tests-failures-and-errors-when-detected-on-vm-ex.patch

-------------------------------------------------------------------
Wed Mar  6 14:12:20 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Make importing seco.range thread safe (bsc#1211649)

- Added:
  * make-importing-seco.range-thread-safe-bsc-1211649.patch

-------------------------------------------------------------------
Mon Feb 26 10:45:12 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix problematic tests and allow smooth tests executions on containers

- Added:
  * fix-problematic-tests-and-allow-smooth-tests-executi.patch 

-------------------------------------------------------------------
Wed Feb 21 12:21:42 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Discover Ansible playbook files as "*.yml" or "*.yaml" files (bsc#1211888)

- Added:
  * discover-both-.yml-and-.yaml-playbooks-bsc-1211888.patch

-------------------------------------------------------------------
Thu Feb  1 12:32:43 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Prevent directory traversal when creating syndic cache directory
  on the master (CVE-2024-22231, bsc#1219430)
- Prevent directory traversal attacks in the master's serve_file
  method (CVE-2024-22232, bsc#1219431)

- Added:
  * fix-cve-2024-22231-and-cve-2024-22232-bsc-1219430-bs.patch

-------------------------------------------------------------------
Tue Jan 23 15:39:48 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Prevent exceptions with fileserver.update when called via state (bsc#1218482)

- Added:
  * allow-kwargs-for-fileserver-roots-update-bsc-1218482.patch

-------------------------------------------------------------------
Thu Jan 18 16:11:11 UTC 2024 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Improve pip target override condition with VENV_PIP_TARGET
  environment variable (bsc#1216850)
- Fixed KeyError in logs when running a state that fails

- Added:
  * fixed-keyerror-in-logs-when-running-a-state-that-fai.patch
  * improve-pip-target-override-condition-with-venv_pip_.patch

-------------------------------------------------------------------
Thu Jan 18 12:55:04 UTC 2024 - Marek Czernek <marek.czernek@suse.com>

- Ensure that pillar refresh loads beacons from pillar without restart
- Fix the aptpkg.py unit test failure
- Prefer unittest.mock to python-mock in test suite

- Added:
  * update-__pillar__-during-pillar_refresh.patch
  * fix-the-aptpkg.py-unit-test-failure.patch
  * prefer-unittest.mock-for-python-versions-that-are-su.patch

-------------------------------------------------------------------
Mon Jan 15 15:24:27 UTC 2024 - Victor Zhestkov <vzhestkov@suse.com>

- Add libffi to the bundle for EL8 based systems
  to make it more compatible with the clones

-------------------------------------------------------------------
Fri Dec  1 11:06:57 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Enable "KeepAlive" probes for Salt SSH executions (bsc#1211649)

- Added:
  * enable-keepalive-probes-for-salt-ssh-executions-bsc-.patch

-------------------------------------------------------------------
Thu Nov 16 10:34:15 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Revert changes to set Salt configured user early in the stack (bsc#1216284)

- Added:
  * revert-make-sure-configured-user-is-properly-set-by-.patch

-------------------------------------------------------------------
Tue Nov 14 13:53:31 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Include python devel files to the bundle

- Modified:
  * include-deb
  * include-rpm
  * venv-salt-minion-rpmlintrc

-------------------------------------------------------------------
Mon Nov 13 15:49:32 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Align behavior of some modules when using salt-call via symlink (bsc#1215963)
- Fix gitfs "__env__" and improve cache cleaning (bsc#1193948)

- Added:
  * dereference-symlinks-to-set-proper-__cli-opt-bsc-121.patch
  * fix-gitfs-__env__-and-improve-cache-cleaning-bsc-119.patch

-------------------------------------------------------------------
Thu Nov  2 11:20:38 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Add python dateutil module to the bundle
- Make salt bundle testsuite package using conditional build
- Prevent inconsistency on building the bundle
  with the testsuite build enabled
- Avoid rpmlint warnings for testsuite files

- Modified:
  * venv-salt-minion-rpmlintrc

-------------------------------------------------------------------
Thu Nov  2 11:01:16 UTC 2023 - Raúl Osuna <rosuna@suse.com>

- Include building for openEuler with rpm-vercmp and dnfnotify plugin

-------------------------------------------------------------------
Tue Oct 31 11:56:20 UTC 2023 - Alexander Graul <alexander.graul@suse.com>

- Randomize pre_flight_script path (CVE-2023-34049 bsc#1215157)

- Added:
  * fix-cve-2023-34049-bsc-1215157.patch

-------------------------------------------------------------------
Tue Oct 17 13:41:59 UTC 2023 - Marek Czernek <marek.czernek@suse.com>

- Allow all primitive grain types for autosign_grains (bsc#1214477)

- Added:
  * allow-all-primitive-grain-types-for-autosign_grains-.patch

-------------------------------------------------------------------
Mon Oct  2 13:24:46 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Add missing python modules to the bundle (bsc#1213926):
  * pycurl
  * tornado

- Add jmespath python module to align the features of the salt bundle
  with classic salt-minion. Extra ply module was appended as
  a dependency of jmespath (bsc#1210954)

- Add missing cryptography python module to the bundle

- Add conditional venv-salt-minion-testsuite subpackage

- Fix optimization_order opt to prevent testsuite fails
- Improve salt.utils.json.find_json to avoid fails
  with transactional salt salt-ssh managed clients (bsc#1213293)
- Use salt-call from salt bundle with transactional_update
- Only call native_str on curl_debug message in tornado when needed
- Implement the calling for batch async from the salt CLI

- Added:
  * fix-optimization_order-opt-to-prevent-test-fails.patch
  * use-salt-call-from-salt-bundle-with-transactional_up.patch
  * improve-salt.utils.json.find_json-bsc-1213293.patch
  * only-call-native_str-on-curl_debug-message-in-tornad.patch
  * implement-the-calling-for-batch-async-from-the-salt-.patch

