Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2020-16846
Vulnerability from cvelistv5
Published
2020-11-06 07:27
Modified
2025-02-07 13:57
Severity ?
EPSS score ?
Summary
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
References
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2021-11-03
Due date: 2022-05-03
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-16846
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T13:45:33.237Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2020-16846", options: [ { Exploitation: "active", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:49:59.119196Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-11-03", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-16846", }, type: "kev", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-78", description: "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-07T13:57:33.897Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-03T21:06:05.000Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/saltstack/salt/releases", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202011-13", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-16846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/releases", refsource: "MISC", url: "https://github.com/saltstack/salt/releases", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-13", }, { name: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-16846", datePublished: "2020-11-06T07:27:24.000Z", dateReserved: "2020-08-04T00:00:00.000Z", dateUpdated: "2025-02-07T13:57:33.897Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { cisa_known_exploited: { cveID: "CVE-2020-16846", cwes: "[\"CWE-78\"]", dateAdded: "2021-11-03", dueDate: "2022-05-03", knownRansomwareCampaignUse: "Unknown", notes: "https://nvd.nist.gov/vuln/detail/CVE-2020-16846", product: "Salt", requiredAction: "Apply updates per vendor instructions.", shortDescription: "SaltStack Salt allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt API using the SSH client. This vulnerability affects any users running the Salt API.", vendorProject: "SaltStack", vulnerabilityName: "SaltStack Salt Shell Injection Vulnerability", }, nvd: "{\"cve\":{\"id\":\"CVE-2020-16846\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-11-06T08:15:13.283\",\"lastModified\":\"2025-03-14T17:28:24.490\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.\"},{\"lang\":\"es\",\"value\":\"Se detectó un problema en SaltStack Salt versiones hasta 3002. El envío de peticiones web diseñadas a la Salt API, con el cliente SSH habilitado, puede resultar en una inyección shell\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"SaltStack Salt Shell Injection Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2015.8.10\",\"matchCriteriaId\":\"0F9405E3-F2B0-41BA-A39D-61BB38475A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2015.8.11\",\"versionEndExcluding\":\"2015.8.13\",\"matchCriteriaId\":\"A35C23D3-82D4-46E7-BF08-9229C04C0C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.3.0\",\"versionEndExcluding\":\"2016.3.4\",\"matchCriteriaId\":\"B4741BD5-4C40-48BC-A2C1-E6AB33818201\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.3.5\",\"versionEndExcluding\":\"2016.3.6\",\"matchCriteriaId\":\"7D28A2B5-316A-45DC-AC85-A0F743C4B3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.3.7\",\"versionEndExcluding\":\"2016.3.8\",\"matchCriteriaId\":\"17C96153-85C1-45DC-A48B-46A3900246E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.11.0\",\"versionEndExcluding\":\"2016.11.3\",\"matchCriteriaId\":\"B0A54497-D7E2-4A2C-9719-4D992B296498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.11.4\",\"versionEndExcluding\":\"2016.11.6\",\"matchCriteriaId\":\"920C57AF-6E88-465A-83FA-AB947D4C6F0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2016.11.7\",\"versionEndExcluding\":\"2016.11.10\",\"matchCriteriaId\":\"11D84847-0C8A-473A-9186-46FABD7BB59A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2017.5.0\",\"versionEndExcluding\":\"2017.7.4\",\"matchCriteriaId\":\"C45ACC11-CA9B-4451-B6DD-BD784349CDE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2017.7.5\",\"versionEndExcluding\":\"2017.7.8\",\"matchCriteriaId\":\"BD998745-FA62-4894-A4FC-767F0DE131B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2018.2.0\",\"versionEndExcluding\":\"2018.3.5\",\"matchCriteriaId\":\"9747884A-8B29-42C9-BF5E-5B6D883A78E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2019.2.0\",\"versionEndExcluding\":\"2019.2.5\",\"matchCriteriaId\":\"F7A2912C-7F48-465D-B7F2-93ECD0D0CB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3000.0\",\"versionEndExcluding\":\"3000.3\",\"matchCriteriaId\":\"D64191C4-C3D3-4615-B7D5-26ADA8BD7C7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CAD70E-E77C-4010-B224-CEE3968CB6A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:saltstack:salt:3002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5D7215A-820E-446C-844C-DC4C61BD1884\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/saltstack/salt/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202011-13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4837\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/saltstack/salt/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.gentoo.org/glsa/202011-13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4837\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/saltstack/salt/releases\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/\", \"name\": \"FEDORA-2020-9e040bd6dd\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html\", \"name\": \"openSUSE-SU-2020:1868\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202011-13\", \"name\": \"GLSA-202011-13\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html\", \"name\": \"[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4837\", \"name\": \"DSA-4837\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html\", \"name\": \"[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T13:45:33.237Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-16846\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-07T13:49:59.119196Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-16846\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-78\", \"description\": \"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T13:50:03.280Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/saltstack/salt/releases\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/\", \"name\": \"FEDORA-2020-9e040bd6dd\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html\", \"name\": \"openSUSE-SU-2020:1868\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://security.gentoo.org/glsa/202011-13\", \"name\": \"GLSA-202011-13\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html\", \"name\": \"[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://www.debian.org/security/2021/dsa-4837\", \"name\": \"DSA-4837\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html\", \"name\": \"[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2022-01-03T21:06:05.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/saltstack/salt/releases\", \"name\": \"https://github.com/saltstack/salt/releases\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\", \"name\": \"https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/\", \"name\": \"FEDORA-2020-9e040bd6dd\", \"refsource\": \"FEDORA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html\", \"name\": \"openSUSE-SU-2020:1868\", \"refsource\": \"SUSE\"}, {\"url\": \"https://security.gentoo.org/glsa/202011-13\", \"name\": \"GLSA-202011-13\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1381/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1383/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1380/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1379/\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\", \"name\": \"https://www.zerodayinitiative.com/advisories/ZDI-20-1382/\", \"refsource\": \"MISC\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html\", \"name\": \"[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://www.debian.org/security/2021/dsa-4837\", \"name\": \"DSA-4837\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html\", \"name\": \"[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update\", \"refsource\": \"MLIST\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-16846\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2020-16846\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-07T13:57:33.897Z\", \"dateReserved\": \"2020-08-04T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2020-11-06T07:27:24.000Z\", \"assignerShortName\": \"mitre\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
WID-SEC-W-2024-1801
Vulnerability from csaf_certbund
Published
2020-11-03 23:00
Modified
2025-01-06 23:00
Summary
SaltStack Salt: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Salt bietet Infrastrukturverwaltung auf der Grundlage eines dynamischen Kommunikationsbusses.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SaltStack Salt ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen und die Authentisierung zu umgehen.
Betroffene Betriebssysteme
- Linux
- UNIX
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Salt bietet Infrastrukturverwaltung auf der Grundlage eines dynamischen Kommunikationsbusses.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SaltStack Salt ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen und die Authentisierung zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux\n- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1801 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-1801.json", }, { category: "self", summary: "WID-SEC-2024-1801 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1801", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.6.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3000.4.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3001.2.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3002.1.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.7.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3000.5.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3001.3.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3155-1 vom 2020-11-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007693.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3171-1 vom 2020-11-05", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007705.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3244-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007719.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3250-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007714.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14537-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007723.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3245-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007716.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3243-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007724.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14535-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007718.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3251-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007729.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3235-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007717.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14538-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007715.html", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202011-8 vom 2020-11-09", url: "https://security.archlinux.org/ASA-202011-8/generate", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202011-8 vom 2020-11-10", url: "https://security.archlinux.org/ASA-202011-8/generate", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202011-13 vom 2020-11-11", url: "https://security.gentoo.org/glsa/202011-13", }, { category: "external", summary: "Debian Security Advisory DLA-2480 vom 2020-12-04", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14563-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008061.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14562-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008062.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14564-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008060.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14570-1 vom 2020-12-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008073.html", }, { category: "external", summary: "Debian Security Advisory DSA-4837 vom 2021-01-24", url: "https://www.debian.org/security/2021/dsa-4837", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0315-1 vom 2021-02-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008280.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0316-1 vom 2021-02-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008281.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14624-1 vom 2021-02-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008325.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14623-1 vom 2021-02-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008324.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0480-1 vom 2021-02-15", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008329.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2106-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009063.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2105-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009057.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6948-1 vom 2024-08-08", url: "https://ubuntu.com/security/notices/USN-6948-1", }, { category: "external", summary: "Ubuntu Security Notice USN-7181-1 vom 2025-01-06", url: "https://ubuntu.com/security/notices/USN-7181-1", }, ], source_lang: "en-US", title: "SaltStack Salt: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-06T23:00:00.000+00:00", generator: { date: "2025-01-07T09:19:16.578+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1801", initial_release_date: "2020-11-03T23:00:00.000+00:00", revision_history: [ { date: "2020-11-03T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-11-04T23:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-05T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-08T23:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-09T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2020-11-10T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2020-12-06T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-12-14T23:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-12-15T23:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-01-24T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-02-08T23:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-14T23:00:00.000+00:00", number: "12", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-15T23:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-06-21T22:00:00.000+00:00", number: "14", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2025-01-06T23:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "16", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<2019.2.6", product: { name: "SaltStack Salt <2019.2.6", product_id: "T017610", }, }, { category: "product_version", name: "2019.2.6", product: { name: "SaltStack Salt 2019.2.6", product_id: "T017610-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:2019.2.6", }, }, }, { category: "product_version_range", name: "<3000.4", product: { name: "SaltStack Salt <3000.4", product_id: "T017611", }, }, { category: "product_version", name: "3000.4", product: { name: "SaltStack Salt 3000.4", product_id: "T017611-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3000.4", }, }, }, { category: "product_version_range", name: "<3001.2", product: { name: "SaltStack Salt <3001.2", product_id: "T017612", }, }, { category: "product_version", name: "3001.2", product: { name: "SaltStack Salt 3001.2", product_id: "T017612-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3001.2", }, }, }, { category: "product_version_range", name: "<3002.1", product: { name: "SaltStack Salt <3002.1", product_id: "T017613", }, }, { category: "product_version", name: "3002.1", product: { name: "SaltStack Salt 3002.1", product_id: "T017613-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3002.1", }, }, }, { category: "product_version_range", name: "<2019.2.7", product: { name: "SaltStack Salt <2019.2.7", product_id: "T017614", }, }, { category: "product_version", name: "2019.2.7", product: { name: "SaltStack Salt 2019.2.7", product_id: "T017614-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:2019.2.7", }, }, }, { category: "product_version_range", name: "<3000.5", product: { name: "SaltStack Salt <3000.5", product_id: "T017615", }, }, { category: "product_version", name: "3000.5", product: { name: "SaltStack Salt 3000.5", product_id: "T017615-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3000.5", }, }, }, { category: "product_version_range", name: "<3001.3", product: { name: "SaltStack Salt <3001.3", product_id: "T017616", }, }, { category: "product_version", name: "3001.3", product: { name: "SaltStack Salt 3001.3", product_id: "T017616-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3001.3", }, }, }, ], category: "product_name", name: "Salt", }, ], category: "vendor", name: "SaltStack", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Hierbei handelt es sich um eine Shell Injection Schwachstelle im netapi ssh Client. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um Code zur Ausführung zu bringen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Das tls-Ausführungsmodul erstellt weltweit lesbare private Schlüssel. Ein Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Wenn Salt ssh über die salt-api aufgerufen wird, wird eauth nicht ordnungsgemäß validiert. Ein Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung zu umgehen und Salt ssh aufzurufen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-25592", }, ], }
wid-sec-w-2024-1801
Vulnerability from csaf_certbund
Published
2020-11-03 23:00
Modified
2025-01-06 23:00
Summary
SaltStack Salt: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Salt bietet Infrastrukturverwaltung auf der Grundlage eines dynamischen Kommunikationsbusses.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SaltStack Salt ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen und die Authentisierung zu umgehen.
Betroffene Betriebssysteme
- Linux
- UNIX
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Salt bietet Infrastrukturverwaltung auf der Grundlage eines dynamischen Kommunikationsbusses.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in SaltStack Salt ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen und die Authentisierung zu umgehen.", title: "Angriff", }, { category: "general", text: "- Linux\n- UNIX", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1801 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2024-1801.json", }, { category: "self", summary: "WID-SEC-2024-1801 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1801", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.6.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3000.4.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3001.2.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3002.1.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/2019.2.7.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3000.5.html", }, { category: "external", summary: "SALT RELEASE NOTES vom 2020-11-03", url: "https://docs.saltstack.com/en/latest/topics/releases/3001.3.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3155-1 vom 2020-11-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007693.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3171-1 vom 2020-11-05", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007705.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3244-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007719.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3250-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007714.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14537-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007723.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3245-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007716.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3243-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007724.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14535-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007718.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3251-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007729.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:3235-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007717.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14538-1 vom 2020-11-06", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007715.html", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202011-8 vom 2020-11-09", url: "https://security.archlinux.org/ASA-202011-8/generate", }, { category: "external", summary: "Arch Linux Security Advisory ASA-202011-8 vom 2020-11-10", url: "https://security.archlinux.org/ASA-202011-8/generate", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202011-13 vom 2020-11-11", url: "https://security.gentoo.org/glsa/202011-13", }, { category: "external", summary: "Debian Security Advisory DLA-2480 vom 2020-12-04", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14563-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008061.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14562-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008062.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14564-1 vom 2020-12-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008060.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:14570-1 vom 2020-12-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-December/008073.html", }, { category: "external", summary: "Debian Security Advisory DSA-4837 vom 2021-01-24", url: "https://www.debian.org/security/2021/dsa-4837", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0315-1 vom 2021-02-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008280.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0316-1 vom 2021-02-08", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008281.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14624-1 vom 2021-02-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008325.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:14623-1 vom 2021-02-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008324.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:0480-1 vom 2021-02-15", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-February/008329.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2106-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009063.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2105-1 vom 2021-06-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-June/009057.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6948-1 vom 2024-08-08", url: "https://ubuntu.com/security/notices/USN-6948-1", }, { category: "external", summary: "Ubuntu Security Notice USN-7181-1 vom 2025-01-06", url: "https://ubuntu.com/security/notices/USN-7181-1", }, ], source_lang: "en-US", title: "SaltStack Salt: Mehrere Schwachstellen", tracking: { current_release_date: "2025-01-06T23:00:00.000+00:00", generator: { date: "2025-01-07T09:19:16.578+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-1801", initial_release_date: "2020-11-03T23:00:00.000+00:00", revision_history: [ { date: "2020-11-03T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2020-11-04T23:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-05T23:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-08T23:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-11-09T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Arch Linux aufgenommen", }, { date: "2020-11-10T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2020-12-06T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-12-14T23:00:00.000+00:00", number: "8", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-12-15T23:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-01-24T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Debian aufgenommen", }, { date: "2021-02-08T23:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-14T23:00:00.000+00:00", number: "12", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-02-15T23:00:00.000+00:00", number: "13", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-06-21T22:00:00.000+00:00", number: "14", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2024-08-08T22:00:00.000+00:00", number: "15", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2025-01-06T23:00:00.000+00:00", number: "16", summary: "Neue Updates von Ubuntu aufgenommen", }, ], status: "final", version: "16", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "Open Source Arch Linux", product: { name: "Open Source Arch Linux", product_id: "T013312", product_identification_helper: { cpe: "cpe:/o:archlinux:archlinux:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { branches: [ { category: "product_version_range", name: "<2019.2.6", product: { name: "SaltStack Salt <2019.2.6", product_id: "T017610", }, }, { category: "product_version", name: "2019.2.6", product: { name: "SaltStack Salt 2019.2.6", product_id: "T017610-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:2019.2.6", }, }, }, { category: "product_version_range", name: "<3000.4", product: { name: "SaltStack Salt <3000.4", product_id: "T017611", }, }, { category: "product_version", name: "3000.4", product: { name: "SaltStack Salt 3000.4", product_id: "T017611-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3000.4", }, }, }, { category: "product_version_range", name: "<3001.2", product: { name: "SaltStack Salt <3001.2", product_id: "T017612", }, }, { category: "product_version", name: "3001.2", product: { name: "SaltStack Salt 3001.2", product_id: "T017612-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3001.2", }, }, }, { category: "product_version_range", name: "<3002.1", product: { name: "SaltStack Salt <3002.1", product_id: "T017613", }, }, { category: "product_version", name: "3002.1", product: { name: "SaltStack Salt 3002.1", product_id: "T017613-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3002.1", }, }, }, { category: "product_version_range", name: "<2019.2.7", product: { name: "SaltStack Salt <2019.2.7", product_id: "T017614", }, }, { category: "product_version", name: "2019.2.7", product: { name: "SaltStack Salt 2019.2.7", product_id: "T017614-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:2019.2.7", }, }, }, { category: "product_version_range", name: "<3000.5", product: { name: "SaltStack Salt <3000.5", product_id: "T017615", }, }, { category: "product_version", name: "3000.5", product: { name: "SaltStack Salt 3000.5", product_id: "T017615-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3000.5", }, }, }, { category: "product_version_range", name: "<3001.3", product: { name: "SaltStack Salt <3001.3", product_id: "T017616", }, }, { category: "product_version", name: "3001.3", product: { name: "SaltStack Salt 3001.3", product_id: "T017616-fixed", product_identification_helper: { cpe: "cpe:/a:saltstack:salt:3001.3", }, }, }, ], category: "product_name", name: "Salt", }, ], category: "vendor", name: "SaltStack", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Hierbei handelt es sich um eine Shell Injection Schwachstelle im netapi ssh Client. Ein entfernter anonymer Angreifer kann diese Schwachstelle ausnutzen, um Code zur Ausführung zu bringen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Das tls-Ausführungsmodul erstellt weltweit lesbare private Schlüssel. Ein Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in SaltStack Salt. Wenn Salt ssh über die salt-api aufgerufen wird, wird eauth nicht ordnungsgemäß validiert. Ein Angreifer kann diese Schwachstelle ausnutzen, um die Authentifizierung zu umgehen und Salt ssh aufzurufen.", }, ], product_status: { known_affected: [ "T017610", "2951", "T002207", "T017611", "T017612", "T000126", "T017613", "T017614", "T013312", "T017615", "T017616", "T012167", ], }, release_date: "2020-11-03T23:00:00.000+00:00", title: "CVE-2020-25592", }, ], }
suse-su-2020:14538-1
Vulnerability from csaf_suse
Published
2020-11-06 15:59
Modified
2020-11-06 15:59
Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
cobbler:
- Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)
mgr-daemon:
- Update translation strings
salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
spacewalk-client-tools:
