Security update for salt

This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...

openSUSE 16 Security Update : salt (openSUSE-SU-2026:20412-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20412-1 advisory. Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed Do...

SUSE SLES15 Security Update : salt (SUSE-SU-2026:1030-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1030-1 advisory. - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious...

SUSE-SU-2026:1030-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

SUSE-SU-2026:20825-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fix DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fix HTTP header parameter parsing algorithm bsc1254904 - Fixed KeyError i...

Security update 5.1.1.1 for Multi-Linux Manager Client Tools

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...

PT-2024-40255 · Packagist · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: No vulnerable software versions are specified. Description: The issue concerns the internal salt used for password hashing not being updated when a user changes their password. This behavior has been improved to reset the salt upon password...

openSUSE: Security Advisory for salt (SUSE-SU-2023:4388-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2024:0509-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

SUSE-SU-2024:0506-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 Bugs fixed: - Ensur...

SUSE-SU-2023:4388-1 Security update for salt

This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack bsc1215157 Bugs fixed: - Fix optimizationorder opt to prevent testsuite fails - Improve salt.utils.json.findjson to avoid fails bsc1213293 - Use salt-call from sal...

SUSE-SU-2023:2585-1 Security update for salt and python-pyzmq

This update for salt and python-pyzmq fixes the following issues: salt: - Update to Salt release version 3006.0 jscPED-4361 See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add...

PT-2023-36194 · Suse · Suse Linux Enterprise Micro

Name of the Vulnerable Software and Affected Versions: salt versions prior to 3006.0 python-jmespath affected versions not specified python-ply affected versions not specified Description: The issue is related to an update for salt that fixes several problems, including collections Mapping issues...

SUSE-RU-2022:1392-1 Recommended update for salt

This update for salt fixes the following issues: - Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil bsc1197533 - Prevent data pollution between actions processed at the same time bsc1197637 - Fix salt-ssh opts poisoning bsc1197637 - Clear network...

SUSE-SU-2022:1057-1 Security update for salt

This update for salt fixes the following issues: - CVE-2022-22935: Sign authentication replies to prevent MiTM bsc1197417 - CVE-2022-22934: Sign pillar data to prevent MiTM attacks. bsc1197417 - CVE-2022-22936: Prevent job and fileserver replays bsc1197417 - CVE-2022-22941: Fixed targeting bug,...

DLA-2823-2 salt - regression update

Bulletin has no description...

OPENSUSE-SU-2021:3557-1 Security update for salt

This update for salt fixes the following issues: - CVE-2021-21996: Exclude the full path of a download URL to prevent injection of malicious code. bsc1190265...

Security update for salt (critical)

openSUSE Security Update: Security update for salt Announcement ID: openSUSE-SU-2021:2106-1 Rating: critical References: 1171257 1176293 1179831 1181368 1182281 1182293 1182382 1185092 1185281 1186674 ECO-3212 SLE-18028 SLE-18033 Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651...

OPENSUSE-SU-2021:0899-1 Security update for salt

This update for salt fixes the following issues: Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Check if dpkgnotify is executable bsc1186674 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - virt module updates network: handle missing ipv4...