SUSE-SU-2024:0508-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0508-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0508-1
Related
  • CVE-2024-22231
  • CVE-2024-22232
Published
2024-02-15T13:41:28Z
Modified
2024-02-15T13:41:28Z
Summary
Security update for salt
Details

This update for salt fixes the following issues:

Security issues fixed:

  • CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430)
  • CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431)

Bugs fixed:

  • Ensure that pillar refresh loads beacons from pillar without restart
  • Fix the aptpkg.py unit test failure
  • Prefer unittest.mock to python-mock in test suite
  • Enable 'KeepAlive' probes for Salt SSH executions (bsc#1211649)
  • Revert changes to set Salt configured user early in the stack (bsc#1216284)
  • Align behavior of some modules when using salt-call via symlink (bsc#1215963)
  • Fix gitfs 'env' and improve cache cleaning (bsc#1193948)
  • Remove python-boto dependency for the python3-salt-testsuite package for Tumbleweed
References

Affected packages

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "salt-bash-completion": "3006.0-150300.53.70.1",
            "salt-cloud": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1",
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-ssh": "3006.0-150300.53.70.1",
            "salt-proxy": "3006.0-150300.53.70.1",
            "salt-zsh-completion": "3006.0-150300.53.70.1",
            "salt-standalone-formulas-configuration": "3006.0-150300.53.70.1",
            "salt-syndic": "3006.0-150300.53.70.1",
            "salt-master": "3006.0-150300.53.70.1",
            "salt-doc": "3006.0-150300.53.70.1",
            "salt-api": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt-fish-completion": "3006.0-150300.53.70.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP3-LTSS / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "salt-bash-completion": "3006.0-150300.53.70.1",
            "salt-cloud": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1",
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-ssh": "3006.0-150300.53.70.1",
            "salt-transactional-update": "3006.0-150300.53.70.1",
            "salt-proxy": "3006.0-150300.53.70.1",
            "salt-zsh-completion": "3006.0-150300.53.70.1",
            "salt-standalone-formulas-configuration": "3006.0-150300.53.70.1",
            "salt-syndic": "3006.0-150300.53.70.1",
            "salt-master": "3006.0-150300.53.70.1",
            "salt-doc": "3006.0-150300.53.70.1",
            "salt-api": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt-fish-completion": "3006.0-150300.53.70.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "salt-bash-completion": "3006.0-150300.53.70.1",
            "salt-cloud": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1",
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-ssh": "3006.0-150300.53.70.1",
            "salt-proxy": "3006.0-150300.53.70.1",
            "salt-zsh-completion": "3006.0-150300.53.70.1",
            "salt-standalone-formulas-configuration": "3006.0-150300.53.70.1",
            "salt-syndic": "3006.0-150300.53.70.1",
            "salt-master": "3006.0-150300.53.70.1",
            "salt-doc": "3006.0-150300.53.70.1",
            "salt-api": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt-fish-completion": "3006.0-150300.53.70.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-transactional-update": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-transactional-update": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3006.0-150300.53.70.1

Ecosystem specific

{
    "binaries": [
        {
            "salt-bash-completion": "3006.0-150300.53.70.1",
            "salt-cloud": "3006.0-150300.53.70.1",
            "salt": "3006.0-150300.53.70.1",
            "python3-salt": "3006.0-150300.53.70.1",
            "salt-ssh": "3006.0-150300.53.70.1",
            "salt-transactional-update": "3006.0-150300.53.70.1",
            "salt-proxy": "3006.0-150300.53.70.1",
            "salt-zsh-completion": "3006.0-150300.53.70.1",
            "salt-standalone-formulas-configuration": "3006.0-150300.53.70.1",
            "salt-syndic": "3006.0-150300.53.70.1",
            "salt-master": "3006.0-150300.53.70.1",
            "salt-doc": "3006.0-150300.53.70.1",
            "salt-api": "3006.0-150300.53.70.1",
            "salt-minion": "3006.0-150300.53.70.1",
            "salt-fish-completion": "3006.0-150300.53.70.1"
        }
    ]
}