- Modified:
  * include-deb
  * include-rpm

-------------------------------------------------------------------
Mon Oct  2 10:14:21 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make venv-dpkgnotify to use bundle python to run

-------------------------------------------------------------------
Mon Oct  2 09:52:53 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix calculation of SLS context vars when trailing dots
  on targetted sls/state (bsc#1213518)

- Added:
  * fix-calculation-of-sls-context-vars-when-trailing-do.patch

-------------------------------------------------------------------
Wed Sep 20 12:22:33 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix inconsistency in reported version by egg-info metadata (bsc#1215489)

- Added:
  * write-salt-version-before-building-when-using-with-s.patch

-------------------------------------------------------------------
Fri Sep  1 07:40:28 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Revert usage of long running REQ channel to prevent possible
  missing responses on requests and dublicated responses
  (bsc#1213960, bsc#1213630, bsc#1213257)

- Added:
  * revert-usage-of-long-running-req-channel-bsc-1213960.patch

-------------------------------------------------------------------
Thu Aug 31 09:55:10 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix gitfs cachedir basename to avoid hash collisions
  (bsc#1193948, bsc#1214797, CVE-2023-20898)

- Added:
  * fixed-gitfs-cachedir_basename-to-avoid-hash-collisio.patch

-------------------------------------------------------------------
Tue Aug 22 12:03:47 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Ship SELinux policy module version 19 to make it compatible
  with broader list of Linux distributions

- Updated:
  * venv-salt-minion-selinux.tar.gz

-------------------------------------------------------------------
Tue Aug 22 12:03:42 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make sure configured user is properly set by Salt (bsc#1210994)
- Do not fail on bad message pack message (bsc#1213441, CVE-2023-20897, bsc#1214796)

- Added:
  * make-sure-configured-user-is-properly-set-by-salt-bs.patch
  * do-not-fail-on-bad-message-pack-message-bsc-1213441-.patch

-------------------------------------------------------------------
Mon Aug 21 15:08:22 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Do not recompile SELinux policy module on building.
  Use precompiled module instead to avoid incompatibility errors.

-------------------------------------------------------------------
Mon Aug 21 13:06:39 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Fix broken tests to make them running in the testsuite
- Prevent possible exceptions on salt.utils.user.get_group_dict
  (bsc#1212794)

- Added:
  * prevent-possible-exceptions-on-salt.utils.user.get_g.patch
  * fix-tests-to-make-them-running-with-salt-testsuite.patch

-------------------------------------------------------------------
Wed Aug  9 15:18:55 UTC 2023 - Alexander Graul <alexander.graul@suse.com>

- Create minion_id with reproducible mtime

-------------------------------------------------------------------
Thu Aug  3 09:17:37 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix detection of Salt codename by "salt_version" execution module
- Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844)
- Fix the regression of user.present state when group is unset (bsc#1212855)

- Added:
  * fix-the-regression-of-user.present-state-when-group-.patch
  * fix-regression-multiple-values-for-keyword-argument-.patch
  * mark-salt-3006-as-released-586.patch

-------------------------------------------------------------------
Wed Aug  2 07:44:07 UTC 2023 - Victor Zhestkov <vzhestkov@suse.com>

- Adding missing file references:
  * exclude-deb
  * exclude-rpm
  * filter-requires.sh
  * include-deb
  * venv-salt-minion-rpmlintrc

-------------------------------------------------------------------
Wed Jun 28 14:47:40 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix zypper repositories always being reconfigured
- Fix utf8 handling in 'pass' renderer and make it more robust

- Added:
  * fix-utf8-handling-in-pass-renderer-and-make-it-more-.patch
  * zypper-pkgrepo-alreadyconfigured-585.patch

-------------------------------------------------------------------
Tue Jun 27 10:34:09 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Prevent _pygit2.GitError: error loading known_hosts when $HOME is not set (bsc#1210994)

- Added:
  * 3006.0-prevent-_pygit2.giterror-error-loading-known_.patch

-------------------------------------------------------------------
Fri Jun 23 12:29:02 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fix ModuleNotFoundError and other issues raised by salt-support module (bsc#1211591)

- Added:
  * fix-some-issues-detected-in-salt-support-cli-module-.patch

-------------------------------------------------------------------
Thu Jun 22 15:48:01 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- tornado: Fix an open redirect in StaticFileHandler (CVE-2023-28370, bsc#1211741)

- Added:
  * tornado-fix-an-open-redirect-in-staticfilehandler-cv.patch

-------------------------------------------------------------------
Mon Jun 19 14:44:13 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make master_tops compatible with Salt 3000 and older minions (bsc#1212516) (bsc#1212517)

- Added:
  * make-master_tops-compatible-with-salt-3000-and-older.patch

-------------------------------------------------------------------
Fri May 26 15:56:57 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Avoid failures due transactional_update module not available
  in Salt 3006.0 (bsc#1211754)

- Added:
  * define-__virtualname__-for-transactional_update-modu.patch

-------------------------------------------------------------------
Tue May 23 09:58:55 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Avoid conflicts with Salt dependencies versions (bsc#1211612)

- Added:
  * avoid-conflicts-with-dependencies-versions-bsc-12116.patch

-------------------------------------------------------------------
Fri Apr 28 12:11:37 UTC 2023 - Alexander Graul <alexander.graul@suse.com>

- Update to Salt release version 3006.0 (jsc#PED-3139)
  * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html

- Add missing patch after rebase to fix collections Mapping issues
- Add python3-looseversion as new dependency for salt
- Add python3-packaging as new dependency for salt
- Allow entrypoint compatibility for "importlib-metadata>=5.0.0" (bsc#1207071)
- Create new salt-tests subpackage containing Salt tests
- Drop conflictive patch dicarded from upstream
- Fix version detection and avoid building and testing failures
- Prevent deadlocks in salt-ssh executions
- Require python3-jmespath runtime dependency (bsc#1209233)
- Fix SLS rendering error when Jinja macros are used

