Security update for salt (critical)

An update that solves 10 vulnerabilities and has two fixes
is now available.

Description:

This update for salt fixes the following issues:

• Fix regression on cmd.run when passing tuples as cmd (bsc#1182740)
• Allow extra_filerefs as sanitized kwargs for SSH client
• Fix errors with virt.update
• Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972)
  (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281)
  (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197)
  (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559)
  (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564)
  (bsc#1181565)
• virt: search for grub.xen path
• Xen spicevmc, DNS SRV records backports:
  • Fix virtual network generated DNS XML for SRV records
  • Don’t add spicevmc channel to xen VMs
• virt UEFI fix: virt.update when efi=True

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

• openSUSE Leap 15.2:

  zypper in -t patch openSUSE-2021-347=1