SUSE-SU-2018:3815-1 -- SLES salt, python2-salt, python3-saltID: oval:org.secpod.oval:def:89049635 | Date: (C)2023-12-20 (M)2023-12-26 |
Class: PATCH | Family: unix |
This update for salt fixes the following issues: Security issues fixed: - CVE-2018-15750: Fixed directory traversal vulnerability in salt-api . - CVE-2018-15751: Fixed remote authentication bypass in salt-api that allows to execute arbitrary commands . Non-security issues fixed: - Improved handling of LDAP group id. gid is no longer treated as a string, which could have lead to faulty group creations . - Fixed async call to process manager . - Fixed OS arch detection when RPM is not installed .
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Desktop 15 |
Product: |
salt |
python2-salt |
python3-salt |