- Remove RH references in Python/Ruby localization and use the product name instead
Patchnames
slesctsp3-client-tools-202010-14538,slesctsp4-client-tools-202010-14538
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Client Tools", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\ncobbler:\n\n- Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)\n\nmgr-daemon:\n\n- Update translation strings\n\nsalt:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n\nspacecmd:\n\n- Python3 fixes for errata in spacecmd (bsc#1169664)\n- Added support for i18n of user-facing strings\n- Python3 fix for sorted usage (bsc#1167907)\n\nspacewalk-client-tools:\n\n- Remove RH references in Python/Ruby localization and use the product name instead\n\n", title: "Description of the patch", }, { category: "details", text: "slesctsp3-client-tools-202010-14538,slesctsp4-client-tools-202010-14538", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14538-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:14538-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-202014538-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:14538-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007715.html", }, { category: "self", summary: "SUSE Bug 1167907", url: "https://bugzilla.suse.com/1167907", }, { category: "self", summary: "SUSE Bug 1169664", url: "https://bugzilla.suse.com/1169664", }, { category: "self", summary: "SUSE Bug 1176978", url: "https://bugzilla.suse.com/1176978", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for SUSE Manager Client Tools", tracking: { current_release_date: "2020-11-06T15:59:37Z", generator: { date: "2020-11-06T15:59:37Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:14538-1", initial_release_date: "2020-11-06T15:59:37Z", revision_history: [ { date: "2020-11-06T15:59:37Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "koan-2.2.2-0.68.12.1.i586", product: { name: "koan-2.2.2-0.68.12.1.i586", product_id: "koan-2.2.2-0.68.12.1.i586", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-5.20.1.i586", product: { name: "mgr-daemon-4.1.3-5.20.1.i586", product_id: "mgr-daemon-4.1.3-5.20.1.i586", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-27.38.1.i586", product: { name: "python2-spacewalk-check-4.1.7-27.38.1.i586", product_id: "python2-spacewalk-check-4.1.7-27.38.1.i586", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586", product: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586", product_id: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586", product: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586", product_id: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586", }, }, { category: "product_version", name: "salt-2016.11.10-43.63.1.i586", product: { name: "salt-2016.11.10-43.63.1.i586", product_id: "salt-2016.11.10-43.63.1.i586", }, }, { category: "product_version", name: "salt-doc-2016.11.10-43.63.1.i586", product: { name: "salt-doc-2016.11.10-43.63.1.i586", product_id: "salt-doc-2016.11.10-43.63.1.i586", }, }, { category: "product_version", name: "salt-minion-2016.11.10-43.63.1.i586", product: { name: "salt-minion-2016.11.10-43.63.1.i586", product_id: "salt-minion-2016.11.10-43.63.1.i586", }, }, { category: "product_version", name: "spacecmd-4.1.8-18.72.1.i586", product: { name: "spacecmd-4.1.8-18.72.1.i586", product_id: "spacecmd-4.1.8-18.72.1.i586", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-27.38.1.i586", product: { name: "spacewalk-check-4.1.7-27.38.1.i586", product_id: "spacewalk-check-4.1.7-27.38.1.i586", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-27.38.1.i586", product: { name: "spacewalk-client-setup-4.1.7-27.38.1.i586", product_id: "spacewalk-client-setup-4.1.7-27.38.1.i586", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-27.38.1.i586", product: { name: "spacewalk-client-tools-4.1.7-27.38.1.i586", product_id: "spacewalk-client-tools-4.1.7-27.38.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "koan-2.2.2-0.68.12.1.ia64", product: { name: "koan-2.2.2-0.68.12.1.ia64", product_id: "koan-2.2.2-0.68.12.1.ia64", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-5.20.1.ia64", product: { name: "mgr-daemon-4.1.3-5.20.1.ia64", product_id: "mgr-daemon-4.1.3-5.20.1.ia64", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-27.38.1.ia64", product: { name: "python2-spacewalk-check-4.1.7-27.38.1.ia64", product_id: "python2-spacewalk-check-4.1.7-27.38.1.ia64", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", product: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", product_id: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", product: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", product_id: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", }, }, { category: "product_version", name: "salt-2016.11.10-43.63.1.ia64", product: { name: "salt-2016.11.10-43.63.1.ia64", product_id: "salt-2016.11.10-43.63.1.ia64", }, }, { category: "product_version", name: "salt-doc-2016.11.10-43.63.1.ia64", product: { name: "salt-doc-2016.11.10-43.63.1.ia64", product_id: "salt-doc-2016.11.10-43.63.1.ia64", }, }, { category: "product_version", name: "salt-minion-2016.11.10-43.63.1.ia64", product: { name: "salt-minion-2016.11.10-43.63.1.ia64", product_id: "salt-minion-2016.11.10-43.63.1.ia64", }, }, { category: "product_version", name: "spacecmd-4.1.8-18.72.1.ia64", product: { name: "spacecmd-4.1.8-18.72.1.ia64", product_id: "spacecmd-4.1.8-18.72.1.ia64", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-27.38.1.ia64", product: { name: "spacewalk-check-4.1.7-27.38.1.ia64", product_id: "spacewalk-check-4.1.7-27.38.1.ia64", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-27.38.1.ia64", product: { name: "spacewalk-client-setup-4.1.7-27.38.1.ia64", product_id: "spacewalk-client-setup-4.1.7-27.38.1.ia64", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-27.38.1.ia64", product: { name: "spacewalk-client-tools-4.1.7-27.38.1.ia64", product_id: "spacewalk-client-tools-4.1.7-27.38.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "koan-2.2.2-0.68.12.1.ppc64", product: { name: "koan-2.2.2-0.68.12.1.ppc64", product_id: "koan-2.2.2-0.68.12.1.ppc64", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-5.20.1.ppc64", product: { name: "mgr-daemon-4.1.3-5.20.1.ppc64", product_id: "mgr-daemon-4.1.3-5.20.1.ppc64", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-27.38.1.ppc64", product: { name: "python2-spacewalk-check-4.1.7-27.38.1.ppc64", product_id: "python2-spacewalk-check-4.1.7-27.38.1.ppc64", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", product: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", product_id: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", product: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", product_id: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, }, { category: "product_version", name: "salt-2016.11.10-43.63.1.ppc64", product: { name: "salt-2016.11.10-43.63.1.ppc64", product_id: "salt-2016.11.10-43.63.1.ppc64", }, }, { category: "product_version", name: "salt-doc-2016.11.10-43.63.1.ppc64", product: { name: "salt-doc-2016.11.10-43.63.1.ppc64", product_id: "salt-doc-2016.11.10-43.63.1.ppc64", }, }, { category: "product_version", name: "salt-minion-2016.11.10-43.63.1.ppc64", product: { name: "salt-minion-2016.11.10-43.63.1.ppc64", product_id: "salt-minion-2016.11.10-43.63.1.ppc64", }, }, { category: "product_version", name: "spacecmd-4.1.8-18.72.1.ppc64", product: { name: "spacecmd-4.1.8-18.72.1.ppc64", product_id: "spacecmd-4.1.8-18.72.1.ppc64", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-27.38.1.ppc64", product: { name: "spacewalk-check-4.1.7-27.38.1.ppc64", product_id: "spacewalk-check-4.1.7-27.38.1.ppc64", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-27.38.1.ppc64", product: { name: "spacewalk-client-setup-4.1.7-27.38.1.ppc64", product_id: "spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-27.38.1.ppc64", product: { name: "spacewalk-client-tools-4.1.7-27.38.1.ppc64", product_id: "spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "koan-2.2.2-0.68.12.1.s390x", product: { name: "koan-2.2.2-0.68.12.1.s390x", product_id: "koan-2.2.2-0.68.12.1.s390x", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-5.20.1.s390x", product: { name: "mgr-daemon-4.1.3-5.20.1.s390x", product_id: "mgr-daemon-4.1.3-5.20.1.s390x", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-27.38.1.s390x", product: { name: "python2-spacewalk-check-4.1.7-27.38.1.s390x", product_id: "python2-spacewalk-check-4.1.7-27.38.1.s390x", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", product: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", product_id: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", product: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", product_id: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", }, }, { category: "product_version", name: "salt-2016.11.10-43.63.1.s390x", product: { name: "salt-2016.11.10-43.63.1.s390x", product_id: "salt-2016.11.10-43.63.1.s390x", }, }, { category: "product_version", name: "salt-doc-2016.11.10-43.63.1.s390x", product: { name: "salt-doc-2016.11.10-43.63.1.s390x", product_id: "salt-doc-2016.11.10-43.63.1.s390x", }, }, { category: "product_version", name: "salt-minion-2016.11.10-43.63.1.s390x", product: { name: "salt-minion-2016.11.10-43.63.1.s390x", product_id: "salt-minion-2016.11.10-43.63.1.s390x", }, }, { category: "product_version", name: "spacecmd-4.1.8-18.72.1.s390x", product: { name: "spacecmd-4.1.8-18.72.1.s390x", product_id: "spacecmd-4.1.8-18.72.1.s390x", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-27.38.1.s390x", product: { name: "spacewalk-check-4.1.7-27.38.1.s390x", product_id: "spacewalk-check-4.1.7-27.38.1.s390x", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-27.38.1.s390x", product: { name: "spacewalk-client-setup-4.1.7-27.38.1.s390x", product_id: "spacewalk-client-setup-4.1.7-27.38.1.s390x", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-27.38.1.s390x", product: { name: "spacewalk-client-tools-4.1.7-27.38.1.s390x", product_id: "spacewalk-client-tools-4.1.7-27.38.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "koan-2.2.2-0.68.12.1.x86_64", product: { name: "koan-2.2.2-0.68.12.1.x86_64", product_id: "koan-2.2.2-0.68.12.1.x86_64", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-5.20.1.x86_64", product: { name: "mgr-daemon-4.1.3-5.20.1.x86_64", product_id: "mgr-daemon-4.1.3-5.20.1.x86_64", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-27.38.1.x86_64", product: { name: "python2-spacewalk-check-4.1.7-27.38.1.x86_64", product_id: "python2-spacewalk-check-4.1.7-27.38.1.x86_64", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", product: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", product_id: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", product: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", product_id: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, }, { category: "product_version", name: "salt-2016.11.10-43.63.1.x86_64", product: { name: "salt-2016.11.10-43.63.1.x86_64", product_id: "salt-2016.11.10-43.63.1.x86_64", }, }, { category: "product_version", name: "salt-doc-2016.11.10-43.63.1.x86_64", product: { name: "salt-doc-2016.11.10-43.63.1.x86_64", product_id: "salt-doc-2016.11.10-43.63.1.x86_64", }, }, { category: "product_version", name: "salt-minion-2016.11.10-43.63.1.x86_64", product: { name: "salt-minion-2016.11.10-43.63.1.x86_64", product_id: "salt-minion-2016.11.10-43.63.1.x86_64", }, }, { category: "product_version", name: "spacecmd-4.1.8-18.72.1.x86_64", product: { name: "spacecmd-4.1.8-18.72.1.x86_64", product_id: "spacecmd-4.1.8-18.72.1.x86_64", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-27.38.1.x86_64", product: { name: "spacewalk-check-4.1.7-27.38.1.x86_64", product_id: "spacewalk-check-4.1.7-27.38.1.x86_64", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-27.38.1.x86_64", product: { name: "spacewalk-client-setup-4.1.7-27.38.1.x86_64", product_id: "spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-27.38.1.x86_64", product: { name: "spacewalk-client-tools-4.1.7-27.38.1.x86_64", product_id: "spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product: { name: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_identification_helper: { cpe: "cpe:/a:suse:sle-clienttools:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product: { name: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_identification_helper: { cpe: "cpe:/a:suse:sle-clienttools:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", }, product_reference: "koan-2.2.2-0.68.12.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", }, product_reference: "koan-2.2.2-0.68.12.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", }, product_reference: "koan-2.2.2-0.68.12.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", }, product_reference: "koan-2.2.2-0.68.12.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", }, product_reference: "koan-2.2.2-0.68.12.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", }, product_reference: "mgr-daemon-4.1.3-5.20.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", }, product_reference: "mgr-daemon-4.1.3-5.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", }, product_reference: "salt-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", }, product_reference: "salt-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", }, product_reference: "salt-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", }, product_reference: "salt-doc-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", }, product_reference: "salt-doc-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-doc-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", }, product_reference: "salt-doc-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-doc-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", }, product_reference: "salt-minion-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", }, product_reference: "salt-minion-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-minion-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", }, product_reference: "salt-minion-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-minion-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", }, product_reference: "spacecmd-4.1.8-18.72.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", }, product_reference: "spacecmd-4.1.8-18.72.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", }, product_reference: "spacecmd-4.1.8-18.72.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", }, product_reference: "spacecmd-4.1.8-18.72.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", }, product_reference: "spacecmd-4.1.8-18.72.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-check-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-check-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", }, product_reference: "koan-2.2.2-0.68.12.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", }, product_reference: "koan-2.2.2-0.68.12.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", }, product_reference: "koan-2.2.2-0.68.12.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", }, product_reference: "koan-2.2.2-0.68.12.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "koan-2.2.2-0.68.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", }, product_reference: "koan-2.2.2-0.68.12.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", }, product_reference: "mgr-daemon-4.1.3-5.20.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", }, product_reference: "mgr-daemon-4.1.3-5.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-5.20.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", }, product_reference: "mgr-daemon-4.1.3-5.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-check-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-check-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, product_reference: "python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", }, product_reference: "salt-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", }, product_reference: "salt-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", }, product_reference: "salt-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", }, product_reference: "salt-doc-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", }, product_reference: "salt-doc-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-doc-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", }, product_reference: "salt-doc-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-doc-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", }, product_reference: "salt-minion-2016.11.10-43.63.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", }, product_reference: "salt-minion-2016.11.10-43.63.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", }, product_reference: "salt-minion-2016.11.10-43.63.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", }, product_reference: "salt-minion-2016.11.10-43.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.10-43.63.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", }, product_reference: "salt-minion-2016.11.10-43.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", }, product_reference: "spacecmd-4.1.8-18.72.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", }, product_reference: "spacecmd-4.1.8-18.72.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", }, product_reference: "spacecmd-4.1.8-18.72.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", }, product_reference: "spacecmd-4.1.8-18.72.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-18.72.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", }, product_reference: "spacecmd-4.1.8-18.72.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-check-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-check-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-check-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-client-setup-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-27.38.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", product_id: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", }, product_reference: "spacewalk-client-tools-4.1.7-27.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:59:37Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:59:37Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:koan-2.2.2-0.68.12.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:mgr-daemon-4.1.3-5.20.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:python2-spacewalk-client-tools-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2016.11.10-43.63.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacecmd-4.1.8-18.72.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-check-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-setup-4.1.7-27.38.1.x86_64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.i586", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ia64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.ppc64", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.s390x", "SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-client-tools-4.1.7-27.38.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:59:37Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3244-1
Vulnerability from csaf_suse
Published
2020-11-06 15:58
Modified
2020-11-06 15:58
Summary
Security update for Salt
Notes
Title of the patch
Security update for Salt
Description of the patch
This update fixes the following issues:
salt:
- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value
- Do not break package building for systemd OSes
- Drop wrong mock from chroot unit test
- Support systemd versions with dot (bsc#1176294)
- Fix for grains.test_core unit test
- Fix file/directory user and group ownership containing
UTF-8 characters (bsc#1176024)
- Several changes to virtualization:
- Fix virt update when cpu and memory are changed
- Memory Tuning GSoC
- Properly fix memory setting regression in virt.update
- Expose libvirt on_reboot in virt states
- Support transactional systems (MicroOS)
- Zypperpkg module ignores retcode 104 for search() (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding
file or block disk (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests
Patchnames
SUSE-2020-3244,SUSE-SLE-Product-HPC-15-2020-3244,SUSE-SLE-Product-SLES-15-2020-3244,SUSE-SLE-Product-SLES_SAP-15-2020-3244
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for Salt", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\nsalt:\n\n- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value\n- Do not break package building for systemd OSes\n- Drop wrong mock from chroot unit test\n- Support systemd versions with dot (bsc#1176294)\n- Fix for grains.test_core unit test\n- Fix file/directory user and group ownership containing\n UTF-8 characters (bsc#1176024)\n- Several changes to virtualization:\n - Fix virt update when cpu and memory are changed\n - Memory Tuning GSoC\n - Properly fix memory setting regression in virt.update\n - Expose libvirt on_reboot in virt states\n- Support transactional systems (MicroOS)\n- Zypperpkg module ignores retcode 104 for search() (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding\n file or block disk (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3244,SUSE-SLE-Product-HPC-15-2020-3244,SUSE-SLE-Product-SLES-15-2020-3244,SUSE-SLE-Product-SLES_SAP-15-2020-3244", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3244-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3244-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203244-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3244-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007719.html", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE Bug 1178485", url: "https://bugzilla.suse.com/1178485", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for Salt", tracking: { current_release_date: "2020-11-06T15:58:23Z", generator: { date: "2020-11-06T15:58:23Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3244-1", initial_release_date: "2020-11-06T15:58:23Z", revision_history: [ { date: "2020-11-06T15:58:23Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "python2-salt-3000-5.91.1.aarch64", product: { name: "python2-salt-3000-5.91.1.aarch64", product_id: "python2-salt-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "python3-salt-3000-5.91.1.aarch64", product: { name: "python3-salt-3000-5.91.1.aarch64", product_id: "python3-salt-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-3000-5.91.1.aarch64", product: { name: "salt-3000-5.91.1.aarch64", product_id: "salt-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-api-3000-5.91.1.aarch64", product: { name: "salt-api-3000-5.91.1.aarch64", product_id: "salt-api-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-cloud-3000-5.91.1.aarch64", product: { name: "salt-cloud-3000-5.91.1.aarch64", product_id: "salt-cloud-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-doc-3000-5.91.1.aarch64", product: { name: "salt-doc-3000-5.91.1.aarch64", product_id: "salt-doc-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-master-3000-5.91.1.aarch64", product: { name: "salt-master-3000-5.91.1.aarch64", product_id: "salt-master-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-minion-3000-5.91.1.aarch64", product: { name: "salt-minion-3000-5.91.1.aarch64", product_id: "salt-minion-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-proxy-3000-5.91.1.aarch64", product: { name: "salt-proxy-3000-5.91.1.aarch64", product_id: "salt-proxy-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-ssh-3000-5.91.1.aarch64", product: { name: "salt-ssh-3000-5.91.1.aarch64", product_id: "salt-ssh-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", product: { name: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", product_id: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", }, }, { category: "product_version", name: "salt-syndic-3000-5.91.1.aarch64", product: { name: "salt-syndic-3000-5.91.1.aarch64", product_id: "salt-syndic-3000-5.91.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "python2-salt-3000-5.91.1.i586", product: { name: "python2-salt-3000-5.91.1.i586", product_id: "python2-salt-3000-5.91.1.i586", }, }, { category: "product_version", name: "python3-salt-3000-5.91.1.i586", product: { name: "python3-salt-3000-5.91.1.i586", product_id: "python3-salt-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-3000-5.91.1.i586", product: { name: "salt-3000-5.91.1.i586", product_id: "salt-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-api-3000-5.91.1.i586", product: { name: "salt-api-3000-5.91.1.i586", product_id: "salt-api-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-cloud-3000-5.91.1.i586", product: { name: "salt-cloud-3000-5.91.1.i586", product_id: "salt-cloud-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-doc-3000-5.91.1.i586", product: { name: "salt-doc-3000-5.91.1.i586", product_id: "salt-doc-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-master-3000-5.91.1.i586", product: { name: "salt-master-3000-5.91.1.i586", product_id: "salt-master-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-minion-3000-5.91.1.i586", product: { name: "salt-minion-3000-5.91.1.i586", product_id: "salt-minion-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-proxy-3000-5.91.1.i586", product: { name: "salt-proxy-3000-5.91.1.i586", product_id: "salt-proxy-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-ssh-3000-5.91.1.i586", product: { name: "salt-ssh-3000-5.91.1.i586", product_id: "salt-ssh-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-5.91.1.i586", product: { name: "salt-standalone-formulas-configuration-3000-5.91.1.i586", product_id: "salt-standalone-formulas-configuration-3000-5.91.1.i586", }, }, { category: "product_version", name: "salt-syndic-3000-5.91.1.i586", product: { name: "salt-syndic-3000-5.91.1.i586", product_id: "salt-syndic-3000-5.91.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "salt-bash-completion-3000-5.91.1.noarch", product: { name: "salt-bash-completion-3000-5.91.1.noarch", product_id: "salt-bash-completion-3000-5.91.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-5.91.1.noarch", product: { name: "salt-fish-completion-3000-5.91.1.noarch", product_id: "salt-fish-completion-3000-5.91.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-5.91.1.noarch", product: { name: "salt-zsh-completion-3000-5.91.1.noarch", product_id: "salt-zsh-completion-3000-5.91.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-5.91.1.ppc64le", product: { name: "python2-salt-3000-5.91.1.ppc64le", product_id: "python2-salt-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "python3-salt-3000-5.91.1.ppc64le", product: { name: "python3-salt-3000-5.91.1.ppc64le", product_id: "python3-salt-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-3000-5.91.1.ppc64le", product: { name: "salt-3000-5.91.1.ppc64le", product_id: "salt-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-api-3000-5.91.1.ppc64le", product: { name: "salt-api-3000-5.91.1.ppc64le", product_id: "salt-api-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-cloud-3000-5.91.1.ppc64le", product: { name: "salt-cloud-3000-5.91.1.ppc64le", product_id: "salt-cloud-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-doc-3000-5.91.1.ppc64le", product: { name: "salt-doc-3000-5.91.1.ppc64le", product_id: "salt-doc-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-master-3000-5.91.1.ppc64le", product: { name: "salt-master-3000-5.91.1.ppc64le", product_id: "salt-master-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-minion-3000-5.91.1.ppc64le", product: { name: "salt-minion-3000-5.91.1.ppc64le", product_id: "salt-minion-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-proxy-3000-5.91.1.ppc64le", product: { name: "salt-proxy-3000-5.91.1.ppc64le", product_id: "salt-proxy-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-ssh-3000-5.91.1.ppc64le", product: { name: "salt-ssh-3000-5.91.1.ppc64le", product_id: "salt-ssh-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", product: { name: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", product_id: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", }, }, { category: "product_version", name: "salt-syndic-3000-5.91.1.ppc64le", product: { name: "salt-syndic-3000-5.91.1.ppc64le", product_id: "salt-syndic-3000-5.91.