85 matches found
Security update for salt
This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...
Security update for salt
This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update for salt
This update for salt fixes the following issue: Security issues fixed: CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 Harden Torna...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.0.8 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...
Security update 5.1.3 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing bsc1259554 Added x8664v2 as a possible rpm package architecture Make users with backslash working for salt-ssh...
SUSE-SU-2026:1525-1 Security update 5.1.3 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2026-31958: Security patch for Salt vendored tornado: Added limits on multipart form data parsing bsc1259554 - Added x8664v2 as a possible rpm package architecture - Make users with backslash working for salt-s...
Security update 5.1.3 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Backport security patch for Salt vendored tornado bsc1259554: CVE-2026-31958: Add limits on multipart form data parsing Add x8664v2 as a possible rpm package architecture Make users with backslash working for salt-ssh bsc1254629 Fix...
SUSE-SU-2026:1523-1 Security update 5.1.3 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Backport security patch for Salt vendored tornado bsc1259554: CVE-2026-31958: Add limits on multipart form data parsing - Add x8664v2 as a possible rpm package architecture - Make users with backslash working for salt-ssh bsc1254629 - Fi...
Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: Internal changes to fix build issues with no impact for customers spacecmd: Version 5.1.13-0 Updated translation strings venv-salt-minion: Security issues fixed: CVE-2026-31958: Security patch for Salt vendored...
SUSE-SU-2026:1520-1 Security update 5.1.3 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-lusitaniae-apacheexporter: - Internal changes to fix build issues with no impact for customers spacecmd: - Version 5.1.13-0 Updated translation strings uyuni-tools: - Version 5.1.26-0 Fixed applying PTF with images from RPMs bsc1252548 Ssl Key...
OPENSUSE-SU-2026:20000-1 Security update for salt
This update for salt fixes the following issues: Changes in salt: - Add minimumauthversion to enforce security CVE-2025-62349 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 - Junos module yaml loader fix CVE-2025-62348 - Require Python dependencies onl...
EUVD-2013-0039
Malware in sbrugna...
EUVD-2013-0038
Malware in sbrugna...
EUVD-2024-3190
Malicious code in bioql PyPI...
Salt preflight script could be attacker controlled
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...
GHSA-4277-M35Q-7C9W Salt preflight script could be attacker controlled
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...
CVE-2023-34049
The Salt-SSH pre-flight option copies the script to the target at a predictable path, which allows an attacker to force Salt-SSH to run their script. If an attacker has access to the target VM and knows the path to the pre-flight script before it runs they can ensure Salt-SSH runs their script wi...