SUSE-SU-2021:0915-1

This update fixes the following issues:

salt:

• Only require python-certifi for CentOS7
• Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110)
• Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976)
• Fix recursion false detection in payload (bsc#1180101)
• Add sleep on exception handling on minion connection attempt to the master (bsc#1174855)
• Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347)
• Always require python-certifi (used by salt.ext.tornado)
• Exclude SLE 12 from requiring python-certifi
• Do not crash when unexpected cmd output at listing patches (bsc#1181290)
• Fix behavior for 'onlyif/unless' when multiple conditions (bsc#1180818)
• Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
• Allow extra_filerefs as sanitized kwargs for SSH client
• Fix errors with virt.update
• Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)
• Virt: search for grub.xen path
• Xen spicevmc, DNS SRV records backports: Fix virtual network generated DNS XML for SRV records Don't add spicevmc channel to xen VMs
• Virt UEFI fix: virt.update when efi=True
• Master can read grains (bsc#1179696)