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python2-salt-3000-5.91.1.s390x", product: { name: "python2-salt-3000-5.91.1.s390x", product_id: "python2-salt-3000-5.91.1.s390x", }, }, { category: "product_version", name: "python3-salt-3000-5.91.1.s390x", product: { name: "python3-salt-3000-5.91.1.s390x", product_id: "python3-salt-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-3000-5.91.1.s390x", product: { name: "salt-3000-5.91.1.s390x", product_id: "salt-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-api-3000-5.91.1.s390x", product: { name: "salt-api-3000-5.91.1.s390x", product_id: "salt-api-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-cloud-3000-5.91.1.s390x", product: { name: "salt-cloud-3000-5.91.1.s390x", product_id: "salt-cloud-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-doc-3000-5.91.1.s390x", product: { name: "salt-doc-3000-5.91.1.s390x", product_id: "salt-doc-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-master-3000-5.91.1.s390x", product: { name: "salt-master-3000-5.91.1.s390x", product_id: "salt-master-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-minion-3000-5.91.1.s390x", product: { name: "salt-minion-3000-5.91.1.s390x", product_id: "salt-minion-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-proxy-3000-5.91.1.s390x", product: { name: "salt-proxy-3000-5.91.1.s390x", product_id: "salt-proxy-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-ssh-3000-5.91.1.s390x", product: { name: "salt-ssh-3000-5.91.1.s390x", product_id: "salt-ssh-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-5.91.1.s390x", product: { name: "salt-standalone-formulas-configuration-3000-5.91.1.s390x", product_id: "salt-standalone-formulas-configuration-3000-5.91.1.s390x", }, }, { category: "product_version", name: "salt-syndic-3000-5.91.1.s390x", product: { name: "salt-syndic-3000-5.91.1.s390x", product_id: "salt-syndic-3000-5.91.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python2-salt-3000-5.91.1.x86_64", product: { name: "python2-salt-3000-5.91.1.x86_64", product_id: "python2-salt-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-5.91.1.x86_64", product: { name: "python3-salt-3000-5.91.1.x86_64", product_id: "python3-salt-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-3000-5.91.1.x86_64", product: { name: "salt-3000-5.91.1.x86_64", product_id: "salt-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-5.91.1.x86_64", product: { name: "salt-api-3000-5.91.1.x86_64", product_id: "salt-api-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-5.91.1.x86_64", product: { name: "salt-cloud-3000-5.91.1.x86_64", product_id: "salt-cloud-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-5.91.1.x86_64", product: { name: "salt-doc-3000-5.91.1.x86_64", product_id: "salt-doc-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-5.91.1.x86_64", product: { name: "salt-master-3000-5.91.1.x86_64", product_id: "salt-master-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-5.91.1.x86_64", product: { name: "salt-minion-3000-5.91.1.x86_64", product_id: "salt-minion-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-5.91.1.x86_64", product: { name: "salt-proxy-3000-5.91.1.x86_64", product_id: "salt-proxy-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-5.91.1.x86_64", product: { name: "salt-ssh-3000-5.91.1.x86_64", product_id: "salt-ssh-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-5.91.1.x86_64", product: { name: "salt-syndic-3000-5.91.1.x86_64", product_id: "salt-syndic-3000-5.91.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", }, product_reference: "python2-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", }, product_reference: "python2-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", }, product_reference: "python3-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", }, product_reference: "python3-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", }, product_reference: "salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", }, product_reference: "salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", }, product_reference: "salt-api-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", }, product_reference: "salt-api-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", }, product_reference: "salt-bash-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", }, product_reference: "salt-cloud-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", }, product_reference: "salt-cloud-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", }, product_reference: "salt-doc-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", }, product_reference: "salt-doc-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", }, product_reference: "salt-fish-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", }, product_reference: "salt-master-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", }, product_reference: "salt-master-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", }, product_reference: "salt-minion-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", }, product_reference: "salt-minion-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", }, product_reference: "salt-proxy-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", }, product_reference: "salt-proxy-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", }, product_reference: "salt-ssh-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", }, product_reference: "salt-ssh-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", }, product_reference: "salt-syndic-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", }, product_reference: "salt-syndic-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", }, product_reference: "salt-zsh-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", }, product_reference: "python2-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", }, product_reference: "python2-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", }, product_reference: "python3-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", }, product_reference: "python3-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", }, product_reference: "salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", }, product_reference: "salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", }, product_reference: "salt-api-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", }, product_reference: "salt-api-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", }, product_reference: "salt-bash-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", }, product_reference: "salt-cloud-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", }, product_reference: "salt-cloud-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", }, product_reference: "salt-doc-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", }, product_reference: "salt-doc-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", }, product_reference: "salt-fish-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", }, product_reference: "salt-master-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", }, product_reference: "salt-master-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", }, product_reference: "salt-minion-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", }, product_reference: "salt-minion-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", }, product_reference: "salt-proxy-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", }, product_reference: "salt-proxy-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", }, product_reference: "salt-ssh-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", }, product_reference: "salt-ssh-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", }, product_reference: "salt-syndic-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", }, product_reference: "salt-syndic-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", }, product_reference: "salt-zsh-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", }, product_reference: "python2-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", }, product_reference: "python2-salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", }, product_reference: "python2-salt-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", }, product_reference: "python2-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", }, product_reference: "python3-salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", }, product_reference: "python3-salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", }, product_reference: "python3-salt-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", }, product_reference: "python3-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", }, product_reference: "salt-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", }, product_reference: "salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", }, product_reference: "salt-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", }, product_reference: "salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", }, product_reference: "salt-api-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", }, product_reference: "salt-api-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", }, product_reference: "salt-api-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", }, product_reference: "salt-api-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", }, product_reference: "salt-bash-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", }, product_reference: "salt-cloud-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", }, product_reference: "salt-cloud-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", }, product_reference: "salt-cloud-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", }, product_reference: "salt-cloud-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", }, product_reference: "salt-doc-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", }, product_reference: "salt-doc-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", }, product_reference: "salt-doc-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", }, product_reference: "salt-doc-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", }, product_reference: "salt-fish-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", }, product_reference: "salt-master-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", }, product_reference: "salt-master-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", }, product_reference: "salt-master-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", }, product_reference: "salt-master-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", }, product_reference: "salt-minion-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", }, product_reference: "salt-minion-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", }, product_reference: "salt-minion-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", }, product_reference: "salt-minion-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", }, product_reference: "salt-proxy-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", }, product_reference: "salt-proxy-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", }, product_reference: "salt-proxy-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", }, product_reference: "salt-proxy-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", }, product_reference: "salt-ssh-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", }, product_reference: "salt-ssh-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", }, product_reference: "salt-ssh-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", }, product_reference: "salt-ssh-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", }, product_reference: "salt-syndic-3000-5.91.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", }, product_reference: "salt-syndic-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", }, product_reference: "salt-syndic-3000-5.91.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", }, product_reference: "salt-syndic-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", }, product_reference: "salt-zsh-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", }, product_reference: "python2-salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", }, product_reference: "python2-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", }, product_reference: "python3-salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", }, product_reference: "python3-salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", }, product_reference: "salt-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", }, product_reference: "salt-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", }, product_reference: "salt-api-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", }, product_reference: "salt-api-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", }, product_reference: "salt-bash-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", }, product_reference: "salt-cloud-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", }, product_reference: "salt-cloud-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", }, product_reference: "salt-doc-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", }, product_reference: "salt-doc-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", }, product_reference: "salt-fish-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", }, product_reference: "salt-master-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", }, product_reference: "salt-master-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", }, product_reference: "salt-minion-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", }, product_reference: "salt-minion-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", }, product_reference: "salt-proxy-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", }, product_reference: "salt-proxy-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", }, product_reference: "salt-ssh-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", }, product_reference: "salt-ssh-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", }, product_reference: "salt-syndic-3000-5.91.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-5.91.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", }, product_reference: "salt-syndic-3000-5.91.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-5.91.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", }, product_reference: "salt-zsh-completion-3000-5.91.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:23Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:23Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:salt-zsh-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python2-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:python3-salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-api-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-bash-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-cloud-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-doc-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-fish-completion-3000-5.91.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-master-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-minion-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-proxy-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-ssh-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-standalone-formulas-configuration-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:salt-syndic-3000-5.91.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:salt-zsh-completion-3000-5.91.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:23Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3155-1
Vulnerability from csaf_suse
Published
2020-11-04 13:44
Modified
2020-11-04 13:44
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value.
- Do not break package building for systemd OSes.
- Drop wrong mock from chroot unit test.
- Support systemd versions with dot. (bsc#1176294)
- Fix for grains.test_core unit test.
- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)
- Several changes to virtualization:
* Fix virt update when cpu and memory are changed.
* Memory Tuning GSoC.
* Properly fix memory setting regression in virt.update.
* Expose libvirt on_reboot in virt states.
- Support transactional systems (MicroOS).
- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding
file or block disk. (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests.
Patchnames
SUSE-2020-3155,SUSE-SLE-Module-Basesystem-15-SP2-2020-3155,SUSE-SLE-Module-Python2-15-SP2-2020-3155,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3155
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for salt", title: "Title of the patch", }, { category: "description", text: "This update for salt fixes the following issues:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value.\n- Do not break package building for systemd OSes.\n- Drop wrong mock from chroot unit test.\n- Support systemd versions with dot. (bsc#1176294)\n- Fix for grains.test_core unit test.\n- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)\n- Several changes to virtualization:\n * Fix virt update when cpu and memory are changed.\n * Memory Tuning GSoC.\n * Properly fix memory setting regression in virt.update.\n * Expose libvirt on_reboot in virt states.\n- Support transactional systems (MicroOS).\n- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding\n file or block disk. (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3155,SUSE-SLE-Module-Basesystem-15-SP2-2020-3155,SUSE-SLE-Module-Python2-15-SP2-2020-3155,SUSE-SLE-Module-Server-Applications-15-SP2-2020-3155", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3155-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3155-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203155-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3155-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007693.html", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for salt", tracking: { current_release_date: "2020-11-04T13:44:16Z", generator: { date: "2020-11-04T13:44:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3155-1", initial_release_date: "2020-11-04T13:44:16Z", revision_history: [ { date: "2020-11-04T13:44:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "python2-salt-3000-4.20.1.aarch64", product: { name: "python2-salt-3000-4.20.1.aarch64", product_id: "python2-salt-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "python3-salt-3000-4.20.1.aarch64", product: { name: "python3-salt-3000-4.20.1.aarch64", product_id: "python3-salt-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-3000-4.20.1.aarch64", product: { name: "salt-3000-4.20.1.aarch64", product_id: "salt-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-api-3000-4.20.1.aarch64", product: { name: "salt-api-3000-4.20.1.aarch64", product_id: "salt-api-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-cloud-3000-4.20.1.aarch64", product: { name: "salt-cloud-3000-4.20.1.aarch64", product_id: "salt-cloud-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-doc-3000-4.20.1.aarch64", product: { name: "salt-doc-3000-4.20.1.aarch64", product_id: "salt-doc-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-master-3000-4.20.1.aarch64", product: { name: "salt-master-3000-4.20.1.aarch64", product_id: "salt-master-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-minion-3000-4.20.1.aarch64", product: { name: "salt-minion-3000-4.20.1.aarch64", product_id: "salt-minion-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-proxy-3000-4.20.1.aarch64", product: { name: "salt-proxy-3000-4.20.1.aarch64", product_id: "salt-proxy-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-ssh-3000-4.20.1.aarch64", product: { name: "salt-ssh-3000-4.20.1.aarch64", product_id: "salt-ssh-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-4.20.1.aarch64", product: { name: "salt-standalone-formulas-configuration-3000-4.20.1.aarch64", product_id: "salt-standalone-formulas-configuration-3000-4.20.1.aarch64", }, }, { category: "product_version", name: "salt-syndic-3000-4.20.1.aarch64", product: { name: "salt-syndic-3000-4.20.1.aarch64", product_id: "salt-syndic-3000-4.20.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "python2-salt-3000-4.20.1.i586", product: { name: "python2-salt-3000-4.20.1.i586", product_id: "python2-salt-3000-4.20.1.i586", }, }, { category: "product_version", name: "python3-salt-3000-4.20.1.i586", product: { name: "python3-salt-3000-4.20.1.i586", product_id: "python3-salt-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-3000-4.20.1.i586", product: { name: "salt-3000-4.20.1.i586", product_id: "salt-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-api-3000-4.20.1.i586", product: { name: "salt-api-3000-4.20.1.i586", product_id: "salt-api-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-cloud-3000-4.20.1.i586", product: { name: "salt-cloud-3000-4.20.1.i586", product_id: "salt-cloud-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-doc-3000-4.20.1.i586", product: { name: "salt-doc-3000-4.20.1.i586", product_id: "salt-doc-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-master-3000-4.20.1.i586", product: { name: "salt-master-3000-4.20.1.i586", product_id: "salt-master-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-minion-3000-4.20.1.i586", product: { name: "salt-minion-3000-4.20.1.i586", product_id: "salt-minion-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-proxy-3000-4.20.1.i586", product: { name: "salt-proxy-3000-4.20.1.i586", product_id: "salt-proxy-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-ssh-3000-4.20.1.i586", product: { name: "salt-ssh-3000-4.20.1.i586", product_id: "salt-ssh-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-4.20.1.i586", product: { name: "salt-standalone-formulas-configuration-3000-4.20.1.i586", product_id: "salt-standalone-formulas-configuration-3000-4.20.1.i586", }, }, { category: "product_version", name: "salt-syndic-3000-4.20.1.i586", product: { name: "salt-syndic-3000-4.20.1.i586", product_id: "salt-syndic-3000-4.20.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "salt-bash-completion-3000-4.20.1.noarch", product: { name: "salt-bash-completion-3000-4.20.1.noarch", product_id: "salt-bash-completion-3000-4.20.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-4.20.1.noarch", product: { name: "salt-fish-completion-3000-4.20.1.noarch", product_id: "salt-fish-completion-3000-4.20.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-4.20.1.noarch", product: { name: "salt-zsh-completion-3000-4.20.1.noarch", product_id: "salt-zsh-completion-3000-4.20.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-4.20.1.ppc64le", product: { name: "python2-salt-3000-4.20.1.ppc64le", product_id: "python2-salt-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "python3-salt-3000-4.20.1.ppc64le", product: { name: "python3-salt-3000-4.20.1.ppc64le", product_id: "python3-salt-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-3000-4.20.1.ppc64le", product: { name: "salt-3000-4.20.1.ppc64le", product_id: "salt-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-api-3000-4.20.1.ppc64le", product: { name: "salt-api-3000-4.20.1.ppc64le", product_id: "salt-api-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-cloud-3000-4.20.1.ppc64le", product: { name: "salt-cloud-3000-4.20.1.ppc64le", product_id: "salt-cloud-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-doc-3000-4.20.1.ppc64le", product: { name: "salt-doc-3000-4.20.1.ppc64le", product_id: "salt-doc-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-master-3000-4.20.1.ppc64le", product: { name: "salt-master-3000-4.20.1.ppc64le", product_id: "salt-master-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-minion-3000-4.20.1.ppc64le", product: { name: "salt-minion-3000-4.20.1.ppc64le", product_id: "salt-minion-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-proxy-3000-4.20.1.ppc64le", product: { name: "salt-proxy-3000-4.20.1.ppc64le", product_id: "salt-proxy-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-ssh-3000-4.20.1.ppc64le", product: { name: "salt-ssh-3000-4.20.1.ppc64le", product_id: "salt-ssh-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", product: { name: "salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", product_id: "salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", }, }, { category: "product_version", name: "salt-syndic-3000-4.20.1.ppc64le", product: { name: "salt-syndic-3000-4.20.1.ppc64le", product_id: "salt-syndic-3000-4.20.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python2-salt-3000-4.20.1.s390x", product: { name: "python2-salt-3000-4.20.1.s390x", product_id: "python2-salt-3000-4.20.1.s390x", }, }, { category: "product_version", name: "python3-salt-3000-4.20.1.s390x", product: { name: "python3-salt-3000-4.20.1.s390x", product_id: "python3-salt-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-3000-4.20.1.s390x", product: { name: "salt-3000-4.20.1.s390x", product_id: "salt-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-api-3000-4.20.1.s390x", product: { name: "salt-api-3000-4.20.1.s390x", product_id: "salt-api-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-cloud-3000-4.20.1.s390x", product: { name: "salt-cloud-3000-4.20.1.s390x", product_id: "salt-cloud-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-doc-3000-4.20.1.s390x", product: { name: "salt-doc-3000-4.20.1.s390x", product_id: "salt-doc-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-master-3000-4.20.1.s390x", product: { name: "salt-master-3000-4.20.1.s390x", product_id: "salt-master-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-minion-3000-4.20.1.s390x", product: { name: "salt-minion-3000-4.20.1.s390x", product_id: "salt-minion-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-proxy-3000-4.20.1.s390x", product: { name: "salt-proxy-3000-4.20.1.s390x", product_id: "salt-proxy-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-ssh-3000-4.20.1.s390x", product: { name: "salt-ssh-3000-4.20.1.s390x", product_id: "salt-ssh-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-4.20.1.s390x", product: { name: "salt-standalone-formulas-configuration-3000-4.20.1.s390x", product_id: "salt-standalone-formulas-configuration-3000-4.20.1.s390x", }, }, { category: "product_version", name: "salt-syndic-3000-4.20.1.s390x", product: { name: "salt-syndic-3000-4.20.1.s390x", product_id: "salt-syndic-3000-4.20.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python2-salt-3000-4.20.1.x86_64", product: { name: "python2-salt-3000-4.20.1.x86_64", product_id: "python2-salt-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-4.20.1.x86_64", product: { name: "python3-salt-3000-4.20.1.x86_64", product_id: "python3-salt-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-3000-4.20.1.x86_64", product: { name: "salt-3000-4.20.1.x86_64", product_id: "salt-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-4.20.1.x86_64", product: { name: "salt-api-3000-4.20.1.x86_64", product_id: "salt-api-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-4.20.1.x86_64", product: { name: "salt-cloud-3000-4.20.1.x86_64", product_id: "salt-cloud-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-4.20.1.x86_64", product: { name: "salt-doc-3000-4.20.1.x86_64", product_id: "salt-doc-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-4.20.1.x86_64", product: { name: "salt-master-3000-4.20.1.x86_64", product_id: "salt-master-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-4.20.1.x86_64", product: { name: "salt-minion-3000-4.20.1.x86_64", product_id: "salt-minion-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-4.20.1.x86_64", product: { name: "salt-proxy-3000-4.20.1.x86_64", product_id: "salt-proxy-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-4.20.1.x86_64", product: { name: "salt-ssh-3000-4.20.1.x86_64", product_id: "salt-ssh-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-4.20.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-4.20.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-4.20.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-4.20.1.x86_64", product: { name: "salt-syndic-3000-4.20.1.x86_64", product_id: "salt-syndic-3000-4.20.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Python 2 15 SP2", product: { name: "SUSE Linux Enterprise Module for Python 2 15 SP2", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-python2:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python3-salt-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", }, product_reference: "python3-salt-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", }, product_reference: "python3-salt-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", }, product_reference: "python3-salt-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", }, product_reference: "python3-salt-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", }, product_reference: "salt-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", }, product_reference: "salt-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", }, product_reference: "salt-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", }, product_reference: "salt-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-4.20.