1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2022:1059-1

[SUSE-SU-2022:1059-1] Security update for salt

Severity Important
Affected Packages 12
CVEs 4
Info Packages References Vulnerabilities

Security update for salt

This update for salt fixes the following issues:

  • CVE-2022-22935: Sign authentication replies to prevent MiTM (bsc#1197417)
  • CVE-2022-22934: Sign pillar data to prevent MiTM attacks. (bsc#1197417)
  • CVE-2022-22936: Prevent job and fileserver replays (bsc#1197417)
  • CVE-2022-22941: Fixed targeting bug, especially visible when using syndic and user auth. (bsc#1197417)
Package Affected Version
pkg:rpm/suse/salt?arch=x86_64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt?arch=s390x&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt?arch=aarch64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-transactional-update?arch=x86_64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-transactional-update?arch=s390x&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-transactional-update?arch=aarch64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-minion?arch=x86_64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-minion?arch=s390x&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/salt-minion?arch=aarch64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/python3-salt?arch=x86_64&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/python3-salt?arch=s390x&distro=slem-5 < 3002.2-150300.53.10.1
pkg:rpm/suse/python3-salt?arch=aarch64&distro=slem-5 < 3002.2-150300.53.10.1
ID
SUSE-SU-2022:1059-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2022/suse-su-20221059-1/
Published
2022-03-30T15:33:12
(2 years ago)
Modified
2022-03-30T15:33:12
(2 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/salt?arch=x86_64&distro=slem-5 suse salt < 3002.2-150300.53.10.1 slem-5 x86_64
Affected pkg:rpm/suse/salt?arch=s390x&distro=slem-5 suse salt < 3002.2-150300.53.10.1 slem-5 s390x
Affected pkg:rpm/suse/salt?arch=aarch64&distro=slem-5 suse salt < 3002.2-150300.53.10.1 slem-5 aarch64
Affected pkg:rpm/suse/salt-transactional-update?arch=x86_64&distro=slem-5 suse salt-transactional-update < 3002.2-150300.53.10.1 slem-5 x86_64
Affected pkg:rpm/suse/salt-transactional-update?arch=s390x&distro=slem-5 suse salt-transactional-update < 3002.2-150300.53.10.1 slem-5 s390x
Affected pkg:rpm/suse/salt-transactional-update?arch=aarch64&distro=slem-5 suse salt-transactional-update < 3002.2-150300.53.10.1 slem-5 aarch64
Affected pkg:rpm/suse/salt-minion?arch=x86_64&distro=slem-5 suse salt-minion < 3002.2-150300.53.10.1 slem-5 x86_64
Affected pkg:rpm/suse/salt-minion?arch=s390x&distro=slem-5 suse salt-minion < 3002.2-150300.53.10.1 slem-5 s390x
Affected pkg:rpm/suse/salt-minion?arch=aarch64&distro=slem-5 suse salt-minion < 3002.2-150300.53.10.1 slem-5 aarch64
Affected pkg:rpm/suse/python3-salt?arch=x86_64&distro=slem-5 suse python3-salt < 3002.2-150300.53.10.1 slem-5 x86_64
Affected pkg:rpm/suse/python3-salt?arch=s390x&distro=slem-5 suse python3-salt < 3002.2-150300.53.10.1 slem-5 s390x
Affected pkg:rpm/suse/python3-salt?arch=aarch64&distro=slem-5 suse python3-salt < 3002.2-150300.53.10.1 slem-5 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date