- Added:
  * fix-version-detection-and-avoid-building-and-testing.patch
  * make-sure-the-file-client-is-destroyed-upon-used.patch
  * use-rlock-to-avoid-deadlocks-in-salt-ssh.patch

- Renamed:
  * 3004-implement-zypper-removeptf-574.patch -> 3005.1-implement-zypper-removeptf-573.patch

- Modified:
  * activate-all-beacons-sources-config-pillar-grains.patch
  * add-custom-suse-capabilities-as-grains.patch
  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
  * add-migrated-state-and-gpg-key-management-functions-.patch
  * add-publish_batch-to-clearfuncs-exposed-methods.patch
  * add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
  * add-sleep-on-exception-handling-on-minion-connection.patch
  * add-standalone-configuration-file-for-enabling-packa.patch
  * add-support-for-gpgautoimport-539.patch
  * allow-vendor-change-option-with-zypper.patch
  * async-batch-implementation.patch
  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
  * bsc-1176024-fix-file-directory-user-and-group-owners.patch
  * change-the-delimeters-to-prevent-possible-tracebacks.patch
  * control-the-collection-of-lvm-grains-via-config.patch
  * debian-info_installed-compatibility-50453.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
  * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
  * don-t-use-shell-sbin-nologin-in-requisites.patch
  * drop-serial-from-event.unpack-in-cli.batch_async.patch
  * early-feature-support-config.patch
  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
  * enhance-openscap-module-add-xccdf_eval-call-386.patch
  * fix-bsc-1065792.patch
  * fixes-for-python-3.10-502.patch
  * fix-for-suse-expanded-support-detection.patch
  * fix-issue-2068-test.patch
  * fix-missing-minion-returns-in-batch-mode-360.patch
  * fix-ownership-of-salt-thin-directory-when-using-the-.patch
  * fix-regression-with-depending-client.ssh-on-psutil-b.patch
  * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
  * fix-the-regression-for-yumnotify-plugin-456.patch
  * fix-traceback.print_exc-calls-for-test_pip_state-432.patch
  * include-aliases-in-the-fqdns-grains.patch
  * info_installed-works-without-status-attr-now.patch
  * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
  * make-aptpkg.list_repos-compatible-on-enabled-disable.patch
  * make-setup.py-script-to-not-require-setuptools-9.1.patch
  * pass-the-context-to-pillar-ext-modules.patch
  * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
  * prevent-shell-injection-via-pre_flight_script_args-4.patch
  * read-repo-info-without-using-interpolation-bsc-11356.patch
  * restore-default-behaviour-of-pkg-list-return.patch
  * return-the-expected-powerpc-os-arch-bsc-1117995.patch
  * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
  * run-salt-api-as-user-salt-bsc-1064520.patch
  * run-salt-master-as-dedicated-salt-user.patch
  * save-log-to-logfile-with-docker.build.patch
  * skip-package-names-without-colon-bsc-1208691-578.patch
  * switch-firewalld-state-to-use-change_interface.patch
  * temporary-fix-extend-the-whitelist-of-allowed-comman.patch
  * update-target-fix-for-salt-ssh-to-process-targets-li.patch
  * use-adler32-algorithm-to-compute-string-checksums.patch
  * use-salt-bundle-in-dockermod.patch
  * x509-fixes-111.patch
  * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch

- Removed:
  * 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
  * 3003.3-postgresql-json-support-in-pillar-423.patch
  * add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
  * add-missing-ansible-module-functions-to-whitelist-in.patch
  * add-rpm_vercmp-python-library-for-version-comparison.patch
  * adds-explicit-type-cast-for-port.patch
  * add-support-for-name-pkgs-and-diff_attr-parameters-t.patch
  * align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
  * backport-syndic-auth-fixes.patch
  * batch.py-avoid-exception-when-minion-does-not-respon.patch
  * check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
  * clarify-pkg.installed-pkg_verify-documentation.patch
  * detect-module.run-syntax.patch
  * do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
  * enhance-logging-when-inotify-beacon-is-missing-pyino.patch
  * fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
  * fix-crash-when-calling-manage.not_alive-runners.patch
  * fixes-56144-to-enable-hotadd-profile-support.patch
  * fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
  * fix-for-cve-2022-22967-bsc-1200566.patch
  * fix-inspector-module-export-function-bsc-1097531-481.patch
  * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
  * fix-issues-with-salt-ssh-s-extra-filerefs.patch
  * fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
  * fix-multiple-security-issues-bsc-1197417.patch
  * fix-salt-call-event.send-call-with-grains-and-pillar.patch
  * fix-salt.states.file.managed-for-follow_symlinks-tru.patch
  * fix-state.apply-in-test-mode-with-file-state-module-.patch
  * fix-test_ipc-unit-tests.patch
  * fix-the-regression-in-schedule-module-releasded-in-3.patch
  * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
  * fopen-workaround-bad-buffering-for-binary-mode-563.patch
  * force-zyppnotify-to-prefer-packages.db-than-packages.patch
  * ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
  * ignore-extend-declarations-from-excluded-sls-files.patch
  * ignore-non-utf8-characters-while-reading-files-with-.patch
  * implementation-of-held-unheld-functions-for-state-pk.patch
  * implementation-of-suse_ip-execution-module-bsc-10999.patch
  * improvements-on-ansiblegate-module-354.patch
  * include-stdout-in-error-message-for-zypperpkg-559.patch
  * make-pass-renderer-configurable-other-fixes-532.patch
  * make-sure-saltcacheloader-use-correct-fileclient-519.patch
  * mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
  * normalize-package-names-once-with-pkg.installed-remo.patch
  * notify-beacon-for-debian-ubuntu-systems-347.patch
  * refactor-and-improvements-for-transactional-updates-.patch
  * retry-if-rpm-lock-is-temporarily-unavailable-547.patch
  * set-default-target-for-pip-from-venv_pip_target-envi.patch
  * state.apply-don-t-check-for-cached-pillar-errors.patch
  * state.orchestrate_single-does-not-pass-pillar-none-4.patch
  * support-transactional-systems-microos.patch
  * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch