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", }, product_reference: "salt-bash-completion-3000-4.20.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", }, product_reference: "salt-doc-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", }, product_reference: "salt-doc-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", }, product_reference: "salt-doc-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", }, product_reference: "salt-doc-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", }, product_reference: "salt-minion-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", }, product_reference: "salt-minion-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", }, product_reference: "salt-minion-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", }, product_reference: "salt-minion-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-4.20.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP2", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", }, product_reference: "salt-zsh-completion-3000-4.20.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Python 2 15 SP2", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", }, product_reference: "python2-salt-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Python 2 15 SP2", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", }, product_reference: "python2-salt-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Python 2 15 SP2", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", }, product_reference: "python2-salt-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Python 2 15 SP2", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", }, product_reference: "python2-salt-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", }, product_reference: "salt-api-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", }, product_reference: "salt-api-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", }, product_reference: "salt-api-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", }, product_reference: "salt-api-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", }, product_reference: "salt-cloud-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", }, product_reference: "salt-cloud-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", }, product_reference: "salt-cloud-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", }, product_reference: "salt-cloud-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-4.20.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", }, product_reference: "salt-fish-completion-3000-4.20.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", }, product_reference: "salt-master-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", }, product_reference: "salt-master-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", }, product_reference: "salt-master-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", }, product_reference: "salt-master-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", }, product_reference: "salt-proxy-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", }, product_reference: "salt-proxy-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", }, product_reference: "salt-proxy-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", }, product_reference: "salt-proxy-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", }, product_reference: "salt-ssh-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", }, product_reference: "salt-ssh-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", }, product_reference: "salt-ssh-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", }, product_reference: "salt-ssh-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", }, product_reference: "salt-standalone-formulas-configuration-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", }, product_reference: "salt-standalone-formulas-configuration-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-4.20.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", }, product_reference: "salt-syndic-3000-4.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-4.20.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", }, product_reference: "salt-syndic-3000-4.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-4.20.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", }, product_reference: "salt-syndic-3000-4.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-4.20.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP2", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", }, product_reference: "salt-syndic-3000-4.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T13:44:16Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T13:44:16Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:python3-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-bash-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-doc-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-minion-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP2:salt-zsh-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP2:python2-salt-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-api-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-cloud-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-fish-completion-3000-4.20.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-master-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-proxy-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-ssh-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-standalone-formulas-configuration-3000-4.20.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP2:salt-syndic-3000-4.20.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-04T13:44:16Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3250-1
Vulnerability from csaf_suse
Published
2020-11-06 16:03
Modified
2020-11-06 16:03
Summary
Security update for SUSE Manager 4.0
Notes
Title of the patch
Security update for SUSE Manager 4.0
Description of the patch
This security update for SUSE Manager 4.0 provides the following fixes:
py26-compat-salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacewalk-java:
- Use correct eauth module and credentials for Salt SSH calls. (bsc#1178319, CVE-2020-25592)
Patchnames
SUSE-2020-3250,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-3250
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager 4.0", title: "Title of the patch", }, { category: "description", text: "This security update for SUSE Manager 4.0 provides the following fixes:\n\npy26-compat-salt:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n\nspacewalk-java:\n\n- Use correct eauth module and credentials for Salt SSH calls. (bsc#1178319, CVE-2020-25592)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3250,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-3250", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3250-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3250-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203250-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3250-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007714.html", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for SUSE Manager 4.0", tracking: { current_release_date: "2020-11-06T16:03:24Z", generator: { date: "2020-11-06T16:03:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3250-1", initial_release_date: "2020-11-06T16:03:24Z", revision_history: [ { date: "2020-11-06T16:03:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "py26-compat-salt-2016.11.10-10.17.1.noarch", product: { name: "py26-compat-salt-2016.11.10-10.17.1.noarch", product_id: "py26-compat-salt-2016.11.10-10.17.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.0.39-3.45.1.noarch", product: { name: "spacewalk-java-4.0.39-3.45.1.noarch", product_id: "spacewalk-java-4.0.39-3.45.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.0.39-3.45.1.noarch", product: { name: "spacewalk-java-apidoc-sources-4.0.39-3.45.1.noarch", product_id: "spacewalk-java-apidoc-sources-4.0.39-3.45.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.0.39-3.45.1.noarch", product: { name: "spacewalk-java-config-4.0.39-3.45.1.noarch", product_id: "spacewalk-java-config-4.0.39-3.45.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.0.39-3.45.1.noarch", product: { name: "spacewalk-java-lib-4.0.39-3.45.1.noarch", product_id: "spacewalk-java-lib-4.0.39-3.45.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.0.39-3.45.1.noarch", product: { name: "spacewalk-java-postgresql-4.0.39-3.45.1.noarch", product_id: "spacewalk-java-postgresql-4.0.39-3.45.1.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.0.39-3.45.1.noarch", product: { name: "spacewalk-taskomatic-4.0.39-3.45.1.noarch", product_id: "spacewalk-taskomatic-4.0.39-3.45.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Manager Server Module 4.0", product: { name: "SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "py26-compat-salt-2016.11.10-10.17.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", }, product_reference: "py26-compat-salt-2016.11.10-10.17.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.0.39-3.45.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", }, product_reference: "spacewalk-java-4.0.39-3.45.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.0.39-3.45.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", }, product_reference: "spacewalk-java-config-4.0.39-3.45.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.0.39-3.45.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", }, product_reference: "spacewalk-java-lib-4.0.39-3.45.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.0.39-3.45.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", }, product_reference: "spacewalk-java-postgresql-4.0.39-3.45.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.0.39-3.45.1.noarch as component of SUSE Manager Server Module 4.0", product_id: "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", }, product_reference: "spacewalk-taskomatic-4.0.39-3.45.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.0", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:24Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:24Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.17.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.39-3.45.1.noarch", "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.39-3.45.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:24Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3251-1
Vulnerability from csaf_suse
Published
2020-11-06 16:03
Modified
2020-11-06 16:03
Summary
Security update for SUSE Manager 3.2
Notes
Title of the patch
Security update for SUSE Manager 3.2
Description of the patch
This security update for SUSE Manager 3.2 fixes the following issues:
py26-compat-salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacewalk-java:
- Use correct eauth module and credentials for Salt SSH calls (bsc#1178319, CVE-2020-25592)
Patchnames
SUSE-2020-3251,SUSE-SUSE-Manager-Server-3.2-2020-3251
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager 3.2", title: "Title of the patch", }, { category: "description", text: "This security update for SUSE Manager 3.2 fixes the following issues:\n\npy26-compat-salt:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n\nspacewalk-java:\n\n- Use correct eauth module and credentials for Salt SSH calls (bsc#1178319, CVE-2020-25592)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3251,SUSE-SUSE-Manager-Server-3.2-2020-3251", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3251-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3251-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203251-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3251-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007729.html", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for SUSE Manager 3.2", tracking: { current_release_date: "2020-11-06T16:03:37Z", generator: { date: "2020-11-06T16:03:37Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3251-1", initial_release_date: "2020-11-06T16:03:37Z", revision_history: [ { date: "2020-11-06T16:03:37Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "py26-compat-salt-2016.11.10-6.41.1.noarch", product: { name: "py26-compat-salt-2016.11.10-6.41.1.noarch", product_id: "py26-compat-salt-2016.11.10-6.41.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-apidoc-sources-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-apidoc-sources-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-config-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-config-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-lib-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-lib-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", product: { name: "spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", product_id: "spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Manager Server 3.2", product: { name: "SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:3.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "py26-compat-salt-2016.11.10-6.41.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", }, product_reference: "py26-compat-salt-2016.11.10-6.41.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-java-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-java-config-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-java-lib-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-oracle-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-2.8.78.31-3.56.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", }, product_reference: "spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:37Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:37Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.41.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.31-3.56.1.noarch", "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.31-3.56.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T16:03:37Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3235-1
Vulnerability from csaf_suse
Published
2020-11-06 15:55
Modified
2020-11-06 15:55
Summary
Security update for SUSE Manager Server 4.1
Notes
Title of the patch
Security update for SUSE Manager Server 4.1
Description of the patch
This update fixes the following issues:
bind-formula:
- Temporarily disable dnssec-validation as hotfix for bsc#1177790
grafana-formula:
- Use variable for product name
- Add HA/SAP dashboards
- Add support for system groups in Client Systems dashboard
image-sync-formula:
- Do not use .gz suffix for default initrd symlink
- Keep the old symlink 'initrd.gz' for compatibility
prometheus-exporters-formula:
- Fix empty directory values initialization
- Add systemd collector as default for node_exporters
since otherwise some SAP/HA grafana dashboards will be empty
- Disable reverse proxy on default
prometheus-formula:
- Disable Alertmanager clustering (bsc#1178145)
- Use variable for product name
pxe-formula:
- Change default to 'initrd' without .gz suffix
py26-compat-salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
python-susemanager-retail:
- Use name 'initrd' without .gz suffix
salt-netapi-client:
- Version 0.18.0
See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.18.0
saltboot-formula:
- Allow setting terminal kernel parameters in saltboot formula
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
spacewalk-admin:
- Show info message when applying schema upgrade
spacewalk-backend:
- Prevent IntegrityError during mgr-inter-sync execution (bsc#1177235)
spacewalk-branding:
- Enable to switch to multiple webUI theme
spacewalk-client-tools:
- Remove RH references in Python/Ruby localization and use the product name instead
spacewalk-java:
- Use correct eauth module and credentials for Salt SSH calls (bsc#1178319)
- Remove expiration date from ics files (bsc#1177892)
- Execute Salt SSH actions in parallel (bsc#1173199)
- Enable to switch to multiple webUI theme
- Fix action chain resuming when patches updating salt-minion don't cause service to be
restarted (bsc#1144447)
- Renaming autoinstall distro didn't change the name of the Cobbler distro (bsc#1175876)
- Fix the links for downloading the binaries in the package details UI (bsc#1176603)
- Allow nightly ISS sync to also cover custom channels
- Fix: reinspecting a container image (bsc#1177092)
- Add power management xmlrpc api
- Remove hostname from /var/lib/salt/.ssh/known_hosts when deleting system (bsc#1176159)
- Log exception trace on fatal Taskomatic startup error
- Fix max password length check at user creation (bsc#1176765)
- Notify about missing libvirt or hypervisor on virtual host
- Redesign maintenance schedule systems table to use paginated data from server
- Fix SP migration after dry run for cloned channels (bsc#1176307)
- Filter not available optional channels out
spacewalk-search:
- Change default maximum memory to 512 MB, preventing OutOfMemoryError
spacewalk-web:
- Enable to switch to multiple webUI theme
- Only refresh the virtual storage list when pool events are received
- Drop node-fetch to fix CVE-2020-15168
- Notify about missing libvirt or hypervisor on virtual host
- Redesign maintenance schedule systems table to use paginated data from server
susemanager:
- Create bootstrap repo should not flush by default (bsc#1175843)
- Improve detection of base channels for products (bsc#1177478)
- Add LTSS PIDs for SLE12SP1, SLE12SP2, SLE12SP3 and SLE12SP4 to the bootstrap definitions as some packages from LTSS
are required (bsc#1177524)
- Fix logrotate config
- Add missing packages to ubuntu20.04 bootstrap data (bsc#1176629)
susemanager-build-keys:
- Replace 'SuSE' user-facing references with 'SUSE'
susemanager-doc-indexes:
- Documented zypper autorefresh feature in Upgrade Guide
- Update SP Migration chapter in Client Configuration Guide
- In Client Configuration and Upgrade Guide, add link to valid autoyast upgrade settings
- Move client upgrade related sections from Reference and Upgrade Guide to Client Configuration Guide
- Updated Requirements chapter in Installation Guide.
- Edits OpenSCAP section in Admin Guide (bsc#1176413)
- Updated Terminology section in Salt Guide
- Added on-demand images content to Install Guide
- Adds webUI locale choice to Ref & Admin Guides
- Adds new System Types section to Client Cfg
- Updates supported client matrix in Install Guide
- Add note about log file to Upgrade Guide
- Removes outdated content from Activation Keys section (bsc#1177396)
- Adds note about PAM Auth during migration (bsc#1177730)
- Fixed broken table in admin guide
susemanager-docs_en:
- Documented zypper autorefresh feature in Upgrade Guide
- Update SP Migration chapter in Client Configuration Guide
- In Client Configuration and Upgrade Guide, add link to valid autoyast upgrade settings
- Move client upgrade related sections from Reference and Upgrade Guide to Client Configuration Guide
- Updated Requirements chapter in Installation Guide.
- Edits OpenSCAP section in Admin Guide (bsc#1176413)
- Updated Terminology section in Salt Guide
- Added on-demand images content to Install Guide
- Adds webUI locale choice to Ref & Admin Guides
- Adds new System Types section to Client Cfg
- Updates supported client matrix in Install Guide
- Add note about log file to Upgrade Guide
- Removes outdated content from Activation Keys section (bsc#1177396)
- Adds note about PAM Auth during migration (bsc#1177730)
- Fixed broken table in admin guide
susemanager-schema:
- Add web_theme user preferences column (bsc#1178204)
- Execute Salt SSH actions in parallel (bsc#1173199)
- Show info message when applying schema upgrade
susemanager-sls:
- Fix action chain resuming when patches updating salt-minion don't cause service to be restarted (bsc#1144447)
- Make grub2 autoinstall kernel path relative to the boot partition root (bsc#1175876)
- Move channel token information from sources.list to auth.conf on Debian 10 and Ubuntu 18 and newer
- Add support for activation keys on server configuration Salt modules
- Ensure the yum/dnf plugins are enabled
- Remove hostname from /var/lib/salt/.ssh/known_hosts when deleting system (bsc#1176159)
- Fix grub2 autoinstall kernel path (bsc#1178060)
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema:
spacewalk-schema-upgrade
5. Start the Spacewalk service:
spacewalk-service start
Patchnames
SUSE-2020-3235,SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2020-3235,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-3235
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.1", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\nbind-formula:\n\n- Temporarily disable dnssec-validation as hotfix for bsc#1177790\n\ngrafana-formula:\n\n- Use variable for product name\n- Add HA/SAP dashboards\n- Add support for system groups in Client Systems dashboard\n\nimage-sync-formula:\n\n- Do not use .gz suffix for default initrd symlink\n- Keep the old symlink 'initrd.gz' for compatibility\n\nprometheus-exporters-formula:\n\n- Fix empty directory values initialization\n- Add systemd collector as default for node_exporters\n since otherwise some SAP/HA grafana dashboards will be empty\n- Disable reverse proxy on default\n\nprometheus-formula:\n\n- Disable Alertmanager clustering (bsc#1178145)\n- Use variable for product name\n\npxe-formula:\n\n- Change default to 'initrd' without .gz suffix\n\npy26-compat-salt:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n\npython-susemanager-retail:\n\n- Use name 'initrd' without .gz suffix\n\nsalt-netapi-client:\n\n- Version 0.18.0\n See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.18.0\n\nsaltboot-formula:\n\n- Allow setting terminal kernel parameters in saltboot formula\n\nspacecmd:\n\n- Python3 fixes for errata in spacecmd (bsc#1169664)\n- Added support for i18n of user-facing strings\n- Python3 fix for sorted usage (bsc#1167907)\n\nspacewalk-admin:\n\n- Show info message when applying schema upgrade\n\nspacewalk-backend:\n\n- Prevent IntegrityError during mgr-inter-sync execution (bsc#1177235)\n\nspacewalk-branding:\n\n- Enable to switch to multiple webUI theme\n\nspacewalk-client-tools:\n\n- Remove RH references in Python/Ruby localization and use the product name instead\n\nspacewalk-java:\n\n- Use correct eauth module and credentials for Salt SSH calls (bsc#1178319)\n- Remove expiration date from ics files (bsc#1177892)\n- Execute Salt SSH actions in parallel (bsc#1173199)\n- Enable to switch to multiple webUI theme\n- Fix action chain resuming when patches updating salt-minion don't cause service to be\n restarted (bsc#1144447)\n- Renaming autoinstall distro didn't change the name of the Cobbler distro (bsc#1175876)\n- Fix the links for downloading the binaries in the package details UI (bsc#1176603)\n- Allow nightly ISS sync to also cover custom channels\n- Fix: reinspecting a container image (bsc#1177092)\n- Add power management xmlrpc api\n- Remove hostname from /var/lib/salt/.ssh/known_hosts when deleting system (bsc#1176159)\n- Log exception trace on fatal Taskomatic startup error\n- Fix max password length check at user creation (bsc#1176765)\n- Notify about missing libvirt or hypervisor on virtual host\n- Redesign maintenance schedule systems table to use paginated data from server\n- Fix SP migration after dry run for cloned channels (bsc#1176307)\n- Filter not available optional channels out\n\nspacewalk-search:\n\n- Change default maximum memory to 512 MB, preventing OutOfMemoryError\n\nspacewalk-web:\n\n- Enable to switch to multiple webUI theme\n- Only refresh the virtual storage list when pool events are received\n- Drop node-fetch to fix CVE-2020-15168\n- Notify about missing libvirt or hypervisor on virtual host\n- Redesign maintenance schedule systems table to use paginated data from server\n\nsusemanager:\n\n- Create bootstrap repo should not flush by default (bsc#1175843)\n- Improve detection of base channels for products (bsc#1177478)\n- Add LTSS PIDs for SLE12SP1, SLE12SP2, SLE12SP3 and SLE12SP4 to the bootstrap definitions as some packages from LTSS\n are required (bsc#1177524)\n- Fix logrotate config\n- Add missing packages to ubuntu20.04 bootstrap data (bsc#1176629)\n\nsusemanager-build-keys:\n\n- Replace 'SuSE' user-facing references with 'SUSE'\n\nsusemanager-doc-indexes:\n\n- Documented zypper autorefresh feature in Upgrade Guide\n- Update SP Migration chapter in Client Configuration Guide \n- In Client Configuration and Upgrade Guide, add link to valid autoyast upgrade settings\n- Move client upgrade related sections from Reference and Upgrade Guide to Client Configuration Guide\n- Updated Requirements chapter in Installation Guide. \n- Edits OpenSCAP section in Admin Guide (bsc#1176413)\n- Updated Terminology section in Salt Guide\n- Added on-demand images content to Install Guide\n- Adds webUI locale choice to Ref & Admin Guides\n- Adds new System Types section to Client Cfg\n- Updates supported client matrix in Install Guide\n- Add note about log file to Upgrade Guide \n- Removes outdated content from Activation Keys section (bsc#1177396)\n- Adds note about PAM Auth during migration (bsc#1177730)\n- Fixed broken table in admin guide\n\nsusemanager-docs_en:\n\n- Documented zypper autorefresh feature in Upgrade Guide\n- Update SP Migration chapter in Client Configuration Guide\n- In Client Configuration and Upgrade Guide, add link to valid autoyast upgrade settings\n- Move client upgrade related sections from Reference and Upgrade Guide to Client Configuration Guide\n- Updated Requirements chapter in Installation Guide.\n- Edits OpenSCAP section in Admin Guide (bsc#1176413)\n- Updated Terminology section in Salt Guide\n- Added on-demand images content to Install Guide\n- Adds webUI locale choice to Ref & Admin Guides\n- Adds new System Types section to Client Cfg\n- Updates supported client matrix in Install Guide\n- Add note about log file to Upgrade Guide\n- Removes outdated content from Activation Keys section (bsc#1177396)\n- Adds note about PAM Auth during migration (bsc#1177730)\n- Fixed broken table in admin guide \n\nsusemanager-schema:\n\n- Add web_theme user preferences column (bsc#1178204)\n- Execute Salt SSH actions in parallel (bsc#1173199)\n- Show info message when applying schema upgrade\n\nsusemanager-sls:\n\n- Fix action chain resuming when patches updating salt-minion don't cause service to be restarted (bsc#1144447)\n- Make grub2 autoinstall kernel path relative to the boot partition root (bsc#1175876)\n- Move channel token information from sources.list to auth.conf on Debian 10 and Ubuntu 18 and newer\n- Add support for activation keys on server configuration Salt modules\n- Ensure the yum/dnf plugins are enabled\n- Remove hostname from /var/lib/salt/.ssh/known_hosts when deleting system (bsc#1176159)\n- Fix grub2 autoinstall kernel path (bsc#1178060)\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\nspacewalk-service stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Upgrade the database schema:\nspacewalk-schema-upgrade\n5. Start the Spacewalk service:\nspacewalk-service start\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3235,SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2020-3235,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-3235", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3235-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3235-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203235-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3235-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007717.html", }, { category: "self", summary: "SUSE Bug 1144447", url: "https://bugzilla.suse.com/1144447", }, { category: "self", summary: "SUSE Bug 1167907", url: "https://bugzilla.suse.com/1167907", }, { category: "self", summary: "SUSE Bug 1169664", url: "https://bugzilla.suse.com/1169664", }, { category: "self", summary: "SUSE Bug 1173199", url: "https://bugzilla.suse.com/1173199", }, { category: "self", summary: "SUSE Bug 1175843", url: "https://bugzilla.suse.com/1175843", }, { category: "self", summary: "SUSE Bug 1175876", url: "https://bugzilla.suse.com/1175876", }, { category: "self", summary: "SUSE Bug 1176159", url: "https://bugzilla.suse.com/1176159", }, { category: "self", summary: "SUSE Bug 1176307", url: "https://bugzilla.suse.com/1176307", }, { category: "self", summary: "SUSE Bug 1176413", url: "https://bugzilla.suse.com/1176413", }, { category: "self", summary: "SUSE Bug 1176603", url: "https://bugzilla.suse.com/1176603", }, { category: "self", summary: "SUSE Bug 1176629", url: "https://bugzilla.suse.com/1176629", }, { category: "self", summary: "SUSE Bug 1176765", url: "https://bugzilla.suse.com/1176765", }, { category: "self", summary: "SUSE Bug 1177092", url: "https://bugzilla.suse.com/1177092", }, { category: "self", summary: "SUSE Bug 1177235", url: "https://bugzilla.suse.com/1177235", }, { category: "self", summary: "SUSE Bug 1177396", url: "https://bugzilla.suse.com/1177396", }, { category: "self", summary: "SUSE Bug 1177478", url: "https://bugzilla.suse.com/1177478", }, { category: "self", summary: "SUSE Bug 1177524", url: "https://bugzilla.suse.com/1177524", }, { category: "self", summary: "SUSE Bug 1177730", url: "https://bugzilla.suse.com/1177730", }, { category: "self", summary: "SUSE Bug 1177790", url: "https://bugzilla.suse.com/1177790", }, { category: "self", summary: "SUSE Bug 1177892", url: "https://bugzilla.suse.com/1177892", }, { category: "self", summary: "SUSE Bug 1178060", url: "https://bugzilla.suse.com/1178060", }, { category: "self", summary: "SUSE Bug 1178145", url: "https://bugzilla.suse.com/1178145", }, { category: "self", summary: "SUSE Bug 1178204", url: "https://bugzilla.suse.com/1178204", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-15168 page", url: "https://www.suse.com/security/cve/CVE-2020-15168/", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for SUSE Manager Server 4.1", tracking: { current_release_date: "2020-11-06T15:55:37Z", generator: { date: "2020-11-06T15:55:37Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3235-1", initial_release_date: "2020-11-06T15:55:37Z", revision_history: [ { date: "2020-11-06T15:55:37Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "spacewalk-branding-4.1.11-3.9.6.aarch64", product: { name: "spacewalk-branding-4.1.11-3.9.6.aarch64", product_id: "spacewalk-branding-4.1.11-3.9.6.aarch64", }, }, { category: "product_version", name: "spacewalk-branding-devel-4.1.11-3.9.6.aarch64", product: { name: "spacewalk-branding-devel-4.1.11-3.9.6.aarch64", product_id: "spacewalk-branding-devel-4.1.11-3.9.6.aarch64", }, }, { category: "product_version", name: "susemanager-4.1.21-3.11.6.aarch64", product: { name: "susemanager-4.1.21-3.11.6.aarch64", product_id: "susemanager-4.1.21-3.11.6.aarch64", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.aarch64", product: { name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.aarch64", product_id: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.1.21-3.11.6.aarch64", product: { name: "susemanager-tools-4.1.21-3.11.6.aarch64", product_id: "susemanager-tools-4.1.21-3.11.6.