SUSE-SU-2026:1525-1

See a problem?
Please try reporting it to the source first.

Source

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2026:1525-1

Upstream

Related

Published

2026-04-21T09:26:32Z

Modified

2026-04-22T08:16:43.516804Z

Summary

Security update 5.1.3 for Multi-Linux Manager Salt Bundle

Details

This update fixes the following issues:

venv-salt-minion:

Security issues fixed:
- CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing (bsc#1259554)
Added x8664v2 as a possible rpm package architecture
Make users with backslash working for salt-ssh (bsc#1254629)
Fixed ansible.playbooks extra-vars quoting (bsc#1257831)
Fixed virtualenv call in test helper to use proper python version
Fixed the issue preventing SELinux profile to be loaded on SLES 16 deployed using cloud images (bsc#1258957)
Fixed the typo causing buiding EL9 bundle without binary dependencies

References

Affected packages

Name: venv-salt-minion
Purl: pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3006.0-150002.5.12.2

{
    "binaries": [
        {
            "venv-salt-minion": "3006.0-150002.5.12.2"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1525-1.json"

Name: venv-salt-minion
Purl: pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3006.0-150002.5.12.2

{
    "binaries": [
        {
            "venv-salt-minion": "3006.0-150002.5.12.2"
        }
    ]
}

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1525-1.json"