-------------------------------------------------------------------
Mon Feb 27 10:56:49 UTC 2023 - Alexander Graul <alexander.graul@suse.com>

- Fix problem with detecting PTF packages (bsc#1208691)

- Added:
  * skip-package-names-without-colon-bsc-1208691-578.patch

-------------------------------------------------------------------
Tue Feb 14 10:05:54 UTC 2023 - Ondrej Holecek <oholecek@suse.com>

- Do not hide SELinux installation errors and notify users (bsc#1205687) 

-------------------------------------------------------------------
Tue Jan 31 12:10:08 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Fixes pkg.version_cmp on openEuler systems and a few other OS flavors

- Added:
  * fixes-pkg.version_cmp-on-openeuler-systems-and-a-few.patch

-------------------------------------------------------------------
Mon Jan 23 13:46:01 UTC 2023 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make pkg.remove function from zypperpkg module to handle also PTF packages

- Added:
  * 3004-implement-zypper-removeptf-574.patch

-------------------------------------------------------------------
Tue Jan 10 15:20:27 UTC 2023 - Alexander Graul <alexander.graul@suse.com>

- Control the collection of lvm grains via config (bsc#1204939)

- Added:
  * control-the-collection-of-lvm-grains-via-config.patch

-------------------------------------------------------------------
Fri Oct 28 12:10:34 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Pass the context to pillar ext modules
- Align Amazon EC2 (Nitro) grains with upstream (bsc#1203685)
- Detect module run syntax version
- Implement automated patches alignment for the Salt Bundle

- Added:
  * detect-module.run-syntax.patch
  * align-amazon-ec2-nitro-grains-with-upstream-pr-bsc-1.patch
  * pass-the-context-to-pillar-ext-modules.patch

-------------------------------------------------------------------
Fri Oct 21 13:22:15 UTC 2022 - Alexander Graul <alexander.graul@suse.com>

- Ignore extend declarations from excluded SLS files (bsc#1203886)
- Clarify pkg.installed pkg_verify documentation
- Enhance capture of error messages for Zypper calls in zypperpkg module

- Added:
  * include-stdout-in-error-message-for-zypperpkg-559.patch
  * clarify-pkg.installed-pkg_verify-documentation.patch
  * ignore-extend-declarations-from-excluded-sls-files.patch

-------------------------------------------------------------------
Wed Oct 12 10:11:41 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make pass renderer configurable and fix detected issues
- Workaround fopen line buffering for binary mode (bsc#1203834)

- Added:
  * fopen-workaround-bad-buffering-for-binary-mode-563.patch
  * make-pass-renderer-configurable-other-fixes-532.patch

-------------------------------------------------------------------
Tue Oct 11 12:21:46 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Removed dependency to policycoreutils for Ubuntu 20.04 and higher
  (bsc#1204206)

-------------------------------------------------------------------
Thu Sep 15 10:55:47 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Remove kiwi python module from the bundle as no longer required

- Updated:
  * include-rpm
  * remove-file

-------------------------------------------------------------------
Wed Sep 14 12:07:44 UTC 2022 - Alexander Graul <alexander.graul@suse.com>

- Handle non-UTF-8 bytes in core grains generation (bsc#1202165)

- Added:
  * ignore-non-utf8-characters-while-reading-files-with-.patch

-------------------------------------------------------------------
Tue Sep 13 13:52:59 UTC 2022 - Alexander Graul <alexander.graul@suse.com>

- Don't include kiwi binaries
- Fix Syndic authentication errors (bsc#1199562)

- Added:
  * backport-syndic-auth-fixes.patch

- Updated:
  * remove-file

-------------------------------------------------------------------
Thu Sep  1 13:10:30 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Add Amazon EC2 detection for virtual grains (bsc#1195624)
- Fix the regression in schedule module releasded in 3004 (bsc#1202631)
- Fix state.apply in test mode with file state module
  on user/group checking (bsc#1202167)
- Change the delimeters to prevent possible tracebacks
  on some packages with dpkg_lowpkg

- Added:
  * add-amazon-ec2-detection-for-virtual-grains-bsc-1195.patch
  * fix-state.apply-in-test-mode-with-file-state-module-.patch
  * fix-the-regression-in-schedule-module-releasded-in-3.patch
  * change-the-delimeters-to-prevent-possible-tracebacks.patch

-------------------------------------------------------------------
Mon Aug 29 13:50:01 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make zypperpkg to retry if RPM lock is temporarily unavailable (bsc#1200596)

- Added:
  * retry-if-rpm-lock-is-temporarily-unavailable-547.patch

-------------------------------------------------------------------
Tue Jul 19 08:11:32 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Add SELinux profile to the package instead of using semanage
- Remove Build ID links from the virtual environment
  and disable generating new links on building the package
- Remove packages.log from the virtual environment

- Added:
  * venv-salt-minion-selinux.tar.gz

-------------------------------------------------------------------
Tue Jul 12 12:45:30 UTC 2022 - Alexander Graul <alexander.graul@suse.com>

- Fix test_ipc unit test

- Added:
  * fix-test_ipc-unit-tests.patch

-------------------------------------------------------------------
Fri Jul  8 09:46:44 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Add support for gpgautoimport in zypperpkg module
- Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744)
- Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372)
- Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082)