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", product: { name: "bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", product_id: "bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", }, }, { category: "product_version", name: "grafana-formula-0.3.0-3.3.2.noarch", product: { name: "grafana-formula-0.3.0-3.3.2.noarch", product_id: "grafana-formula-0.3.0-3.3.2.noarch", }, }, { category: "product_version", name: "image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", product: { name: "image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", product_id: "image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", }, }, { category: "product_version", name: "mgr-daemon-4.1.3-2.6.3.noarch", product: { name: "mgr-daemon-4.1.3-2.6.3.noarch", product_id: "mgr-daemon-4.1.3-2.6.3.noarch", }, }, { category: "product_version", name: "prometheus-exporters-formula-0.8.0-3.16.2.noarch", product: { name: "prometheus-exporters-formula-0.8.0-3.16.2.noarch", product_id: "prometheus-exporters-formula-0.8.0-3.16.2.noarch", }, }, { category: "product_version", name: "prometheus-formula-0.3.0-3.3.1.noarch", product: { name: "prometheus-formula-0.3.0-3.3.1.noarch", product_id: "prometheus-formula-0.3.0-3.3.1.noarch", }, }, { category: "product_version", name: "pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", product: { name: "pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", product_id: "pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", }, }, { category: "product_version", name: "py26-compat-salt-2016.11.10-6.3.3.noarch", product: { name: "py26-compat-salt-2016.11.10-6.3.3.noarch", product_id: "py26-compat-salt-2016.11.10-6.3.3.noarch", }, }, { category: "product_version", name: "python2-spacewalk-check-4.1.7-4.6.4.noarch", product: { name: "python2-spacewalk-check-4.1.7-4.6.4.noarch", product_id: "python2-spacewalk-check-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.1.7-4.6.4.noarch", product: { name: "python2-spacewalk-client-setup-4.1.7-4.6.4.noarch", product_id: "python2-spacewalk-client-setup-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.1.7-4.6.4.noarch", product: { name: "python2-spacewalk-client-tools-4.1.7-4.6.4.noarch", product_id: "python2-spacewalk-client-tools-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.1.7-4.6.4.noarch", product: { name: "python3-spacewalk-check-4.1.7-4.6.4.noarch", product_id: "python3-spacewalk-check-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", product: { name: "python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", product_id: "python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", product: { name: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", product_id: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", product: { name: "python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", product_id: "python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", }, }, { category: "product_version", name: "salt-netapi-client-0.18.0-15.7.5.noarch", product: { name: "salt-netapi-client-0.18.0-15.7.5.noarch", product_id: "salt-netapi-client-0.18.0-15.7.5.noarch", }, }, { category: "product_version", name: "saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", product: { name: "saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", product_id: "saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", }, }, { category: "product_version", name: "spacecmd-4.1.8-4.9.2.noarch", product: { name: "spacecmd-4.1.8-4.9.2.noarch", product_id: "spacecmd-4.1.8-4.9.2.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.1.7-3.6.3.noarch", product: { name: "spacewalk-admin-4.1.7-3.6.3.noarch", product_id: "spacewalk-admin-4.1.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-app-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-app-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-applet-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-applet-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-cdn-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-cdn-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-config-files-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-config-files-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-iss-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-iss-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-server-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-server-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-sql-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-sql-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-tools-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-tools-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", product: { name: "spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", product_id: "spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.1.19-3.9.5.noarch", product: { name: "spacewalk-base-4.1.19-3.9.5.noarch", product_id: "spacewalk-base-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.1.19-3.9.5.noarch", product: { name: "spacewalk-base-minimal-4.1.19-3.9.5.noarch", product_id: "spacewalk-base-minimal-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", product: { name: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", product_id: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.1.7-4.6.4.noarch", product: { name: "spacewalk-check-4.1.7-4.6.4.noarch", product_id: "spacewalk-check-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.1.7-4.6.4.noarch", product: { name: "spacewalk-client-setup-4.1.7-4.6.4.noarch", product_id: "spacewalk-client-setup-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.1.7-4.6.4.noarch", product: { name: "spacewalk-client-tools-4.1.7-4.6.4.noarch", product_id: "spacewalk-client-tools-4.1.7-4.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.1.19-3.9.5.noarch", product: { name: "spacewalk-dobby-4.1.19-3.9.5.noarch", product_id: "spacewalk-dobby-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.1.19-3.9.5.noarch", product: { name: "spacewalk-html-4.1.19-3.9.5.noarch", product_id: "spacewalk-html-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.1.19-3.9.5.noarch", product: { name: "spacewalk-html-debug-4.1.19-3.9.5.noarch", product_id: "spacewalk-html-debug-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.1.22-3.16.4.noarch", product: { name: "spacewalk-java-4.1.22-3.16.4.noarch", product_id: "spacewalk-java-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.1.22-3.16.4.noarch", product: { name: "spacewalk-java-apidoc-sources-4.1.22-3.16.4.noarch", product_id: "spacewalk-java-apidoc-sources-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.1.22-3.16.4.noarch", product: { name: "spacewalk-java-config-4.1.22-3.16.4.noarch", product_id: "spacewalk-java-config-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.1.22-3.16.4.noarch", product: { name: "spacewalk-java-lib-4.1.22-3.16.4.noarch", product_id: "spacewalk-java-lib-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.1.22-3.16.4.noarch", product: { name: "spacewalk-java-postgresql-4.1.22-3.16.4.noarch", product_id: "spacewalk-java-postgresql-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "spacewalk-search-4.1.3-3.3.7.noarch", product: { name: "spacewalk-search-4.1.3-3.3.7.noarch", product_id: "spacewalk-search-4.1.3-3.3.7.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.1.22-3.16.4.noarch", product: { name: "spacewalk-taskomatic-4.1.22-3.16.4.noarch", product_id: "spacewalk-taskomatic-4.1.22-3.16.4.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-15.2.2-3.6.3.noarch", product: { name: "susemanager-build-keys-15.2.2-3.6.3.noarch", product_id: "susemanager-build-keys-15.2.2-3.6.3.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-web-15.2.2-3.6.3.noarch", product: { name: "susemanager-build-keys-web-15.2.2-3.6.3.noarch", product_id: "susemanager-build-keys-web-15.2.2-3.6.3.noarch", }, }, { category: "product_version", name: "susemanager-doc-indexes-4.1-11.17.1.noarch", product: { name: "susemanager-doc-indexes-4.1-11.17.1.noarch", product_id: "susemanager-doc-indexes-4.1-11.17.1.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.1-11.17.1.noarch", product: { name: "susemanager-docs_en-4.1-11.17.1.noarch", product_id: "susemanager-docs_en-4.1-11.17.1.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.1-11.17.1.noarch", product: { name: "susemanager-docs_en-pdf-4.1-11.17.1.noarch", product_id: "susemanager-docs_en-pdf-4.1-11.17.1.noarch", }, }, { category: "product_version", name: "susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", product: { name: "susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", product_id: "susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.1.15-3.11.2.noarch", product: { name: "susemanager-schema-4.1.15-3.11.2.noarch", product_id: "susemanager-schema-4.1.15-3.11.2.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.1.15-3.11.2.noarch", product: { name: "susemanager-schema-sanity-4.1.15-3.11.2.noarch", product_id: "susemanager-schema-sanity-4.1.15-3.11.2.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.1.17-3.13.6.noarch", product: { name: "susemanager-sls-4.1.17-3.13.6.noarch", product_id: "susemanager-sls-4.1.17-3.13.6.noarch", }, }, { category: "product_version", name: "susemanager-web-libs-4.1.19-3.9.5.noarch", product: { name: "susemanager-web-libs-4.1.19-3.9.5.noarch", product_id: "susemanager-web-libs-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "susemanager-web-libs-debug-4.1.19-3.9.5.noarch", product: { name: "susemanager-web-libs-debug-4.1.19-3.9.5.noarch", product_id: "susemanager-web-libs-debug-4.1.19-3.9.5.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.1.17-3.13.6.noarch", product: { name: "uyuni-config-modules-4.1.17-3.13.6.noarch", product_id: "uyuni-config-modules-4.1.17-3.13.6.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "spacewalk-branding-4.1.11-3.9.6.ppc64le", product: { name: "spacewalk-branding-4.1.11-3.9.6.ppc64le", product_id: "spacewalk-branding-4.1.11-3.9.6.ppc64le", }, }, { category: "product_version", name: "spacewalk-branding-devel-4.1.11-3.9.6.ppc64le", product: { name: "spacewalk-branding-devel-4.1.11-3.9.6.ppc64le", product_id: "spacewalk-branding-devel-4.1.11-3.9.6.ppc64le", }, }, { category: "product_version", name: "susemanager-4.1.21-3.11.6.ppc64le", product: { name: "susemanager-4.1.21-3.11.6.ppc64le", product_id: "susemanager-4.1.21-3.11.6.ppc64le", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.ppc64le", product: { name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.ppc64le", product_id: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.1.21-3.11.6.ppc64le", product: { name: "susemanager-tools-4.1.21-3.11.6.ppc64le", product_id: "susemanager-tools-4.1.21-3.11.6.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "spacewalk-branding-4.1.11-3.9.6.s390x", product: { name: "spacewalk-branding-4.1.11-3.9.6.s390x", product_id: "spacewalk-branding-4.1.11-3.9.6.s390x", }, }, { category: "product_version", name: "spacewalk-branding-devel-4.1.11-3.9.6.s390x", product: { name: "spacewalk-branding-devel-4.1.11-3.9.6.s390x", product_id: "spacewalk-branding-devel-4.1.11-3.9.6.s390x", }, }, { category: "product_version", name: "susemanager-4.1.21-3.11.6.s390x", product: { name: "susemanager-4.1.21-3.11.6.s390x", product_id: "susemanager-4.1.21-3.11.6.s390x", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.s390x", product: { name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.s390x", product_id: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.1.21-3.11.6.s390x", product: { name: "susemanager-tools-4.1.21-3.11.6.s390x", product_id: "susemanager-tools-4.1.21-3.11.6.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "spacewalk-branding-4.1.11-3.9.6.x86_64", product: { name: "spacewalk-branding-4.1.11-3.9.6.x86_64", product_id: "spacewalk-branding-4.1.11-3.9.6.x86_64", }, }, { category: "product_version", name: "spacewalk-branding-devel-4.1.11-3.9.6.x86_64", product: { name: "spacewalk-branding-devel-4.1.11-3.9.6.x86_64", product_id: "spacewalk-branding-devel-4.1.11-3.9.6.x86_64", }, }, { category: "product_version", name: "susemanager-4.1.21-3.11.6.x86_64", product: { name: "susemanager-4.1.21-3.11.6.x86_64", product_id: "susemanager-4.1.21-3.11.6.x86_64", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.x86_64", product: { name: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.x86_64", product_id: "susemanager-nodejs-sdk-devel-4.1.8-3.9.5.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.1.21-3.11.6.x86_64", product: { name: "susemanager-tools-4.1.21-3.11.6.x86_64", product_id: "susemanager-tools-4.1.21-3.11.6.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy Module 4.1", product: { name: "SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.1", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.1", product: { name: "SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.1.3-2.6.3.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", }, product_reference: "mgr-daemon-4.1.3-2.6.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", }, product_reference: "python3-spacewalk-check-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", }, product_reference: "python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", }, product_reference: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-4.9.2.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", }, product_reference: "spacecmd-4.1.8-4.9.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.1.16-4.11.5.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.1.19-3.9.5.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-base-minimal-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", }, product_reference: "spacewalk-check-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", }, product_reference: "spacewalk-client-setup-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-4.6.4.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", }, product_reference: "spacewalk-client-tools-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.2.2-3.6.3.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", }, product_reference: "susemanager-build-keys-15.2.2-3.6.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.2.2-3.6.3.noarch as component of SUSE Manager Proxy Module 4.1", product_id: "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", }, product_reference: "susemanager-build-keys-web-15.2.2-3.6.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.1", }, { category: "default_component_of", full_product_name: { name: "bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", }, product_reference: "bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "grafana-formula-0.3.0-3.3.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", }, product_reference: "grafana-formula-0.3.0-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", }, product_reference: "image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "prometheus-exporters-formula-0.8.0-3.16.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", }, product_reference: "prometheus-exporters-formula-0.8.0-3.16.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "prometheus-formula-0.3.0-3.3.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", }, product_reference: "prometheus-formula-0.3.0-3.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", }, product_reference: "pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "py26-compat-salt-2016.11.10-6.3.3.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", }, product_reference: "py26-compat-salt-2016.11.10-6.3.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", }, product_reference: "python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", }, product_reference: "python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "salt-netapi-client-0.18.0-15.7.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", }, product_reference: "salt-netapi-client-0.18.0-15.7.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", }, product_reference: "saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.1.8-4.9.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", }, product_reference: "spacecmd-4.1.8-4.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.1.7-3.6.3.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", }, product_reference: "spacewalk-admin-4.1.7-3.6.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-app-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-applet-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-config-files-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-iss-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-server-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-sql-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-tools-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.1.19-3.9.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-base-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.1.19-3.9.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-base-minimal-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-branding-4.1.11-3.9.6.ppc64le as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", }, product_reference: "spacewalk-branding-4.1.11-3.9.6.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-branding-4.1.11-3.9.6.s390x as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", }, product_reference: "spacewalk-branding-4.1.11-3.9.6.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-branding-4.1.11-3.9.6.x86_64 as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", }, product_reference: "spacewalk-branding-4.1.11-3.9.6.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.1.7-4.6.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", }, product_reference: "spacewalk-client-tools-4.1.7-4.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.1.19-3.9.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", }, product_reference: "spacewalk-html-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.1.22-3.16.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", }, product_reference: "spacewalk-java-4.1.22-3.16.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.1.22-3.16.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", }, product_reference: "spacewalk-java-config-4.1.22-3.16.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.1.22-3.16.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", }, product_reference: "spacewalk-java-lib-4.1.22-3.16.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.1.22-3.16.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", }, product_reference: "spacewalk-java-postgresql-4.1.22-3.16.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-search-4.1.3-3.3.7.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", }, product_reference: "spacewalk-search-4.1.3-3.3.7.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.1.22-3.16.4.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", }, product_reference: "spacewalk-taskomatic-4.1.22-3.16.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.1.21-3.11.6.ppc64le as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", }, product_reference: "susemanager-4.1.21-3.11.6.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.1.21-3.11.6.s390x as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", }, product_reference: "susemanager-4.1.21-3.11.6.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.1.21-3.11.6.x86_64 as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", }, product_reference: "susemanager-4.1.21-3.11.6.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.2.2-3.6.3.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", }, product_reference: "susemanager-build-keys-15.2.2-3.6.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.2.2-3.6.3.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", }, product_reference: "susemanager-build-keys-web-15.2.2-3.6.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-doc-indexes-4.1-11.17.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", }, product_reference: "susemanager-doc-indexes-4.1-11.17.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.1-11.17.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", }, product_reference: "susemanager-docs_en-4.1-11.17.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.1-11.17.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", }, product_reference: "susemanager-docs_en-pdf-4.1-11.17.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", }, product_reference: "susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.1.15-3.11.2.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", }, product_reference: "susemanager-schema-4.1.15-3.11.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.1.17-3.13.6.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", }, product_reference: "susemanager-sls-4.1.17-3.13.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.1.21-3.11.6.ppc64le as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", }, product_reference: "susemanager-tools-4.1.21-3.11.6.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.1.21-3.11.6.s390x as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", }, product_reference: "susemanager-tools-4.1.21-3.11.6.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.1.21-3.11.6.x86_64 as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", }, product_reference: "susemanager-tools-4.1.21-3.11.6.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "susemanager-web-libs-4.1.19-3.9.5.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", }, product_reference: "susemanager-web-libs-4.1.19-3.9.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.1.17-3.13.6.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", }, product_reference: "uyuni-config-modules-4.1.17-3.13.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-15168", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-15168", }, ], notes: [ { category: "general", text: "node-fetch before versions 2.6.1 and 3.0.0-beta.9 did not honor the size option after following a redirect, which means that when a content size was over the limit, a FetchError would never get thrown and the process would end without failure. For most people, this fix will have a little or no impact. However, if you are relying on node-fetch to gate files above a size, the impact could be significant, for example: If you don't double-check the size of the data after fetch() has completed, your JS thread could get tied up doing work on a large file (DoS) and/or cost you money in computing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-15168", url: "https://www.suse.com/security/cve/CVE-2020-15168", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:55:37Z", details: "moderate", }, ], title: "CVE-2020-15168", }, { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:55:37Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:55:37Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.1:mgr-daemon-4.1.3-2.6.3.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-check-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-setup-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Proxy Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:bind-formula-0.1.1603299886.60e4bcf-3.3.2.noarch", "SUSE Manager Server Module 4.1:grafana-formula-0.3.0-3.3.2.noarch", "SUSE Manager Server Module 4.1:image-sync-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:prometheus-exporters-formula-0.8.0-3.16.2.noarch", "SUSE Manager Server Module 4.1:prometheus-formula-0.3.0-3.3.1.noarch", "SUSE Manager Server Module 4.1:pxe-formula-0.1.1602490840.4f32148-3.3.2.noarch", "SUSE Manager Server Module 4.1:py26-compat-salt-2016.11.10-6.3.3.noarch", "SUSE Manager Server Module 4.1:python3-spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:python3-susemanager-retail-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:salt-netapi-client-0.18.0-15.7.5.noarch", "SUSE Manager Server Module 4.1:saltboot-formula-0.1.1602150122.f08af0a-3.6.2.noarch", "SUSE Manager Server Module 4.1:spacecmd-4.1.8-4.9.2.noarch", "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.7-3.6.3.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-app-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-applet-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-common-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-config-files-tool-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-iss-export-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-package-push-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-server-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-sql-postgresql-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-tools-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xml-export-libs-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-backend-xmlrpc-4.1.16-4.11.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-base-minimal-config-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.ppc64le", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.s390x", "SUSE Manager Server Module 4.1:spacewalk-branding-4.1.11-3.9.6.x86_64", "SUSE Manager Server Module 4.1:spacewalk-client-tools-4.1.7-4.6.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-html-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:spacewalk-search-4.1.3-3.3.7.noarch", "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.22-3.16.4.noarch", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-build-keys-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-build-keys-web-15.2.2-3.6.3.noarch", "SUSE Manager Server Module 4.1:susemanager-doc-indexes-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-docs_en-pdf-4.1-11.17.1.noarch", "SUSE Manager Server Module 4.1:susemanager-retail-tools-1.0.1602150122.f08af0a-3.3.2.noarch", "SUSE Manager Server Module 4.1:susemanager-schema-4.1.15-3.11.2.noarch", "SUSE Manager Server Module 4.1:susemanager-sls-4.1.17-3.13.6.noarch", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.ppc64le", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.s390x", "SUSE Manager Server Module 4.1:susemanager-tools-4.1.21-3.11.6.x86_64", "SUSE Manager Server Module 4.1:susemanager-web-libs-4.1.19-3.9.5.noarch", "SUSE Manager Server Module 4.1:uyuni-config-modules-4.1.17-3.13.6.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:55:37Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3171-1
Vulnerability from csaf_suse
Published
2020-11-05 13:43
Modified
2020-11-05 13:43
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Fix for CVE-2020-25592 (bsc#1178319), CVE-2020-16846, (bsc#1178361), and CVE-2020-17490 (bsc#1178362).
