SUSE-SU-2026:1521-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2026/suse-su-20261521-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2026:1521-1

Upstream

CVE-2026-31958

Related

CVE-2026-31958

Published

2026-04-21T09:25:11Z

Modified

2026-04-22T08:15:45.496123Z

Summary

Security update 5.1.3 for Multi-Linux Manager Client Tools

Details

This update fixes the following issues:

golang-github-lusitaniae-apache_exporter:

Internal changes to fix build issues with no impact for customers

spacecmd:

Version 5.1.13-0
- Updated translation strings

venv-salt-minion:

Security issues fixed:
- CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing (bsc#1259554)
Added x8664v2 as a possible rpm package architecture
Make users with backslash working for salt-ssh (bsc#1254629)
Fixed ansible.playbooks extra-vars quoting (bsc#1257831)
Fixed virtualenv call in test helper to use proper python version
Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957)
Fixed the typo causing buiding EL9 bundle without binary dependencies

References

Affected packages

SUSE:Multi Linux Manager Tools RES-7

golang-github-lusitaniae-apache_exporter

Package

Name: golang-github-lusitaniae-apache_exporter
Purl: pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20RES-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.10-70002.3.6.1

Ecosystem specific

{
    "binaries": [
        {
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "spacecmd": "5.1.13-70002.3.9.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

spacecmd

Package

Name: spacecmd
Purl: pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20RES-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.13-70002.3.9.1

Ecosystem specific

{
    "binaries": [
        {
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "spacecmd": "5.1.13-70002.3.9.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

venv-salt-minion

Package

Name: venv-salt-minion
Purl: pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20RES-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3006.0-70002.5.12.1

Ecosystem specific

{
    "binaries": [
        {
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "spacecmd": "5.1.13-70002.3.9.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

golang-github-lusitaniae-apache_exporter

Package

Name: golang-github-lusitaniae-apache_exporter
Purl: pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.10-70002.3.6.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy

Package

Name: saltbundlepy
Purl: pkg:rpm/suse/saltbundlepy&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.13-70002.4.9.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy-core

Package

Name: saltbundlepy-core
Purl: pkg:rpm/suse/saltbundlepy-core&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.11.13-70002.4.9.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy-m2crypto

Package

Name: saltbundlepy-m2crypto
Purl: pkg:rpm/suse/saltbundlepy-m2crypto&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.45.1-70002.3.9.2

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy-pyzmq

Package

Name: saltbundlepy-pyzmq
Purl: pkg:rpm/suse/saltbundlepy-pyzmq&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

25.1.2-70002.3.9.2

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy-simplejson

Package

Name: saltbundlepy-simplejson
Purl: pkg:rpm/suse/saltbundlepy-simplejson&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.19.1-70002.3.6.2

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

saltbundlepy-tornado

Package

Name: saltbundlepy-tornado
Purl: pkg:rpm/suse/saltbundlepy-tornado&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.3.2-70002.4.6.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

spacecmd

Package

Name: spacecmd
Purl: pkg:rpm/suse/spacecmd&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.1.13-70002.3.9.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"

venv-salt-minion

Package

Name: venv-salt-minion
Purl: pkg:rpm/suse/venv-salt-minion&distro=SUSE:RES-7:Update:Products:MultiLinuxManagerTools:Update

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3006.0-70002.5.12.1

Ecosystem specific

{
    "binaries": [
        {
            "saltbundlepy-simplejson": "3.19.1-70002.3.6.2",
            "spacecmd": "5.1.13-70002.3.9.1",
            "saltbundlepy-testsuite": "3.11.13-70002.4.9.1",
            "saltbundlepy-dbm": "3.11.13-70002.4.9.1",
            "saltbundlepy-pyzmq": "25.1.2-70002.3.9.2",
            "saltbundlepy-pyzmq-devel": "25.1.2-70002.3.9.2",
            "saltbundlepy-base": "3.11.13-70002.4.9.1",
            "golang-github-lusitaniae-apache_exporter": "1.0.10-70002.3.6.1",
            "saltbundlepy-devel": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto": "0.45.1-70002.3.9.2",
            "saltbundlepy": "3.11.13-70002.4.9.1",
            "saltbundlepy-tools": "3.11.13-70002.4.9.1",
            "saltbundlepy-m2crypto-doc": "0.45.1-70002.3.9.2",
            "saltbundlepy-curses": "3.11.13-70002.4.9.1",
            "saltbundlepy-libs": "3.11.13-70002.4.9.1",
            "saltbundlepy-tornado": "6.3.2-70002.4.6.1",
            "venv-salt-minion": "3006.0-70002.5.12.1"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1521-1.json"