- Added:
  * add-support-for-gpgautoimport-539.patch
  * fix-jinja2-contextfuntion-base-on-version-bsc-119874.patch
  * fix-62092-catch-zmq.error.zmqerror-to-set-hwm-for-zm.patch
  * fix-salt.states.file.managed-for-follow_symlinks-tru.patch

-------------------------------------------------------------------
Thu Jul  7 15:01:36 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Add support for name, pkgs and diff_attr parameters to upgrade
  function for zypper and yum (bsc#1198489)

- Added:
  * add-support-for-name-pkgs-and-diff_attr-parameters-t.patch

-------------------------------------------------------------------
Mon Jun 27 16:05:49 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Fix possible errors on running post install script
  if semanage is present on the system, but SELinux is not configured
- Remove unused imports in the venv wrappers
- Set VENV_PIP_TARGET to /var/lib/venv-salt-minion/local
  to force PIP use it as the destination to install modules

- Updated:
  * venv.py.src
  * venv-startup

-------------------------------------------------------------------
Mon Jun 27 15:55:24 UTC 2022 - Victor Zhestkov <vzhestkov@suse.com>

- Fix ownership of salt thin directory when using the Salt Bundle
- Set default target for pip from VENV_PIP_TARGET environment variable
- Normalize package names once with pkg.installed/removed using yum (bsc#1195895)
- Save log to logfile with docker.build
- Use Salt Bundle in dockermod
- Ignore erros on reading license files with dpkg_lowpkg (bsc#1197288)
- Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566)

- Added:
  * normalize-package-names-once-with-pkg.installed-remo.patch
  * set-default-target-for-pip-from-venv_pip_target-envi.patch
  * ignore-erros-on-reading-license-files-with-dpkg_lowp.patch
  * fix-for-cve-2022-22967-bsc-1200566.patch
  * fix-ownership-of-salt-thin-directory-when-using-the-.patch
  * use-salt-bundle-in-dockermod.patch
  * save-log-to-logfile-with-docker.build.patch

-------------------------------------------------------------------
Thu May 19 11:32:42 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Make sure SaltCacheLoader use correct fileclient (bsc#1199149)
- Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533)
- Prevent data pollution between actions proceesed at the same time (bsc#1197637)

- Added:
  * prevent-affection-of-ssh.opts-with-lazyloader-bsc-11.patch
  * fix-regression-with-depending-client.ssh-on-psutil-b.patch
  * make-sure-saltcacheloader-use-correct-fileclient-519.patch

-------------------------------------------------------------------
Thu Apr 28 06:39:33 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Rename the python startup script to venv-startup so we can avoid
  python cache files creation in bin directory of the bundle
  * Removed: venv-exec.py.src
  * Added: venv-startup

- Remove wsdump files from bin directory as they are not needed
  * Updated: remove-file

-------------------------------------------------------------------
Mon Apr 18 08:25:50 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Fix the regression caused by the patch removing strict requirement for
  OpenSSL 1.1.1 leading to read/write issues with ssl module for
  SLE 15, SLE 12, CentOS 7, Debian 9 (bsc#1198556)

-------------------------------------------------------------------
Tue Apr  5 09:39:08 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Fixes for Python 3.10
- Fix salt-ssh opts poisoning (bsc#1197637)
- Fix multiple security issues (bsc#1197417)
  * Sign authentication replies to prevent MiTM (CVE-2022-22935)
  * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
  * Prevent job and fileserver replays (CVE-2022-22936)
  * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)

- Added:
  * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
  * fixes-for-python-3.10-502.patch
  * fix-multiple-security-issues-bsc-1197417.patch

-------------------------------------------------------------------
Fri Apr  1 08:16:25 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Salt version bump to 3004
- Python version bump to 3.10.2

- Added:
  * v3004.tar.gz
  * 3003.3-do-not-consider-skipped-targets-as-failed-for.patch
  * 3003.3-postgresql-json-support-in-pillar-423.patch
  * add-missing-ansible-module-functions-to-whitelist-in.patch
  * add-salt-ssh-support-with-venv-salt-minion-3004-493.patch
  * allow-vendor-change-option-with-zypper.patch
  * drop-serial-from-event.unpack-in-cli.batch_async.patch
  * fix-crash-when-calling-manage.not_alive-runners.patch
  * fix-inspector-module-export-function-bsc-1097531-481.patch
  * fix-issues-with-salt-ssh-s-extra-filerefs.patch
  * fix-salt-call-event.send-call-with-grains-and-pillar.patch
  * fix-traceback.print_exc-calls-for-test_pip_state-432.patch
  * mock-ip_addrs-in-utils-minions.py-unit-test-443.patch
  * prevent-shell-injection-via-pre_flight_script_args-4.patch
  * state.orchestrate_single-does-not-pass-pillar-none-4.patch
  * support-transactional-systems-microos.patch