Patchnames
SUSE-2020-3171,SUSE-Storage-5-2020-3171
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for salt", title: "Title of the patch", }, { category: "description", text: "This update for salt fixes the following issues:\n\n- Fix for CVE-2020-25592 (bsc#1178319), CVE-2020-16846, (bsc#1178361), and CVE-2020-17490 (bsc#1178362).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3171,SUSE-Storage-5-2020-3171", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3171-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3171-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203171-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3171-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007705.html", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for salt", tracking: { current_release_date: "2020-11-05T13:43:04Z", generator: { date: "2020-11-05T13:43:04Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3171-1", initial_release_date: "2020-11-05T13:43:04Z", revision_history: [ { date: "2020-11-05T13:43:04Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.aarch64", product: { name: "salt-2016.11.4-48.13.1.aarch64", product_id: "salt-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.aarch64", product: { name: "salt-api-2016.11.4-48.13.1.aarch64", product_id: "salt-api-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.aarch64", product: { name: "salt-cloud-2016.11.4-48.13.1.aarch64", product_id: "salt-cloud-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.aarch64", product: { name: "salt-doc-2016.11.4-48.13.1.aarch64", product_id: "salt-doc-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.aarch64", product: { name: "salt-master-2016.11.4-48.13.1.aarch64", product_id: "salt-master-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.aarch64", product: { name: "salt-minion-2016.11.4-48.13.1.aarch64", product_id: "salt-minion-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.aarch64", product: { name: "salt-proxy-2016.11.4-48.13.1.aarch64", product_id: "salt-proxy-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.aarch64", product: { name: "salt-ssh-2016.11.4-48.13.1.aarch64", product_id: "salt-ssh-2016.11.4-48.13.1.aarch64", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.aarch64", product: { name: "salt-syndic-2016.11.4-48.13.1.aarch64", product_id: "salt-syndic-2016.11.4-48.13.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.i586", product: { name: "salt-2016.11.4-48.13.1.i586", product_id: "salt-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.i586", product: { name: "salt-api-2016.11.4-48.13.1.i586", product_id: "salt-api-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.i586", product: { name: "salt-cloud-2016.11.4-48.13.1.i586", product_id: "salt-cloud-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.i586", product: { name: "salt-doc-2016.11.4-48.13.1.i586", product_id: "salt-doc-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.i586", product: { name: "salt-master-2016.11.4-48.13.1.i586", product_id: "salt-master-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.i586", product: { name: "salt-minion-2016.11.4-48.13.1.i586", product_id: "salt-minion-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.i586", product: { name: "salt-proxy-2016.11.4-48.13.1.i586", product_id: "salt-proxy-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.i586", product: { name: "salt-ssh-2016.11.4-48.13.1.i586", product_id: "salt-ssh-2016.11.4-48.13.1.i586", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.i586", product: { name: "salt-syndic-2016.11.4-48.13.1.i586", product_id: "salt-syndic-2016.11.4-48.13.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "salt-bash-completion-2016.11.4-48.13.1.noarch", product: { name: "salt-bash-completion-2016.11.4-48.13.1.noarch", product_id: "salt-bash-completion-2016.11.4-48.13.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-2016.11.4-48.13.1.noarch", product: { name: "salt-fish-completion-2016.11.4-48.13.1.noarch", product_id: "salt-fish-completion-2016.11.4-48.13.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-2016.11.4-48.13.1.noarch", product: { name: "salt-zsh-completion-2016.11.4-48.13.1.noarch", product_id: "salt-zsh-completion-2016.11.4-48.13.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.ppc64le", product: { name: "salt-2016.11.4-48.13.1.ppc64le", product_id: "salt-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.ppc64le", product: { name: "salt-api-2016.11.4-48.13.1.ppc64le", product_id: "salt-api-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.ppc64le", product: { name: "salt-cloud-2016.11.4-48.13.1.ppc64le", product_id: "salt-cloud-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.ppc64le", product: { name: "salt-doc-2016.11.4-48.13.1.ppc64le", product_id: "salt-doc-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.ppc64le", product: { name: "salt-master-2016.11.4-48.13.1.ppc64le", product_id: "salt-master-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.ppc64le", product: { name: "salt-minion-2016.11.4-48.13.1.ppc64le", product_id: "salt-minion-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.ppc64le", product: { name: "salt-proxy-2016.11.4-48.13.1.ppc64le", product_id: "salt-proxy-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.ppc64le", product: { name: "salt-ssh-2016.11.4-48.13.1.ppc64le", product_id: "salt-ssh-2016.11.4-48.13.1.ppc64le", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.ppc64le", product: { name: "salt-syndic-2016.11.4-48.13.1.ppc64le", product_id: "salt-syndic-2016.11.4-48.13.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.s390", product: { name: "salt-2016.11.4-48.13.1.s390", product_id: "salt-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.s390", product: { name: "salt-api-2016.11.4-48.13.1.s390", product_id: "salt-api-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.s390", product: { name: "salt-cloud-2016.11.4-48.13.1.s390", product_id: "salt-cloud-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.s390", product: { name: "salt-doc-2016.11.4-48.13.1.s390", product_id: "salt-doc-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.s390", product: { name: "salt-master-2016.11.4-48.13.1.s390", product_id: "salt-master-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.s390", product: { name: "salt-minion-2016.11.4-48.13.1.s390", product_id: "salt-minion-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.s390", product: { name: "salt-proxy-2016.11.4-48.13.1.s390", product_id: "salt-proxy-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.s390", product: { name: "salt-ssh-2016.11.4-48.13.1.s390", product_id: "salt-ssh-2016.11.4-48.13.1.s390", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.s390", product: { name: "salt-syndic-2016.11.4-48.13.1.s390", product_id: "salt-syndic-2016.11.4-48.13.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.s390x", product: { name: "salt-2016.11.4-48.13.1.s390x", product_id: "salt-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.s390x", product: { name: "salt-api-2016.11.4-48.13.1.s390x", product_id: "salt-api-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.s390x", product: { name: "salt-cloud-2016.11.4-48.13.1.s390x", product_id: "salt-cloud-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.s390x", product: { name: "salt-doc-2016.11.4-48.13.1.s390x", product_id: "salt-doc-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.s390x", product: { name: "salt-master-2016.11.4-48.13.1.s390x", product_id: "salt-master-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.s390x", product: { name: "salt-minion-2016.11.4-48.13.1.s390x", product_id: "salt-minion-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.s390x", product: { name: "salt-proxy-2016.11.4-48.13.1.s390x", product_id: "salt-proxy-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.s390x", product: { name: "salt-ssh-2016.11.4-48.13.1.s390x", product_id: "salt-ssh-2016.11.4-48.13.1.s390x", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.s390x", product: { name: "salt-syndic-2016.11.4-48.13.1.s390x", product_id: "salt-syndic-2016.11.4-48.13.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "salt-2016.11.4-48.13.1.x86_64", product: { name: "salt-2016.11.4-48.13.1.x86_64", product_id: "salt-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-api-2016.11.4-48.13.1.x86_64", product: { name: "salt-api-2016.11.4-48.13.1.x86_64", product_id: "salt-api-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-2016.11.4-48.13.1.x86_64", product: { name: "salt-cloud-2016.11.4-48.13.1.x86_64", product_id: "salt-cloud-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-doc-2016.11.4-48.13.1.x86_64", product: { name: "salt-doc-2016.11.4-48.13.1.x86_64", product_id: "salt-doc-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-master-2016.11.4-48.13.1.x86_64", product: { name: "salt-master-2016.11.4-48.13.1.x86_64", product_id: "salt-master-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-minion-2016.11.4-48.13.1.x86_64", product: { name: "salt-minion-2016.11.4-48.13.1.x86_64", product_id: "salt-minion-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-2016.11.4-48.13.1.x86_64", product: { name: "salt-proxy-2016.11.4-48.13.1.x86_64", product_id: "salt-proxy-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-2016.11.4-48.13.1.x86_64", product: { name: "salt-ssh-2016.11.4-48.13.1.x86_64", product_id: "salt-ssh-2016.11.4-48.13.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-2016.11.4-48.13.1.x86_64", product: { name: "salt-syndic-2016.11.4-48.13.1.x86_64", product_id: "salt-syndic-2016.11.4-48.13.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Enterprise Storage 5", product: { name: "SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5", product_identification_helper: { cpe: "cpe:/o:suse:ses:5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "salt-2016.11.4-48.13.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", }, product_reference: "salt-2016.11.4-48.13.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-2016.11.4-48.13.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", }, product_reference: "salt-2016.11.4-48.13.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-api-2016.11.4-48.13.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", }, product_reference: "salt-api-2016.11.4-48.13.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-api-2016.11.4-48.13.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", }, product_reference: "salt-api-2016.11.4-48.13.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-master-2016.11.4-48.13.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", }, product_reference: "salt-master-2016.11.4-48.13.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-master-2016.11.4-48.13.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", }, product_reference: "salt-master-2016.11.4-48.13.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.4-48.13.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", }, product_reference: "salt-minion-2016.11.4-48.13.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "salt-minion-2016.11.4-48.13.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", }, product_reference: "salt-minion-2016.11.4-48.13.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:43:04Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:43:04Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-api-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-master-2016.11.4-48.13.1.x86_64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.aarch64", "SUSE Enterprise Storage 5:salt-minion-2016.11.4-48.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:43:04Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3243-1
Vulnerability from csaf_suse
Published
2020-11-06 15:57
Modified
2020-11-06 15:57
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value.
- Do not break package building for systemd OSes.
- Drop wrong mock from chroot unit test.
- Support systemd versions with dot. (bsc#1176294)
- Fix for grains.test_core unit test.
- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)
- Several changes to virtualization:
* Fix virt update when cpu and memory are changed.
* Memory Tuning GSoC.
* Properly fix memory setting regression in virt.update.
* Expose libvirt on_reboot in virt states.
- Support transactional systems (MicroOS).
- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests
Patchnames
SUSE-2020-3243,SUSE-SLE-Module-Basesystem-15-SP1-2020-3243,SUSE-SLE-Module-Python2-15-SP1-2020-3243,SUSE-SLE-Module-Server-Applications-15-SP1-2020-3243
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for salt", title: "Title of the patch", }, { category: "description", text: "This update for salt fixes the following issues:\n\n- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value.\n- Do not break package building for systemd OSes.\n- Drop wrong mock from chroot unit test.\n- Support systemd versions with dot. (bsc#1176294)\n- Fix for grains.test_core unit test.\n- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)\n- Several changes to virtualization:\n * Fix virt update when cpu and memory are changed.\n * Memory Tuning GSoC.\n * Properly fix memory setting regression in virt.update.\n * Expose libvirt on_reboot in virt states.\n- Support transactional systems (MicroOS).\n- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3243,SUSE-SLE-Module-Basesystem-15-SP1-2020-3243,SUSE-SLE-Module-Python2-15-SP1-2020-3243,SUSE-SLE-Module-Server-Applications-15-SP1-2020-3243", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3243-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3243-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203243-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3243-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007724.html", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE Bug 1178485", url: "https://bugzilla.suse.com/1178485", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for salt", tracking: { current_release_date: "2020-11-06T15:57:55Z", generator: { date: "2020-11-06T15:57:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3243-1", initial_release_date: "2020-11-06T15:57:55Z", revision_history: [ { date: "2020-11-06T15:57:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "python2-salt-3000-6.51.1.aarch64", product: { name: "python2-salt-3000-6.51.1.aarch64", product_id: "python2-salt-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "python3-salt-3000-6.51.1.aarch64", product: { name: "python3-salt-3000-6.51.1.aarch64", product_id: "python3-salt-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-3000-6.51.1.aarch64", product: { name: "salt-3000-6.51.1.aarch64", product_id: "salt-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-api-3000-6.51.1.aarch64", product: { name: "salt-api-3000-6.51.1.aarch64", product_id: "salt-api-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-cloud-3000-6.51.1.aarch64", product: { name: "salt-cloud-3000-6.51.1.aarch64", product_id: "salt-cloud-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-doc-3000-6.51.1.aarch64", product: { name: "salt-doc-3000-6.51.1.aarch64", product_id: "salt-doc-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-master-3000-6.51.1.aarch64", product: { name: "salt-master-3000-6.51.1.aarch64", product_id: "salt-master-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-minion-3000-6.51.1.aarch64", product: { name: "salt-minion-3000-6.51.1.aarch64", product_id: "salt-minion-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-proxy-3000-6.51.1.aarch64", product: { name: "salt-proxy-3000-6.51.1.aarch64", product_id: "salt-proxy-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-ssh-3000-6.51.1.aarch64", product: { name: "salt-ssh-3000-6.51.1.aarch64", product_id: "salt-ssh-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-6.51.1.aarch64", product: { name: "salt-standalone-formulas-configuration-3000-6.51.1.aarch64", product_id: "salt-standalone-formulas-configuration-3000-6.51.1.aarch64", }, }, { category: "product_version", name: "salt-syndic-3000-6.51.1.aarch64", product: { name: "salt-syndic-3000-6.51.1.aarch64", product_id: "salt-syndic-3000-6.51.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "python2-salt-3000-6.51.1.i586", product: { name: "python2-salt-3000-6.51.1.i586", product_id: "python2-salt-3000-6.51.1.i586", }, }, { category: "product_version", name: "python3-salt-3000-6.51.1.i586", product: { name: "python3-salt-3000-6.51.1.i586", product_id: "python3-salt-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-3000-6.51.1.i586", product: { name: "salt-3000-6.51.1.i586", product_id: "salt-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-api-3000-6.51.1.i586", product: { name: "salt-api-3000-6.51.1.i586", product_id: "salt-api-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-cloud-3000-6.51.1.i586", product: { name: "salt-cloud-3000-6.51.1.i586", product_id: "salt-cloud-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-doc-3000-6.51.1.i586", product: { name: "salt-doc-3000-6.51.1.i586", product_id: "salt-doc-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-master-3000-6.51.1.i586", product: { name: "salt-master-3000-6.51.1.i586", product_id: "salt-master-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-minion-3000-6.51.1.i586", product: { name: "salt-minion-3000-6.51.1.i586", product_id: "salt-minion-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-proxy-3000-6.51.1.i586", product: { name: "salt-proxy-3000-6.51.1.i586", product_id: "salt-proxy-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-ssh-3000-6.51.1.i586", product: { name: "salt-ssh-3000-6.51.1.i586", product_id: "salt-ssh-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-6.51.1.i586", product: { name: "salt-standalone-formulas-configuration-3000-6.51.1.i586", product_id: "salt-standalone-formulas-configuration-3000-6.51.1.i586", }, }, { category: "product_version", name: "salt-syndic-3000-6.51.1.i586", product: { name: "salt-syndic-3000-6.51.1.i586", product_id: "salt-syndic-3000-6.51.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "salt-bash-completion-3000-6.51.1.noarch", product: { name: "salt-bash-completion-3000-6.51.1.noarch", product_id: "salt-bash-completion-3000-6.51.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-6.51.1.noarch", product: { name: "salt-fish-completion-3000-6.51.1.noarch", product_id: "salt-fish-completion-3000-6.51.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-6.51.1.noarch", product: { name: "salt-zsh-completion-3000-6.51.1.noarch", product_id: "salt-zsh-completion-3000-6.51.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-6.51.1.ppc64le", product: { name: "python2-salt-3000-6.51.1.ppc64le", product_id: "python2-salt-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "python3-salt-3000-6.51.1.ppc64le", product: { name: "python3-salt-3000-6.51.1.ppc64le", product_id: "python3-salt-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-3000-6.51.1.ppc64le", product: { name: "salt-3000-6.51.1.ppc64le", product_id: "salt-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-api-3000-6.51.1.ppc64le", product: { name: "salt-api-3000-6.51.1.ppc64le", product_id: "salt-api-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-cloud-3000-6.51.1.ppc64le", product: { name: "salt-cloud-3000-6.51.1.ppc64le", product_id: "salt-cloud-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-doc-3000-6.51.1.ppc64le", product: { name: "salt-doc-3000-6.51.1.ppc64le", product_id: "salt-doc-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-master-3000-6.51.1.ppc64le", product: { name: "salt-master-3000-6.51.1.ppc64le", product_id: "salt-master-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-minion-3000-6.51.1.ppc64le", product: { name: "salt-minion-3000-6.51.1.ppc64le", product_id: "salt-minion-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-proxy-3000-6.51.1.ppc64le", product: { name: "salt-proxy-3000-6.51.1.ppc64le", product_id: "salt-proxy-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-ssh-3000-6.51.1.ppc64le", product: { name: "salt-ssh-3000-6.51.1.ppc64le", product_id: "salt-ssh-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", product: { name: "salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", product_id: "salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", }, }, { category: "product_version", name: "salt-syndic-3000-6.51.1.ppc64le", product: { name: "salt-syndic-3000-6.51.1.ppc64le", product_id: "salt-syndic-3000-6.51.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python2-salt-3000-6.51.1.s390x", product: { name: "python2-salt-3000-6.51.1.s390x", product_id: "python2-salt-3000-6.51.1.s390x", }, }, { category: "product_version", name: "python3-salt-3000-6.51.1.s390x", product: { name: "python3-salt-3000-6.51.1.s390x", product_id: "python3-salt-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-3000-6.51.1.s390x", product: { name: "salt-3000-6.51.1.s390x", product_id: "salt-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-api-3000-6.51.1.s390x", product: { name: "salt-api-3000-6.51.1.s390x", product_id: "salt-api-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-cloud-3000-6.51.1.s390x", product: { name: "salt-cloud-3000-6.51.1.s390x", product_id: "salt-cloud-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-doc-3000-6.51.1.s390x", product: { name: "salt-doc-3000-6.51.1.s390x", product_id: "salt-doc-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-master-3000-6.51.1.s390x", product: { name: "salt-master-3000-6.51.1.s390x", product_id: "salt-master-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-minion-3000-6.51.1.s390x", product: { name: "salt-minion-3000-6.51.1.s390x", product_id: "salt-minion-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-proxy-3000-6.51.1.s390x", product: { name: "salt-proxy-3000-6.51.1.s390x", product_id: "salt-proxy-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-ssh-3000-6.51.1.s390x", product: { name: "salt-ssh-3000-6.51.1.s390x", product_id: "salt-ssh-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-6.51.1.s390x", product: { name: "salt-standalone-formulas-configuration-3000-6.51.1.s390x", product_id: "salt-standalone-formulas-configuration-3000-6.51.1.s390x", }, }, { category: "product_version", name: "salt-syndic-3000-6.51.1.s390x", product: { name: "salt-syndic-3000-6.51.1.s390x", product_id: "salt-syndic-3000-6.51.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python2-salt-3000-6.51.1.x86_64", product: { name: "python2-salt-3000-6.51.1.x86_64", product_id: "python2-salt-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-6.51.1.x86_64", product: { name: "python3-salt-3000-6.51.1.x86_64", product_id: "python3-salt-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-3000-6.51.1.x86_64", product: { name: "salt-3000-6.51.1.x86_64", product_id: "salt-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-6.51.1.x86_64", product: { name: "salt-api-3000-6.51.1.x86_64", product_id: "salt-api-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-6.51.1.x86_64", product: { name: "salt-cloud-3000-6.51.1.x86_64", product_id: "salt-cloud-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-6.51.1.x86_64", product: { name: "salt-doc-3000-6.51.1.x86_64", product_id: "salt-doc-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-6.51.1.x86_64", product: { name: "salt-master-3000-6.51.1.x86_64", product_id: "salt-master-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-6.51.1.x86_64", product: { name: "salt-minion-3000-6.51.1.x86_64", product_id: "salt-minion-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-6.51.1.x86_64", product: { name: "salt-proxy-3000-6.51.1.x86_64", product_id: "salt-proxy-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-6.51.1.x86_64", product: { name: "salt-ssh-3000-6.51.1.x86_64", product_id: "salt-ssh-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-6.51.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-6.51.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-6.51.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-6.51.1.x86_64", product: { name: "salt-syndic-3000-6.51.1.x86_64", product_id: "salt-syndic-3000-6.51.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Python 2 15 SP1", product: { name: "SUSE Linux Enterprise Module for Python 2 15 SP1", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-python2:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python3-salt-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", }, product_reference: "python3-salt-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", }, product_reference: "python3-salt-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", }, product_reference: "python3-salt-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", }, product_reference: "python3-salt-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", }, product_reference: "salt-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", }, product_reference: "salt-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", }, product_reference: "salt-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", }, product_reference: "salt-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-6.51.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", }, product_reference: "salt-bash-completion-3000-6.51.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", }, product_reference: "salt-doc-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", }, product_reference: "salt-doc-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", }, product_reference: "salt-doc-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", }, product_reference: "salt-doc-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", }, product_reference: "salt-minion-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", }, product_reference: "salt-minion-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", }, product_reference: "salt-minion-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", }, product_reference: "salt-minion-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-6.51.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP1", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", }, product_reference: "salt-zsh-completion-3000-6.51.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Python 2 15 SP1", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", }, product_reference: "python2-salt-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Python 2 15 SP1", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", }, product_reference: "python2-salt-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Python 2 15 SP1", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", }, product_reference: "python2-salt-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP1", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Python 2 15 SP1", product_id: "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", }, product_reference: "python2-salt-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 2 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", }, product_reference: "salt-api-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", }, product_reference: "salt-api-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", }, product_reference: "salt-api-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", }, product_reference: "salt-api-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", }, product_reference: "salt-cloud-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", }, product_reference: "salt-cloud-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", }, product_reference: "salt-cloud-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", }, product_reference: "salt-cloud-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-6.51.1.noarch as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", }, product_reference: "salt-fish-completion-3000-6.51.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", }, product_reference: "salt-master-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", }, product_reference: "salt-master-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", }, product_reference: "salt-master-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", }, product_reference: "salt-master-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", }, product_reference: "salt-proxy-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", }, product_reference: "salt-proxy-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", }, product_reference: "salt-proxy-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", }, product_reference: "salt-proxy-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", }, product_reference: "salt-ssh-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", }, product_reference: "salt-ssh-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", }, product_reference: "salt-ssh-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", }, product_reference: "salt-ssh-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", }, product_reference: "salt-standalone-formulas-configuration-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", }, product_reference: "salt-standalone-formulas-configuration-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-6.51.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", }, product_reference: "salt-syndic-3000-6.51.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-6.51.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", }, product_reference: "salt-syndic-3000-6.51.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-6.51.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", }, product_reference: "salt-syndic-3000-6.51.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-6.51.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", }, product_reference: "salt-syndic-3000-6.51.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:57:55Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:57:55Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:python3-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-bash-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-doc-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-minion-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP1:salt-zsh-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Python 2 15 SP1:python2-salt-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-api-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-cloud-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-fish-completion-3000-6.51.1.noarch", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-master-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-proxy-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-ssh-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-standalone-formulas-configuration-3000-6.51.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:salt-syndic-3000-6.51.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:57:55Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
