SUSE: 2020:14404-1 moderate: Security Beta SUSE Manager Client Tools
Summary
This update fixes the following issues: salt: - Require python3-distro only for TW (bsc#1173072) - Various virt backports from 3000.2 - Avoid traceback on debug logging for swarm module (bsc#1172075) - Add publish_batch to ClearFuncs exposed methods - Zypperpkg: filter patterns that start with dot (bsc#1171906) - Batch mode now also correctly provides return value (bsc#1168340) - Add docker.logout to docker execution module (bsc#1165572) - Testsuite fix - Add option to enable/disable force refresh for zypper - Python3.8 compatibility changes - Prevent sporious "salt-api" stuck processes when managing SSH minions because of logging deadlock (bsc#1159284) - Avoid segfault from "salt-api" under certain conditions of heavy load managing SSH minions (bsc#1169604) - Revert broken changes to slspath made on Salt 3000 (saltstack/salt#56341) (bsc#1170104) - Returns a the list of IPs filtered by the optional network list - Fix CVE-2020-11651 and CVE-2020-11652 (bsc#1170595) - Do not require vendored backports-abc (bsc#1170288) - Fix partition.mkpart to work without fstype (bsc#1169800) spacecmd: - Only report real error, not result (bsc#1171687) - Use defined return values for spacecmd methods so scripts can check for failure (bsc#1171687) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA: zypper in -t patch suse-ubu164ct-client-tools-beta-202006-14404=1 Package List: - SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA (all): salt-common-3000+ds-1+9.17.1 salt-minion-3000+ds-1+9.17.1 spacecmd-4.1.4-2.9.4
References
#1159284 #1165572 #1168340 #1169604 #1169800
#1170104 #1170288 #1170595 #1171687 #1171906
#1172075 #1173072
Cross- CVE-2020-11651 CVE-2020-11652
Affected Products:
SUSE Manager Ubuntu 16.04-CLIENT-TOOLS-BETA
https://www.suse.com/security/cve/CVE-2020-11651.html
https://www.suse.com/security/cve/CVE-2020-11652.html
https://bugzilla.suse.com/1159284
https://bugzilla.suse.com/1165572
https://bugzilla.suse.com/1168340
https://bugzilla.suse.com/1169604
https://bugzilla.suse.com/1169800
https://bugzilla.suse.com/1170104
https://bugzilla.suse.com/1170288
https://bugzilla.suse.com/1170595
https://bugzilla.suse.com/1171687
https://bugzilla.suse.com/1171906
https://bugzilla.suse.com/1172075
https://bugzilla.suse.com/1173072