- Removed:
  * v3002.2.tar.gz
  * 3002.2-do-not-consider-skipped-targets-as-failed-for.patch
  * 3002.2-postgresql-json-support-in-pillar-424.patch
  * 3002.2-xen-spicevmc-dns-srv-records-backports-314.patch
  * 3002-set-distro-requirement-to-oldest-supported-vers.patch
  * accumulated-changes-from-yomi-167.patch
  * accumulated-changes-required-for-yomi-165.patch
  * add-alibaba-cloud-linux-2-by-backporting-upstream-s-.patch
  * add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch
  * add-all_versions-parameter-to-include-all-installed-.patch
  * add-almalinux-and-alibaba-cloud-linux-to-the-os-fami.patch
  * add-astra-linux-common-edition-to-the-os-family-list.patch
  * add-batch_presence_ping_timeout-and-batch_presence_p.patch
  * add-cpe_name-for-osversion-grain-parsing-u-49946.patch
  * add-docker-logout-237.patch
  * add-hold-unhold-functions.patch
  * adding-preliminary-support-for-rocky.-59682-391.patch
  * add-missing-aarch64-to-rpm-package-architectures-405.patch
  * add-multi-file-support-and-globbing-to-the-filetree-.patch
  * add-new-custom-suse-capability-for-saltutil-state-mo.patch
  * add-patch-support-for-allow-vendor-change-option-wit.patch
  * add-pkg.services_need_restart-302.patch
  * add-saltssh-multi-version-support-across-python-inte.patch
  * add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch
  * add-supportconfig-module-for-remote-calls-and-saltss.patch
  * add-virt.all_capabilities.patch
  * allow-extra_filerefs-as-sanitized-kwargs-for-ssh-cli.patch
  * allow-passing-kwargs-to-pkg.list_downloaded-bsc-1140.patch
  * allow-vendor-change-option-with-zypper-313.patch
  * ansiblegate-take-care-of-failed-skipped-and-unreacha.patch
  * apply-patch-from-upstream-to-support-python-3.8.patch
  * async-batch-implementation-fix-320.patch
  * avoid-traceback-when-http.query-request-cannot-be-pe.patch
  * backport-a-few-virt-prs-272.patch
  * backport-of-upstream-pr59492-to-3002.2-404.patch
  * backport-thread.is_alive-fix-390.patch
  * backport-virt-patches-from-3001-256.patch
  * batch_async-avoid-using-fnmatch-to-match-event-217.patch
  * batch-async-catch-exceptions-and-safety-unregister-a.patch
  * better-handling-of-bad-public-keys-from-minions-bsc-.patch
  * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch
  * changed-imports-to-vendored-tornado.patch
  * clear-network-interface-cache-when-grains-are-reques.patch
  * do-noop-for-services-states-when-running-systemd-in-.patch
  * do-not-break-repo-files-with-multiple-line-values-on.patch
  * do-not-crash-when-there-are-ipv6-established-connect.patch
  * do-not-make-ansiblegate-to-crash-on-python3-minions.patch
  * do-not-monkey-patch-yaml-bsc-1177474.patch
  * do-not-raise-streamclosederror-traceback-but-only-lo.patch
  * don-t-call-zypper-with-more-than-one-no-refresh.patch
  * drop-wrong-mock-from-chroot-unit-test.patch
  * drop-wrong-virt-capabilities-code-after-rebasing-pat.patch
  * ensure-virt.update-stop_on_reboot-is-updated-with-it.patch
  * exclude-the-full-path-of-a-download-url-to-prevent-i.patch
  * fall-back-to-pymysql.patch
  * figure-out-python-interpreter-to-use-inside-containe.patch
  * fix-aptpkg.normalize_name-when-package-arch-is-all.patch
  * fix-aptpkg-systemd-call-bsc-1143301.patch
  * fix-async-batch-multiple-done-events.patch
  * fix-async-batch-race-conditions.patch
  * fix-a-test-and-some-variable-names-229.patch
  * fix-a-wrong-rebase-in-test_core.py-180.patch
  * fix-batch_async-obsolete-test.patch
  * fix-cve-2020-25592-and-add-tests-bsc-1178319.patch
  * fixed-bug-lvm-has-no-parttion-type.-the-scipt-later-.patch
  * fix-error-handling-in-openscap-module-bsc-1188647-40.patch
  * fixes-cve-2018-15750-cve-2018-15751.patch
  * fix-failing-unit-tests-for-batch-async.patch
  * fix-failing-unit-tests-for-systemd.patch
  * fix-for-log-checking-in-x509-test.patch
  * fix-for-some-cves-bsc1181550.patch
  * fix-for-temp-folder-definition-in-loader-unit-test.patch
  * fix-git_pillar-merging-across-multiple-__env__-repos.patch
  * fix-grains.test_core-unit-test-277.patch
  * fixing-streamclosed-issue.patch
  * fix-inspector-module-export-function-bsc-1097531-480.patch
  * fix-ipv6-scope-bsc-1108557.patch
  * fix-issue-parsing-errors-in-ansiblegate-state-module.patch
  * fix-memory-leak-produced-by-batch-async-find_jobs-me.patch
  * fix-__mount_device-wrapper-254.patch
  * fix-novendorchange-option-284.patch
  * fix-onlyif-unless-when-multiple-conditions-bsc-11808.patch
  * fix-regression-on-cmd.run-when-passing-tuples-as-cmd.patch
  * fix-save-for-iptables-state-module-bsc-1185131-372.patch
  * fix-state.orchestrate_single-to-not-pass-pillar-none.patch
  * fix-the-removed-six.itermitems-and-six.-_type-262.patch
  * fix-traceback.-_exc-calls-429.patch
  * fix-unit-test-for-grains-core.patch
  * fix-unit-tests-for-batch-async-after-refactor.patch
  * fix-virt.update-with-cpu-defined-263.patch
  * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch
  * fix-zypper-pkg.list_pkgs-expectation-and-dpkg-mockin.patch
  * get-os_arch-also-without-rpm-package-installed.patch
  * grains.extra-support-old-non-intel-kernels-bsc-11806.patch
  * grains-master-can-read-grains.patch
  * handle-master-tops-data-when-states-are-applied-by-t.patch
  * handle-volumes-on-stopped-pools-in-virt.vm_info-373.patch
  * implement-network.fqdns-module-function-bsc-1134860-.patch
  * improve-batch_async-to-release-consumed-memory-bsc-1.patch
  * integration-of-msi-authentication-with-azurearm-clou.patch
  * invalidate-file-list-cache-when-cache-file-modified-.patch
  * loop-fix-variable-names-for-until_no_eval.patch
  * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch
  * make-profiles-a-package.patch
  * mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
  * move-server_id-deprecation-warning-to-reduce-log-spa.patch
  * move-vendor-change-logic-to-zypper-class-355.patch
  * opensuse-3000.2-virt-backports-236-257.patch
  * opensuse-3000.3-spacewalk-runner-parse-command-250.patch
  * opensuse-3000-libvirt-engine-fixes-251.patch
  * opensuse-3000-virt-defined-states-222.patch
  * open-suse-3002.2-bigvm-310.patch
  * open-suse-3002.2-virt-network-311.patch
  * open-suse-3002.2-xen-grub-316.patch
  * option-to-en-disable-force-refresh-in-zypper-215.patch
  * parsing-epoch-out-of-version-provided-during-pkg-rem.patch
  * path-replace-functools.wraps-with-six.wraps-bsc-1177.patch
  * pkgrepo-support-python-2.7-function-call-295.patch
  * prevent-ansiblegate-unit-tests-to-fail-on-ubuntu.patch
  * prevent-command-injection-in-the-snapper-module-bsc-.patch
  * prevent-import-errors-when-running-test_btrfs-unit-t.patch
  * prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch
  * prevent-race-condition-on-sigterm-for-the-minion-bsc.patch
  * prevent-systemd-run-description-issue-when-running-a.patch
  * prevent-test_mod_del_repo_multiline_values-to-fail.patch
  * provide-the-missing-features-required-for-yomi-yet-o.patch
  * python3.8-compatibility-pr-s-235.patch
  * re-adding-function-to-test-for-root.patch
  * regression-fix-of-salt-ssh-on-processing-targets-353.patch
  * reintroducing-reverted-changes.patch
  * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch
  * remove-deprecated-usage-of-no_mock-and-no_mock_reaso.patch
  * remove-deprecated-warning-that-breaks-miniion-execut.patch
  * remove-duplicated-method-definitions-in-salt.netapi-.patch
  * remove-msgpack-1.0.0-requirement-in-the-installed-me.patch
  * remove-unnecessary-yield-causing-badyielderror-bsc-1.patch
  * remove-vendored-backports-abc-from-requirements.patch
  * remove-wrong-_parse_cpe_name-from-grains.core-452.patch
  * revert-add-patch-support-for-allow-vendor-change-opt.patch
  * sanitize-grains-loaded-from-roster_grains.json.patch
  * strip-trailing-from-repo.uri-when-comparing-repos-in.patch
  * support-config-non-root-permission-issues-fixes-u-50.patch
  * support-for-btrfs-and-xfs-in-parted-and-mkfs.patch
  * support-transactional-systems-microos-271.patch
  * templates-move-the-globals-up-to-the-environment-jin.patch
  * transactional_update-detect-recursion-in-the-executo.patch
  * transactional_update-unify-with-chroot.call.patch
  * use-current-ioloop-for-the-localclient-instance-of-b.patch
  * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch
  * vendor-stateresult.patch
  * virt-adding-kernel-boot-parameters-to-libvirt-xml-55.patch
  * virt._get_domain-don-t-raise-an-exception-if-there-i.patch
  * virt.network_update-handle-missing-ipv4-netmask-attr.patch
  * virt-pass-emulator-when-getting-domain-capabilities-.patch
  * virt-uefi-fix-backport-312.patch
  * virt-use-dev-kvm-to-detect-kvm-383.patch
  * xen-disk-fixes-264.patch
  * xfs-do-not-fails-if-type-is-not-present.patch
  * zypperpkg-filter-patterns-that-start-with-dot-244.patch

