1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:1058-1

[SUSE-SU-2022:1058-1] Security update for salt

Severity Important
Affected Packages 51
CVEs 4
Info Packages References Vulnerabilities

Security update for salt

This update for salt fixes the following issues:

  • CVE-2022-22935: Sign authentication replies to prevent MiTM (bsc#1197417)
  • CVE-2022-22934: Sign pillar data to prevent MiTM attacks. (bsc#1197417)
  • CVE-2022-22936: Prevent job and fileserver replays (bsc#1197417)
  • CVE-2022-22941: Fixed targeting bug, especially visible when using syndic and user auth. (bsc#1197417)
Package Affected Version
pkg:rpm/suse/salt?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-zsh-completion?arch=noarch&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-transactional-update?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-transactional-update?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-transactional-update?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-transactional-update?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-syndic?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-syndic?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-syndic?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-syndic?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-standalone-formulas-configuration?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-standalone-formulas-configuration?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-standalone-formulas-configuration?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-standalone-formulas-configuration?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-ssh?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-ssh?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-ssh?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-ssh?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-proxy?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-proxy?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-proxy?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-proxy?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-minion?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-minion?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-minion?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-minion?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-master?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-master?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-master?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-master?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-fish-completion?arch=noarch&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-doc?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-doc?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-doc?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-doc?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-cloud?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-cloud?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-cloud?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-cloud?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-bash-completion?arch=noarch&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-api?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-api?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-api?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/salt-api?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/python3-salt?arch=x86_64&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/python3-salt?arch=s390x&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/python3-salt?arch=ppc64le&distro=sles-15&sp=1 < 3002.2-150100.57.1
pkg:rpm/suse/python3-salt?arch=aarch64&distro=sles-15&sp=1 < 3002.2-150100.57.1
ID
SUSE-SU-2022:1058-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20221058-1/
Published
2022-03-30T16:01:16
(2 years ago)
Modified
2022-03-30T16:01:16
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/salt?arch=x86_64&distro=sles-15&sp=1 suse salt < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt?arch=s390x&distro=sles-15&sp=1 suse salt < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt?arch=ppc64le&distro=sles-15&sp=1 suse salt < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt?arch=aarch64&distro=sles-15&sp=1 suse salt < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-zsh-completion?arch=noarch&distro=sles-15&sp=1 suse salt-zsh-completion < 3002.2-150100.57.1 sles-15 noarch
Affected pkg:rpm/suse/salt-transactional-update?arch=x86_64&distro=sles-15&sp=1 suse salt-transactional-update < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-transactional-update?arch=s390x&distro=sles-15&sp=1 suse salt-transactional-update < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-transactional-update?arch=ppc64le&distro=sles-15&sp=1 suse salt-transactional-update < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-transactional-update?arch=aarch64&distro=sles-15&sp=1 suse salt-transactional-update < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-syndic?arch=x86_64&distro=sles-15&sp=1 suse salt-syndic < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-syndic?arch=s390x&distro=sles-15&sp=1 suse salt-syndic < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-syndic?arch=ppc64le&distro=sles-15&sp=1 suse salt-syndic < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-syndic?arch=aarch64&distro=sles-15&sp=1 suse salt-syndic < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-standalone-formulas-configuration?arch=x86_64&distro=sles-15&sp=1 suse salt-standalone-formulas-configuration < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-standalone-formulas-configuration?arch=s390x&distro=sles-15&sp=1 suse salt-standalone-formulas-configuration < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-standalone-formulas-configuration?arch=ppc64le&distro=sles-15&sp=1 suse salt-standalone-formulas-configuration < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-standalone-formulas-configuration?arch=aarch64&distro=sles-15&sp=1 suse salt-standalone-formulas-configuration < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-ssh?arch=x86_64&distro=sles-15&sp=1 suse salt-ssh < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-ssh?arch=s390x&distro=sles-15&sp=1 suse salt-ssh < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-ssh?arch=ppc64le&distro=sles-15&sp=1 suse salt-ssh < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-ssh?arch=aarch64&distro=sles-15&sp=1 suse salt-ssh < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-proxy?arch=x86_64&distro=sles-15&sp=1 suse salt-proxy < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-proxy?arch=s390x&distro=sles-15&sp=1 suse salt-proxy < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-proxy?arch=ppc64le&distro=sles-15&sp=1 suse salt-proxy < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-proxy?arch=aarch64&distro=sles-15&sp=1 suse salt-proxy < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-minion?arch=x86_64&distro=sles-15&sp=1 suse salt-minion < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-minion?arch=s390x&distro=sles-15&sp=1 suse salt-minion < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-minion?arch=ppc64le&distro=sles-15&sp=1 suse salt-minion < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-minion?arch=aarch64&distro=sles-15&sp=1 suse salt-minion < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-master?arch=x86_64&distro=sles-15&sp=1 suse salt-master < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-master?arch=s390x&distro=sles-15&sp=1 suse salt-master < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-master?arch=ppc64le&distro=sles-15&sp=1 suse salt-master < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-master?arch=aarch64&distro=sles-15&sp=1 suse salt-master < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-fish-completion?arch=noarch&distro=sles-15&sp=1 suse salt-fish-completion < 3002.2-150100.57.1 sles-15 noarch
Affected pkg:rpm/suse/salt-doc?arch=x86_64&distro=sles-15&sp=1 suse salt-doc < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-doc?arch=s390x&distro=sles-15&sp=1 suse salt-doc < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-doc?arch=ppc64le&distro=sles-15&sp=1 suse salt-doc < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-doc?arch=aarch64&distro=sles-15&sp=1 suse salt-doc < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-cloud?arch=x86_64&distro=sles-15&sp=1 suse salt-cloud < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-cloud?arch=s390x&distro=sles-15&sp=1 suse salt-cloud < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-cloud?arch=ppc64le&distro=sles-15&sp=1 suse salt-cloud < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-cloud?arch=aarch64&distro=sles-15&sp=1 suse salt-cloud < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/salt-bash-completion?arch=noarch&distro=sles-15&sp=1 suse salt-bash-completion < 3002.2-150100.57.1 sles-15 noarch
Affected pkg:rpm/suse/salt-api?arch=x86_64&distro=sles-15&sp=1 suse salt-api < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/salt-api?arch=s390x&distro=sles-15&sp=1 suse salt-api < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/salt-api?arch=ppc64le&distro=sles-15&sp=1 suse salt-api < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/salt-api?arch=aarch64&distro=sles-15&sp=1 suse salt-api < 3002.2-150100.57.1 sles-15 aarch64
Affected pkg:rpm/suse/python3-salt?arch=x86_64&distro=sles-15&sp=1 suse python3-salt < 3002.2-150100.57.1 sles-15 x86_64
Affected pkg:rpm/suse/python3-salt?arch=s390x&distro=sles-15&sp=1 suse python3-salt < 3002.2-150100.57.1 sles-15 s390x
Affected pkg:rpm/suse/python3-salt?arch=ppc64le&distro=sles-15&sp=1 suse python3-salt < 3002.2-150100.57.1 sles-15 ppc64le
Affected pkg:rpm/suse/python3-salt?arch=aarch64&distro=sles-15&sp=1 suse python3-salt < 3002.2-150100.57.1 sles-15 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date