- Updated:
  * activate-all-beacons-sources-config-pillar-grains.patch
  * add-custom-suse-capabilities-as-grains.patch
  * add-environment-variable-to-know-if-yum-is-invoked-f.patch
  * add-migrated-state-and-gpg-key-management-functions-.patch
  * add-publish_batch-to-clearfuncs-exposed-methods.patch
  * add-rpm_vercmp-python-library-for-version-comparison.patch
  * adds-explicit-type-cast-for-port.patch
  * add-sleep-on-exception-handling-on-minion-connection.patch
  * add-standalone-configuration-file-for-enabling-packa.patch
  * async-batch-implementation.patch
  * avoid-excessive-syslogging-by-watchdog-cronjob-58.patch
  * batch.py-avoid-exception-when-minion-does-not-respon.patch
  * bsc-1176024-fix-file-directory-user-and-group-owners.patch
  * check-if-dpkgnotify-is-executable-bsc-1186674-376.patch
  * debian-info_installed-compatibility-50453.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch
  * do-not-crash-when-unexpected-cmd-output-at-listing-p.patch
  * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch
  * don-t-use-shell-sbin-nologin-in-requisites.patch
  * early-feature-support-config.patch
  * enable-passing-a-unix_socket-for-mysql-returners-bsc.patch
  * enhance-logging-when-inotify-beacon-is-missing-pyino.patch
  * enhance-openscap-module-add-xccdf_eval-call-386.patch
  * fix-bsc-1065792.patch
  * fixes-56144-to-enable-hotadd-profile-support.patch
  * fix-exception-in-yumpkg.remove-for-not-installed-pac.patch
  * fix-for-suse-expanded-support-detection.patch
  * fix-ip6_interface-grain-to-not-leak-secondary-ipv4-a.patch
  * fix-issue-2068-test.patch
  * fix-missing-minion-returns-in-batch-mode-360.patch
  * fix-salt.utils.stringutils.to_str-calls-to-make-it-w.patch
  * fix-the-regression-for-yumnotify-plugin-456.patch
  * fix-wrong-test_mod_del_repo_multiline_values-test-af.patch
  * force-zyppnotify-to-prefer-packages.db-than-packages.patch
  * implementation-of-held-unheld-functions-for-state-pk.patch
  * implementation-of-suse_ip-execution-module-bsc-10999.patch
  * improvements-on-ansiblegate-module-354.patch
  * include-aliases-in-the-fqdns-grains.patch
  * info_installed-works-without-status-attr-now.patch
  * let-salt-ssh-use-platform-python-binary-in-rhel8-191.patch
  * make-aptpkg.list_repos-compatible-on-enabled-disable.patch
  * make-setup.py-script-to-not-require-setuptools-9.1.patch
  * notify-beacon-for-debian-ubuntu-systems-347.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
  * read-repo-info-without-using-interpolation-bsc-11356.patch
  * refactor-and-improvements-for-transactional-updates-.patch
  * restore-default-behaviour-of-pkg-list-return.patch
  * return-the-expected-powerpc-os-arch-bsc-1117995.patch
  * revert-fixing-a-use-case-when-multiple-inotify-beaco.patch
  * run-salt-api-as-user-salt-bsc-1064520.patch
  * run-salt-master-as-dedicated-salt-user.patch
  * state.apply-don-t-check-for-cached-pillar-errors.patch
  * switch-firewalld-state-to-use-change_interface.patch
  * temporary-fix-extend-the-whitelist-of-allowed-comman.patch
  * update-target-fix-for-salt-ssh-to-process-targets-li.patch
  * use-adler32-algorithm-to-compute-string-checksums.patch
  * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
  * x509-fixes-111.patch
  * zypperpkg-ignore-retcode-104-for-search-bsc-1176697-.patch

-------------------------------------------------------------------
Thu Mar  3 17:00:12 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Clear network interfaces cache on grains request (bsc#1196050)
- Remove duplicated method definitions in salt.netapi
- Add salt-ssh with Salt Bundle support (venv-salt-minion)
  (bsc#1182851, bsc#1196432)
- Remove not required binaries from virtual environment

- Added:
  * clear-network-interface-cache-when-grains-are-reques.patch
  * remove-duplicated-method-definitions-in-salt.netapi-.patch
  * add-salt-ssh-support-with-venv-salt-minion-3002.2-47.patch

- Updated:
  * remove-file

-------------------------------------------------------------------
Thu Feb 17 15:43:59 UTC 2022 - Pablo Suárez Hernández <pablo.suarezhernandez@suse.com>

- Restrict "state.orchestrate_single" to pass a pillar value if it exists (bsc#1194632)

- Added:
  * fix-state.orchestrate_single-to-not-pass-pillar-none.patch

-------------------------------------------------------------------
Thu Feb  3 08:35:38 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Refactor venv-exec.py wrapper and the way of calling it
  with PYTHONSTARTUP environment variable

- Updated:
  * venv-exec.py.src

-------------------------------------------------------------------
Wed Feb  2 07:58:48 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Fix inspector module export function (bsc#1097531)
- Add all ssh kwargs to sanitize_kwargs method
- Wipe NOTIFY_SOCKET from env in cmdmod (bsc#1193357)
- Don't check for cached pillar errors on state.apply (bsc#1190781)
- Move the logic of cleaning PYTHONHOME environment variable
  and fixing sys.executable value to venv-exec.py wrapper
  from venv executor module to prevent some side effects found

- Added:
  * state.apply-don-t-check-for-cached-pillar-errors.patch
  * add-all-ssh-kwargs-to-sanitize_kwargs-method-3002.2-.patch
  * wipe-notify_socket-from-env-in-cmdmod-bsc-1193357-30.patch
  * fix-inspector-module-export-function-bsc-1097531-480.patch
  * vendor-stateresult.patch

- Updated:
  * venv-exec.py.src
  * venv.py.src

-------------------------------------------------------------------
Thu Jan 13 12:04:32 UTC 2022 - Victor Zhestkov <victor.zhestkov@suse.com>

- Add venv-exec.py wrapper to prevent errors on using cmdmod module

- Added:
  * venv-exec.py.src

-------------------------------------------------------------------
Wed Dec 29 11:56:11 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Fix condition to identify correct python sitelib for dnfnotify

-------------------------------------------------------------------
Mon Dec 20 10:47:53 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Remove some specific binary library dependencies

-------------------------------------------------------------------
Mon Dec 20 09:33:29 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Handle transactional_update executor for the relevant systems
- Add policycoreutils and policycoreutils-python-utils to post
  install requirements for CentOS 8+ and Fedora 22+ packages

-------------------------------------------------------------------
Thu Dec 16 11:46:41 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Set sys.executable pointing to the wrapper script instead
  of real python executable with venv executor module

-------------------------------------------------------------------
Wed Nov 17 19:49:43 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Simplify "transactional_update" module to not use SSH wrapper and allow more flexible execution
- Add "--no-return-event" option to salt-call to prevent sending return event back to master.
- Make "state.highstate" to acts on concurrent flag.

- Added:
  * refactor-and-improvements-for-transactional-updates-.patch

-------------------------------------------------------------------
Tue Nov  9 10:53:20 UTC 2021 - Victor Zhestkov <victor.zhestkov@suse.com>

- Use dnfnotify instead yumnotify for relevant distros
- Remove wrong _parse_cpe_name from grains.core
- dnfnotify pkgset plugin implementation
- Add rpm_vercmp python library support for version comparison
- Prevent pkg plugins errors on missing cookie path (bsc#1186738)

- Added:
  * mock-ip_addrs-in-utils-minions.py-unit-test-444.patch
  * add-rpm_vercmp-python-library-for-version-comparison.patch
  * prevent-pkg-plugins-errors-on-missing-cookie-path-bs.patch
  * remove-wrong-_parse_cpe_name-from-grains.core-452.patch
  * dnfnotify-pkgset-plugin-implementation-3002.2-450.patch

-------------------------------------------------------------------
Wed Oct 13 08:24:21 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>

- Add propagate python_ver into the venvjail

-------------------------------------------------------------------
Tue Jan 26 14:26:18 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>

- Initial package based on victor.zhestkov@suse.com one
openSUSE Build Service is sponsored by