suse-su-2020:3245-1
Vulnerability from csaf_suse
Published
2020-11-06 15:58
Modified
2020-11-06 15:58
Summary
Security update for Salt
Notes
Title of the patch
Security update for Salt
Description of the patch
This update fixes the following issues:
salt:
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value
- Do not break package building for systemd OSes
- Drop wrong mock from chroot unit test
- Support systemd versions with dot (bsc#1176294)
- Fix for grains.test_core unit test
- Fix file/directory user and group ownership containing
UTF-8 characters (bsc#1176024)
- Several changes to virtualization:
- Fix virt update when cpu and memory are changed
- Memory Tuning GSoC
- Properly fix memory setting regression in virt.update
- Expose libvirt on_reboot in virt states
- Support transactional systems (MicroOS)
- Zypperpkg module ignores retcode 104 for search() (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding
file or block disk (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)
Patchnames
SUSE-2020-3245,SUSE-SLE-Manager-Tools-12-2020-3245,SUSE-SLE-Module-Adv-Systems-Management-12-2020-3245,SUSE-SLE-POS-12-SP2-2020-3245,SUSE-SUSE-Manager-Proxy-3.2-2020-3245,SUSE-SUSE-Manager-Server-3.2-2020-3245
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for Salt", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\nsalt:\n\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value\n- Do not break package building for systemd OSes\n- Drop wrong mock from chroot unit test\n- Support systemd versions with dot (bsc#1176294)\n- Fix for grains.test_core unit test\n- Fix file/directory user and group ownership containing\n UTF-8 characters (bsc#1176024)\n- Several changes to virtualization:\n - Fix virt update when cpu and memory are changed\n - Memory Tuning GSoC\n - Properly fix memory setting regression in virt.update\n - Expose libvirt on_reboot in virt states\n- Support transactional systems (MicroOS)\n- Zypperpkg module ignores retcode 104 for search() (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding\n file or block disk (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)\n\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-3245,SUSE-SLE-Manager-Tools-12-2020-3245,SUSE-SLE-Module-Adv-Systems-Management-12-2020-3245,SUSE-SLE-POS-12-SP2-2020-3245,SUSE-SUSE-Manager-Proxy-3.2-2020-3245,SUSE-SUSE-Manager-Server-3.2-2020-3245", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3245-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:3245-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20203245-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:3245-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007716.html", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE Bug 1178485", url: "https://bugzilla.suse.com/1178485", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for Salt", tracking: { current_release_date: "2020-11-06T15:58:56Z", generator: { date: "2020-11-06T15:58:56Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:3245-1", initial_release_date: "2020-11-06T15:58:56Z", revision_history: [ { date: "2020-11-06T15:58:56Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.aarch64", product: { name: "python2-salt-3000-46.114.1.aarch64", product_id: "python2-salt-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.aarch64", product: { name: "python3-salt-3000-46.114.1.aarch64", product_id: "python3-salt-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-3000-46.114.1.aarch64", product: { name: "salt-3000-46.114.1.aarch64", product_id: "salt-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.aarch64", product: { name: "salt-api-3000-46.114.1.aarch64", product_id: "salt-api-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.aarch64", product: { name: "salt-cloud-3000-46.114.1.aarch64", product_id: "salt-cloud-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.aarch64", product: { name: "salt-doc-3000-46.114.1.aarch64", product_id: "salt-doc-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.aarch64", product: { name: "salt-master-3000-46.114.1.aarch64", product_id: "salt-master-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.aarch64", product: { name: "salt-minion-3000-46.114.1.aarch64", product_id: "salt-minion-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.aarch64", product: { name: "salt-proxy-3000-46.114.1.aarch64", product_id: "salt-proxy-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.aarch64", product: { name: "salt-ssh-3000-46.114.1.aarch64", product_id: "salt-ssh-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.aarch64", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.aarch64", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.aarch64", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.aarch64", product: { name: "salt-syndic-3000-46.114.1.aarch64", product_id: "salt-syndic-3000-46.114.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.i586", product: { name: "python2-salt-3000-46.114.1.i586", product_id: "python2-salt-3000-46.114.1.i586", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.i586", product: { name: "python3-salt-3000-46.114.1.i586", product_id: "python3-salt-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-3000-46.114.1.i586", product: { name: "salt-3000-46.114.1.i586", product_id: "salt-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.i586", product: { name: "salt-api-3000-46.114.1.i586", product_id: "salt-api-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.i586", product: { name: "salt-cloud-3000-46.114.1.i586", product_id: "salt-cloud-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.i586", product: { name: "salt-doc-3000-46.114.1.i586", product_id: "salt-doc-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.i586", product: { name: "salt-master-3000-46.114.1.i586", product_id: "salt-master-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.i586", product: { name: "salt-minion-3000-46.114.1.i586", product_id: "salt-minion-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.i586", product: { name: "salt-proxy-3000-46.114.1.i586", product_id: "salt-proxy-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.i586", product: { name: "salt-ssh-3000-46.114.1.i586", product_id: "salt-ssh-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.i586", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.i586", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.i586", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.i586", product: { name: "salt-syndic-3000-46.114.1.i586", product_id: "salt-syndic-3000-46.114.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "salt-bash-completion-3000-46.114.1.noarch", product: { name: "salt-bash-completion-3000-46.114.1.noarch", product_id: "salt-bash-completion-3000-46.114.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-46.114.1.noarch", product: { name: "salt-fish-completion-3000-46.114.1.noarch", product_id: "salt-fish-completion-3000-46.114.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-46.114.1.noarch", product: { name: "salt-zsh-completion-3000-46.114.1.noarch", product_id: "salt-zsh-completion-3000-46.114.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.ppc64le", product: { name: "python2-salt-3000-46.114.1.ppc64le", product_id: "python2-salt-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.ppc64le", product: { name: "python3-salt-3000-46.114.1.ppc64le", product_id: "python3-salt-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-3000-46.114.1.ppc64le", product: { name: "salt-3000-46.114.1.ppc64le", product_id: "salt-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.ppc64le", product: { name: "salt-api-3000-46.114.1.ppc64le", product_id: "salt-api-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.ppc64le", product: { name: "salt-cloud-3000-46.114.1.ppc64le", product_id: "salt-cloud-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.ppc64le", product: { name: "salt-doc-3000-46.114.1.ppc64le", product_id: "salt-doc-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.ppc64le", product: { name: "salt-master-3000-46.114.1.ppc64le", product_id: "salt-master-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.ppc64le", product: { name: "salt-minion-3000-46.114.1.ppc64le", product_id: "salt-minion-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.ppc64le", product: { name: "salt-proxy-3000-46.114.1.ppc64le", product_id: "salt-proxy-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.ppc64le", product: { name: "salt-ssh-3000-46.114.1.ppc64le", product_id: "salt-ssh-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.ppc64le", product: { name: "salt-syndic-3000-46.114.1.ppc64le", product_id: "salt-syndic-3000-46.114.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.s390", product: { name: "python2-salt-3000-46.114.1.s390", product_id: "python2-salt-3000-46.114.1.s390", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.s390", product: { name: "python3-salt-3000-46.114.1.s390", product_id: "python3-salt-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-3000-46.114.1.s390", product: { name: "salt-3000-46.114.1.s390", product_id: "salt-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.s390", product: { name: "salt-api-3000-46.114.1.s390", product_id: "salt-api-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.s390", product: { name: "salt-cloud-3000-46.114.1.s390", product_id: "salt-cloud-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.s390", product: { name: "salt-doc-3000-46.114.1.s390", product_id: "salt-doc-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.s390", product: { name: "salt-master-3000-46.114.1.s390", product_id: "salt-master-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.s390", product: { name: "salt-minion-3000-46.114.1.s390", product_id: "salt-minion-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.s390", product: { name: "salt-proxy-3000-46.114.1.s390", product_id: "salt-proxy-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.s390", product: { name: "salt-ssh-3000-46.114.1.s390", product_id: "salt-ssh-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.s390", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.s390", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.s390", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.s390", product: { name: "salt-syndic-3000-46.114.1.s390", product_id: "salt-syndic-3000-46.114.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.s390x", product: { name: "python2-salt-3000-46.114.1.s390x", product_id: "python2-salt-3000-46.114.1.s390x", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.s390x", product: { name: "python3-salt-3000-46.114.1.s390x", product_id: "python3-salt-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-3000-46.114.1.s390x", product: { name: "salt-3000-46.114.1.s390x", product_id: "salt-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.s390x", product: { name: "salt-api-3000-46.114.1.s390x", product_id: "salt-api-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.s390x", product: { name: "salt-cloud-3000-46.114.1.s390x", product_id: "salt-cloud-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.s390x", product: { name: "salt-doc-3000-46.114.1.s390x", product_id: "salt-doc-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.s390x", product: { name: "salt-master-3000-46.114.1.s390x", product_id: "salt-master-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.s390x", product: { name: "salt-minion-3000-46.114.1.s390x", product_id: "salt-minion-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.s390x", product: { name: "salt-proxy-3000-46.114.1.s390x", product_id: "salt-proxy-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.s390x", product: { name: "salt-ssh-3000-46.114.1.s390x", product_id: "salt-ssh-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.s390x", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.s390x", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.s390x", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.s390x", product: { name: "salt-syndic-3000-46.114.1.s390x", product_id: "salt-syndic-3000-46.114.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "python2-salt-3000-46.114.1.x86_64", product: { name: "python2-salt-3000-46.114.1.x86_64", product_id: "python2-salt-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-46.114.1.x86_64", product: { name: "python3-salt-3000-46.114.1.x86_64", product_id: "python3-salt-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-3000-46.114.1.x86_64", product: { name: "salt-3000-46.114.1.x86_64", product_id: "salt-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-46.114.1.x86_64", product: { name: "salt-api-3000-46.114.1.x86_64", product_id: "salt-api-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-46.114.1.x86_64", product: { name: "salt-cloud-3000-46.114.1.x86_64", product_id: "salt-cloud-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-46.114.1.x86_64", product: { name: "salt-doc-3000-46.114.1.x86_64", product_id: "salt-doc-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-46.114.1.x86_64", product: { name: "salt-master-3000-46.114.1.x86_64", product_id: "salt-master-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-46.114.1.x86_64", product: { name: "salt-minion-3000-46.114.1.x86_64", product_id: "salt-minion-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-46.114.1.x86_64", product: { name: "salt-proxy-3000-46.114.1.x86_64", product_id: "salt-proxy-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-46.114.1.x86_64", product: { name: "salt-ssh-3000-46.114.1.x86_64", product_id: "salt-ssh-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-46.114.1.x86_64", product: { name: "salt-syndic-3000-46.114.1.x86_64", product_id: "salt-syndic-3000-46.114.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Client Tools 12", product: { name: "SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12", }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Advanced Systems Management 12", product: { name: "SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-adv-systems-management:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Point of Sale 12 SP2", product: { name: "SUSE Linux Enterprise Point of Sale 12 SP2", product_id: "SUSE Linux Enterprise Point of Sale 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sle-pos:12:sp2", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 3.2", product: { name: "SUSE Manager Proxy 3.2", product_id: "SUSE Manager Proxy 3.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:3.2", }, }, }, { category: "product_name", name: "SUSE Manager Server 3.2", product: { name: "SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:3.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", }, product_reference: "python2-salt-3000-46.114.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", }, product_reference: "python2-salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", }, product_reference: "python2-salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", }, product_reference: "python2-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", }, product_reference: "python3-salt-3000-46.114.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", }, product_reference: "python3-salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", }, product_reference: "python3-salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", }, product_reference: "python3-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", }, product_reference: "salt-3000-46.114.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", }, product_reference: "salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", }, product_reference: "salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", }, product_reference: "salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", }, product_reference: "salt-doc-3000-46.114.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", }, product_reference: "salt-doc-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", }, product_reference: "salt-doc-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", }, product_reference: "salt-doc-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.aarch64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", }, product_reference: "salt-minion-3000-46.114.1.aarch64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.ppc64le as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", }, product_reference: "salt-minion-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.s390x as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", }, product_reference: "salt-minion-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.x86_64 as component of SUSE Manager Client Tools 12", product_id: "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", }, product_reference: "salt-minion-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Client Tools 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", }, product_reference: "python2-salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", }, product_reference: "python2-salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", }, product_reference: "python2-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", }, product_reference: "salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", }, product_reference: "salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", }, product_reference: "salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", }, product_reference: "salt-api-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", }, product_reference: "salt-api-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", }, product_reference: "salt-api-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-46.114.1.noarch as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", }, product_reference: "salt-bash-completion-3000-46.114.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", }, product_reference: "salt-cloud-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", }, product_reference: "salt-cloud-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", }, product_reference: "salt-cloud-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", }, product_reference: "salt-doc-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", }, product_reference: "salt-doc-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", }, product_reference: "salt-doc-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", }, product_reference: "salt-master-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", }, product_reference: "salt-master-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", }, product_reference: "salt-master-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", }, product_reference: "salt-minion-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", }, product_reference: "salt-minion-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", }, product_reference: "salt-minion-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", }, product_reference: "salt-proxy-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", }, product_reference: "salt-proxy-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", }, product_reference: "salt-proxy-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", }, product_reference: "salt-ssh-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", }, product_reference: "salt-ssh-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", }, product_reference: "salt-ssh-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.ppc64le as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", }, product_reference: "salt-syndic-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.s390x as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", }, product_reference: "salt-syndic-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", }, product_reference: "salt-syndic-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-46.114.1.noarch as component of SUSE Linux Enterprise Module for Advanced Systems Management 12", product_id: "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", }, product_reference: "salt-zsh-completion-3000-46.114.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Advanced Systems Management 12", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Point of Sale 12 SP2", product_id: "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", }, product_reference: "python2-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 12 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Point of Sale 12 SP2", product_id: "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", }, product_reference: "salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 12 SP2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.x86_64 as component of SUSE Linux Enterprise Point of Sale 12 SP2", product_id: "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", }, product_reference: "salt-minion-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 12 SP2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.x86_64 as component of SUSE Manager Proxy 3.2", product_id: "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", }, product_reference: "python2-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 3.2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.x86_64 as component of SUSE Manager Proxy 3.2", product_id: "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", }, product_reference: "python3-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.x86_64 as component of SUSE Manager Proxy 3.2", product_id: "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", }, product_reference: "salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.x86_64 as component of SUSE Manager Proxy 3.2", product_id: "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", }, product_reference: "salt-minion-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 3.2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", }, product_reference: "python2-salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", }, product_reference: "python2-salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "python2-salt-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", }, product_reference: "python2-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", }, product_reference: "python3-salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", }, product_reference: "python3-salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", }, product_reference: "python3-salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", }, product_reference: "salt-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", }, product_reference: "salt-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", }, product_reference: "salt-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", }, product_reference: "salt-api-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", }, product_reference: "salt-api-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", }, product_reference: "salt-api-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-46.114.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", }, product_reference: "salt-bash-completion-3000-46.114.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", }, product_reference: "salt-cloud-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", }, product_reference: "salt-cloud-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", }, product_reference: "salt-cloud-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", }, product_reference: "salt-doc-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", }, product_reference: "salt-doc-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", }, product_reference: "salt-doc-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", }, product_reference: "salt-master-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", }, product_reference: "salt-master-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", }, product_reference: "salt-master-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", }, product_reference: "salt-minion-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", }, product_reference: "salt-minion-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", }, product_reference: "salt-minion-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", }, product_reference: "salt-proxy-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", }, product_reference: "salt-proxy-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", }, product_reference: "salt-proxy-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", }, product_reference: "salt-ssh-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", }, product_reference: "salt-ssh-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", }, product_reference: "salt-ssh-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.ppc64le as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", }, product_reference: "salt-syndic-3000-46.114.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.s390x as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", }, product_reference: "salt-syndic-3000-46.114.1.s390x", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-46.114.1.x86_64 as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", }, product_reference: "salt-syndic-3000-46.114.1.x86_64", relates_to_product_reference: "SUSE Manager Server 3.2", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-46.114.1.noarch as component of SUSE Manager Server 3.2", product_id: "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", }, product_reference: "salt-zsh-completion-3000-46.114.1.noarch", relates_to_product_reference: "SUSE Manager Server 3.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:56Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:56Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-api-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-bash-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-cloud-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-doc-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-master-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-minion-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-proxy-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-ssh-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.ppc64le", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.s390x", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-syndic-3000-46.114.1.x86_64", "SUSE Linux Enterprise Module for Advanced Systems Management 12:salt-zsh-completion-3000-46.114.1.noarch", "SUSE Linux Enterprise Point of Sale 12 SP2:python2-salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-3000-46.114.1.x86_64", "SUSE Linux Enterprise Point of Sale 12 SP2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.aarch64", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.s390x", "SUSE Manager Client Tools 12:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Proxy 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python2-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:python3-salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-api-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-bash-completion-3000-46.114.1.noarch", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-cloud-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-doc-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-master-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-minion-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-proxy-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-ssh-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-standalone-formulas-configuration-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.ppc64le", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.s390x", "SUSE Manager Server 3.2:salt-syndic-3000-46.114.1.x86_64", "SUSE Manager Server 3.2:salt-zsh-completion-3000-46.114.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-06T15:58:56Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
opensuse-su-2020:1868-1
Vulnerability from csaf_opensuse
Published
2020-11-07 09:55
Modified
2020-11-07 09:55
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value.
- Do not break package building for systemd OSes.
- Drop wrong mock from chroot unit test.
- Support systemd versions with dot. (bsc#1176294)
- Fix for grains.test_core unit test.
- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)
- Several changes to virtualization:
* Fix virt update when cpu and memory are changed.
* Memory Tuning GSoC.
* Properly fix memory setting regression in virt.update.
* Expose libvirt on_reboot in virt states.
- Support transactional systems (MicroOS).
- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2020-1868
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for salt", title: "Title of the patch", }, { category: "description", text: "This update for salt fixes the following issues:\n\n- Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string (bsc#1178485)\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value.\n- Do not break package building for systemd OSes.\n- Drop wrong mock from chroot unit test.\n- Support systemd versions with dot. (bsc#1176294)\n- Fix for grains.test_core unit test.\n- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)\n- Several changes to virtualization:\n * Fix virt update when cpu and memory are changed.\n * Memory Tuning GSoC.\n * Properly fix memory setting regression in virt.update.\n * Expose libvirt on_reboot in virt states.\n- Support transactional systems (MicroOS).\n- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding file or block disk. (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1868", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1868-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1868-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MB6DQ7QYY2NFKZFWBCHEOJR44RYJQMSN/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1868-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MB6DQ7QYY2NFKZFWBCHEOJR44RYJQMSN/", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE Bug 1178485", url: "https://bugzilla.suse.com/1178485", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for salt", tracking: { current_release_date: "2020-11-07T09:55:37Z", generator: { date: "2020-11-07T09:55:37Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1868-1", initial_release_date: "2020-11-07T09:55:37Z", revision_history: [ { date: "2020-11-07T09:55:37Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "salt-bash-completion-3000-lp151.5.30.1.noarch", product: { name: "salt-bash-completion-3000-lp151.5.30.1.noarch", product_id: "salt-bash-completion-3000-lp151.5.30.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-lp151.5.30.1.noarch", product: { name: "salt-fish-completion-3000-lp151.5.30.1.noarch", product_id: "salt-fish-completion-3000-lp151.5.30.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-lp151.5.30.1.noarch", product: { name: "salt-zsh-completion-3000-lp151.5.30.1.noarch", product_id: "salt-zsh-completion-3000-lp151.5.30.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-lp151.5.30.1.x86_64", product: { name: "python2-salt-3000-lp151.5.30.1.x86_64", product_id: "python2-salt-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-lp151.5.30.1.x86_64", product: { name: "python3-salt-3000-lp151.5.30.1.x86_64", product_id: "python3-salt-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-3000-lp151.5.30.1.x86_64", product: { name: "salt-3000-lp151.5.30.1.x86_64", product_id: "salt-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-lp151.5.30.1.x86_64", product: { name: "salt-api-3000-lp151.5.30.1.x86_64", product_id: "salt-api-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-lp151.5.30.1.x86_64", product: { name: "salt-cloud-3000-lp151.5.30.1.x86_64", product_id: "salt-cloud-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-lp151.5.30.1.x86_64", product: { name: "salt-doc-3000-lp151.5.30.1.x86_64", product_id: "salt-doc-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-lp151.5.30.1.x86_64", product: { name: "salt-master-3000-lp151.5.30.1.x86_64", product_id: "salt-master-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-lp151.5.30.1.x86_64", product: { name: "salt-minion-3000-lp151.5.30.1.x86_64", product_id: "salt-minion-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-lp151.5.30.1.x86_64", product: { name: "salt-proxy-3000-lp151.5.30.1.x86_64", product_id: "salt-proxy-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-lp151.5.30.1.x86_64", product: { name: "salt-ssh-3000-lp151.5.30.1.x86_64", product_id: "salt-ssh-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-lp151.5.30.1.x86_64", product: { name: "salt-syndic-3000-lp151.5.30.1.x86_64", product_id: "salt-syndic-3000-lp151.5.30.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python2-salt-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", }, product_reference: "python2-salt-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", }, product_reference: "python3-salt-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-api-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-lp151.5.30.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", }, product_reference: "salt-bash-completion-3000-lp151.5.30.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-cloud-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-doc-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-lp151.5.30.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", }, product_reference: "salt-fish-completion-3000-lp151.5.30.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-master-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-minion-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-proxy-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-ssh-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-lp151.5.30.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", }, product_reference: "salt-syndic-3000-lp151.5.30.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-lp151.5.30.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", }, product_reference: "salt-zsh-completion-3000-lp151.5.30.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-07T09:55:37Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-07T09:55:37Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:python2-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:python3-salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-api-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-bash-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-cloud-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-doc-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-fish-completion-3000-lp151.5.30.1.noarch", "openSUSE Leap 15.1:salt-master-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-minion-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-proxy-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-ssh-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-standalone-formulas-configuration-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-syndic-3000-lp151.5.30.1.x86_64", "openSUSE Leap 15.1:salt-zsh-completion-3000-lp151.5.30.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-07T09:55:37Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
opensuse-su-2020:1833-1
Vulnerability from csaf_opensuse
Published
2020-11-05 13:34
Modified
2020-11-05 13:34
Summary
Security update for salt
Notes
Title of the patch
Security update for salt
Description of the patch
This update for salt fixes the following issues:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)
- Ensure virt.update stop_on_reboot is updated with its default value.
- Do not break package building for systemd OSes.
- Drop wrong mock from chroot unit test.
- Support systemd versions with dot. (bsc#1176294)
- Fix for grains.test_core unit test.
- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)
- Several changes to virtualization:
* Fix virt update when cpu and memory are changed.
* Memory Tuning GSoC.
* Properly fix memory setting regression in virt.update.
* Expose libvirt on_reboot in virt states.
- Support transactional systems (MicroOS).
- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)
- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding
file or block disk. (bsc#1175987)
- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)
- Prevent import errors when running test_btrfs unit tests.
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patchnames
openSUSE-2020-1833
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for salt", title: "Title of the patch", }, { category: "description", text: "This update for salt fixes the following issues:\n\n- Properly validate eauth credentials and tokens on SSH calls made by Salt API \n (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)\n- Fix disk.blkid to avoid unexpected keyword argument '__pub_user'. (bsc#1177867)\n- Ensure virt.update stop_on_reboot is updated with its default value.\n- Do not break package building for systemd OSes.\n- Drop wrong mock from chroot unit test.\n- Support systemd versions with dot. (bsc#1176294)\n- Fix for grains.test_core unit test.\n- Fix file/directory user and group ownership containing UTF-8 characters. (bsc#1176024)\n- Several changes to virtualization:\n * Fix virt update when cpu and memory are changed.\n * Memory Tuning GSoC.\n * Properly fix memory setting regression in virt.update.\n * Expose libvirt on_reboot in virt states.\n- Support transactional systems (MicroOS).\n- zypperpkg module ignores retcode 104 for search(). (bsc#1159670)\n- Xen disk fixes. No longer generates volumes for Xen disks, but the corresponding\n file or block disk. (bsc#1175987)\n- Invalidate file list cache when cache file modified time is in the future. (bsc#1176397)\n- Prevent import errors when running test_btrfs unit tests.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2020-1833", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1833-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2020:1833-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W22H3YLCTB3S3UBN7YRWYRBMUPL5V5B/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2020:1833-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W22H3YLCTB3S3UBN7YRWYRBMUPL5V5B/", }, { category: "self", summary: "SUSE Bug 1159670", url: "https://bugzilla.suse.com/1159670", }, { category: "self", summary: "SUSE Bug 1175987", url: "https://bugzilla.suse.com/1175987", }, { category: "self", summary: "SUSE Bug 1176024", url: "https://bugzilla.suse.com/1176024", }, { category: "self", summary: "SUSE Bug 1176294", url: "https://bugzilla.suse.com/1176294", }, { category: "self", summary: "SUSE Bug 1176397", url: "https://bugzilla.suse.com/1176397", }, { category: "self", summary: "SUSE Bug 1177867", url: "https://bugzilla.suse.com/1177867", }, { category: "self", summary: "SUSE Bug 1178319", url: "https://bugzilla.suse.com/1178319", }, { category: "self", summary: "SUSE Bug 1178361", url: "https://bugzilla.suse.com/1178361", }, { category: "self", summary: "SUSE Bug 1178362", url: "https://bugzilla.suse.com/1178362", }, { category: "self", summary: "SUSE CVE CVE-2020-16846 page", url: "https://www.suse.com/security/cve/CVE-2020-16846/", }, { category: "self", summary: "SUSE CVE CVE-2020-17490 page", url: "https://www.suse.com/security/cve/CVE-2020-17490/", }, { category: "self", summary: "SUSE CVE CVE-2020-25592 page", url: "https://www.suse.com/security/cve/CVE-2020-25592/", }, ], title: "Security update for salt", tracking: { current_release_date: "2020-11-05T13:34:46Z", generator: { date: "2020-11-05T13:34:46Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2020:1833-1", initial_release_date: "2020-11-05T13:34:46Z", revision_history: [ { date: "2020-11-05T13:34:46Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "salt-bash-completion-3000-lp152.3.15.1.noarch", product: { name: "salt-bash-completion-3000-lp152.3.15.1.noarch", product_id: "salt-bash-completion-3000-lp152.3.15.1.noarch", }, }, { category: "product_version", name: "salt-fish-completion-3000-lp152.3.15.1.noarch", product: { name: "salt-fish-completion-3000-lp152.3.15.1.noarch", product_id: "salt-fish-completion-3000-lp152.3.15.1.noarch", }, }, { category: "product_version", name: "salt-zsh-completion-3000-lp152.3.15.1.noarch", product: { name: "salt-zsh-completion-3000-lp152.3.15.1.noarch", product_id: "salt-zsh-completion-3000-lp152.3.15.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "python2-salt-3000-lp152.3.15.1.x86_64", product: { name: "python2-salt-3000-lp152.3.15.1.x86_64", product_id: "python2-salt-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "python3-salt-3000-lp152.3.15.1.x86_64", product: { name: "python3-salt-3000-lp152.3.15.1.x86_64", product_id: "python3-salt-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-3000-lp152.3.15.1.x86_64", product: { name: "salt-3000-lp152.3.15.1.x86_64", product_id: "salt-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-api-3000-lp152.3.15.1.x86_64", product: { name: "salt-api-3000-lp152.3.15.1.x86_64", product_id: "salt-api-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-cloud-3000-lp152.3.15.1.x86_64", product: { name: "salt-cloud-3000-lp152.3.15.1.x86_64", product_id: "salt-cloud-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-doc-3000-lp152.3.15.1.x86_64", product: { name: "salt-doc-3000-lp152.3.15.1.x86_64", product_id: "salt-doc-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-master-3000-lp152.3.15.1.x86_64", product: { name: "salt-master-3000-lp152.3.15.1.x86_64", product_id: "salt-master-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-minion-3000-lp152.3.15.1.x86_64", product: { name: "salt-minion-3000-lp152.3.15.1.x86_64", product_id: "salt-minion-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-proxy-3000-lp152.3.15.1.x86_64", product: { name: "salt-proxy-3000-lp152.3.15.1.x86_64", product_id: "salt-proxy-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-ssh-3000-lp152.3.15.1.x86_64", product: { name: "salt-ssh-3000-lp152.3.15.1.x86_64", product_id: "salt-ssh-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", product: { name: "salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", product_id: "salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", }, }, { category: "product_version", name: "salt-syndic-3000-lp152.3.15.1.x86_64", product: { name: "salt-syndic-3000-lp152.3.15.1.x86_64", product_id: "salt-syndic-3000-lp152.3.15.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.2", product: { name: "openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "python2-salt-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", }, product_reference: "python2-salt-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "python3-salt-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", }, product_reference: "python3-salt-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-api-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-api-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-bash-completion-3000-lp152.3.15.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", }, product_reference: "salt-bash-completion-3000-lp152.3.15.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-cloud-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-cloud-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-doc-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-doc-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-fish-completion-3000-lp152.3.15.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", }, product_reference: "salt-fish-completion-3000-lp152.3.15.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-master-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-master-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-minion-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-minion-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-proxy-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-proxy-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-ssh-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-ssh-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-syndic-3000-lp152.3.15.1.x86_64 as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", }, product_reference: "salt-syndic-3000-lp152.3.15.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.2", }, { category: "default_component_of", full_product_name: { name: "salt-zsh-completion-3000-lp152.3.15.1.noarch as component of openSUSE Leap 15.2", product_id: "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", }, product_reference: "salt-zsh-completion-3000-lp152.3.15.1.noarch", relates_to_product_reference: "openSUSE Leap 15.2", }, ], }, vulnerabilities: [ { cve: "CVE-2020-16846", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-16846", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-16846", url: "https://www.suse.com/security/cve/CVE-2020-16846", }, { category: "external", summary: "SUSE Bug 1178361 for CVE-2020-16846", url: "https://bugzilla.suse.com/1178361", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:34:46Z", details: "critical", }, ], title: "CVE-2020-16846", }, { cve: "CVE-2020-17490", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-17490", }, ], notes: [ { category: "general", text: "The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-17490", url: "https://www.suse.com/security/cve/CVE-2020-17490", }, { category: "external", summary: "SUSE Bug 1178362 for CVE-2020-17490", url: "https://bugzilla.suse.com/1178362", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:34:46Z", details: "moderate", }, ], title: "CVE-2020-17490", }, { cve: "CVE-2020-25592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25592", }, ], notes: [ { category: "general", text: "In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25592", url: "https://www.suse.com/security/cve/CVE-2020-25592", }, { category: "external", summary: "SUSE Bug 1178319 for CVE-2020-25592", url: "https://bugzilla.suse.com/1178319", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.2:python2-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:python3-salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-api-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-bash-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-cloud-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-doc-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-fish-completion-3000-lp152.3.15.1.noarch", "openSUSE Leap 15.2:salt-master-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-minion-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-proxy-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-ssh-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-standalone-formulas-configuration-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-syndic-3000-lp152.3.15.1.x86_64", "openSUSE Leap 15.2:salt-zsh-completion-3000-lp152.3.15.1.noarch", ], }, ], threats: [ { category: "impact", date: "2020-11-05T13:34:46Z", details: "critical", }, ], title: "CVE-2020-25592", }, ], }
fkie_cve-2020-16846
Vulnerability from fkie_nvd
Published
2020-11-06 08:15
Modified
2025-03-14 17:28
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | * | |
| saltstack | salt | 3001 | |
| saltstack | salt | 3002 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 31 | |
| opensuse | leap | 15.1 |
{ cisaActionDue: "2022-05-03", cisaExploitAdd: "2021-11-03", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "SaltStack Salt Shell Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "0F9405E3-F2B0-41BA-A39D-61BB38475A59", versionEndExcluding: "2015.8.10", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "A35C23D3-82D4-46E7-BF08-9229C04C0C3D", versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B4741BD5-4C40-48BC-A2C1-E6AB33818201", versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "7D28A2B5-316A-45DC-AC85-A0F743C4B3C4", versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "17C96153-85C1-45DC-A48B-46A3900246E2", versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "B0A54497-D7E2-4A2C-9719-4D992B296498", versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "920C57AF-6E88-465A-83FA-AB947D4C6F0B", versionEndExcluding: "2016.11.6", versionStartIncluding: "2016.11.4", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "11D84847-0C8A-473A-9186-46FABD7BB59A", versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "C45ACC11-CA9B-4451-B6DD-BD784349CDE8", versionEndExcluding: "2017.7.4", versionStartIncluding: "2017.5.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "BD998745-FA62-4894-A4FC-767F0DE131B9", versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.7.5", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "9747884A-8B29-42C9-BF5E-5B6D883A78E3", versionEndExcluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "F7A2912C-7F48-465D-B7F2-93ECD0D0CB74", versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", matchCriteriaId: "D64191C4-C3D3-4615-B7D5-26ADA8BD7C7B", versionEndExcluding: "3000.3", versionStartIncluding: "3000.0", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*", matchCriteriaId: "74CAD70E-E77C-4010-B224-CEE3968CB6A2", vulnerable: true, }, { criteria: "cpe:2.3:a:saltstack:salt:3002:*:*:*:*:*:*:*", matchCriteriaId: "F5D7215A-820E-446C-844C-DC4C61BD1884", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, { lang: "es", value: "Se detectó un problema en SaltStack Salt versiones hasta 3002. El envío de peticiones web diseñadas a la Salt API, con el cliente SSH habilitado, puede resultar en una inyección shell", }, ], id: "CVE-2020-16846", lastModified: "2025-03-14T17:28:24.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2020-11-06T08:15:13.283", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/saltstack/salt/releases", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/saltstack/salt/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
gsd-2020-16846
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Aliases
Aliases
{ GSD: { alias: "CVE-2020-16846", description: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", id: "GSD-2020-16846", references: [ "https://www.suse.com/security/cve/CVE-2020-16846.html", "https://www.debian.org/security/2021/dsa-4837", "https://security.archlinux.org/CVE-2020-16846", "https://packetstormsecurity.com/files/cve/CVE-2020-16846", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2020-16846", ], details: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", id: "GSD-2020-16846", modified: "2023-12-13T01:21:45.997194Z", schema_version: "1.4.0", }, }, namespaces: { "cisa.gov": { cveID: "CVE-2020-16846", dateAdded: "2021-11-03", dueDate: "2022-05-03", product: "Salt", requiredAction: "Apply updates per vendor instructions.", shortDescription: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", vendorProject: "SaltStack", vulnerabilityName: "SaltStack Through 3002 Shell Injection Vulnerability", }, "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-16846", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/releases", refsource: "MISC", url: "https://github.com/saltstack/salt/releases", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202011-13", }, { name: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], }, }, "gitlab.com": { advisories: [ { affected_range: "<2015.8.13||>=2016.3.0,<2016.3.8||>=2016.11.0,<2016.11.10|| >=2017.5.0,<2017.7.8||>=2018.2.0,<2018.3.5||>=2019.2.0,<2019.2.5|| >=3000.0,<3000.3||==3001", affected_versions: "All versions before 2015.8.13, all versions starting from 2016.3.0 before 2016.3.8, all versions starting from 2016.11.0 before 2016.11.10, all versions starting from 2017.5.0 before 2017.7.8, all versions starting from 2018.2.0 before 2018.3.5, all versions starting from 2019.2.0 before 2019.2.5, all versions starting from 3000.0 before 3000.3, version 3001", cvss_v2: "AV:N/AC:L/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", cwe_ids: [ "CWE-1035", "CWE-937", ], date: "2021-07-21", description: "An issue was discovered in SaltStack Salt Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", fixed_versions: [ "2015.8.13", "2016.3.8", "2016.11.10", "2017.7.8", "2018.3.5", "2019.2.5", "3000.3", "3001.1", ], identifier: "CVE-2020-16846", identifiers: [ "CVE-2020-16846", ], not_impacted: "All versions starting from 2015.8.13 before 2016.3.0, all versions starting from 2016.3.8 before 2016.11.0, all versions starting from 2016.11.10 before 2017.5.0, all versions starting from 2017.7.8 before 2018.2.0, all versions starting from 2018.3.5 before 2019.2.0, all versions starting from 2019.2.5 before 3000.0, all versions starting from 3000.3 before 3001, all versions after 3001", package_slug: "pypi/salt", pubdate: "2020-11-06", solution: "Upgrade to versions 2015.8.13, 2016.3.8, 2016.11.10, 2017.7.8, 2018.3.5, 2019.2.5, 3000.3, 3001.1 or above.", title: "OS Command Injection", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2020-16846", "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", ], uuid: "da3b8aa1-41d7-47fc-a089-5655d7bbee95", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2015.8.10", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2015.8.13", versionStartIncluding: "2015.8.11", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.3.4", versionStartIncluding: "2016.3.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.3.6", versionStartIncluding: "2016.3.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.3.8", versionStartIncluding: "2016.3.7", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.11.3", versionStartIncluding: "2016.11.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.11.6", versionStartIncluding: "2016.11.4", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2016.11.10", versionStartIncluding: "2016.11.7", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2017.7.4", versionStartIncluding: "2017.5.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2017.7.8", versionStartIncluding: "2017.7.5", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2018.3.5", versionStartIncluding: "2018.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2019.2.5", versionStartIncluding: "2019.2.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3000.3", versionStartIncluding: "3000.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:saltstack:salt:3001:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-16846", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-78", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/saltstack/salt/releases", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://github.com/saltstack/salt/releases", }, { name: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { name: "FEDORA-2020-9e040bd6dd", refsource: "FEDORA", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { name: "openSUSE-SU-2020:1868", refsource: "SUSE", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { name: "GLSA-202011-13", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202011-13", }, { name: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", refsource: "MISC", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { name: "[debian-lts-announce] 20201204 [SECURITY] [DLA 2480-1] salt security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { name: "DSA-4837", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4837", }, { name: "[debian-lts-announce] 20220103 [SECURITY] [DLA 2480-2] salt regression update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, }, }, lastModifiedDate: "2022-02-22T10:09Z", publishedDate: "2020-11-06T08:15Z", }, }, }
pysec-2020-104
Vulnerability from pysec
Published
2020-11-06 08:15
Modified
2021-03-30 13:29
Details
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
Impacted products
| Name | purl |
|---|---|
| salt | pkg:pypi/salt |
Aliases
{ affected: [ { package: { ecosystem: "PyPI", name: "salt", purl: "pkg:pypi/salt", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "2015.8.10", }, { introduced: "2015.8.11", }, { fixed: "2015.8.13", }, { introduced: "2016.3.0", }, { fixed: "2016.3.4", }, { introduced: "2016.3.5", }, { fixed: "2016.3.6", }, { introduced: "2016.3.7", }, { fixed: "2016.3.8", }, { introduced: "2016.11.0", }, { fixed: "2016.11.3", }, { introduced: "2016.11.4", }, { fixed: "2016.11.6", }, { introduced: "2016.11.7", }, { fixed: "2016.11.10", }, { introduced: "2017.7.0", }, { fixed: "2017.7.4", }, { introduced: "2017.7.5", }, { fixed: "2017.7.8", }, { introduced: "2018.3.0rc1", }, { fixed: "2018.3.5", }, { introduced: "2019.2.0", }, { fixed: "2019.2.5", }, { introduced: "3000", }, { fixed: "3000.3", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.8.7", "0.8.9", "0.9.0", "0.9.1", "0.9.2", "0.9.3", "0.9.4", "0.9.5", "0.9.6", "0.9.7", "0.9.8", "0.9.9", "0.9.9.1", "0.10.0", "0.10.1", "0.10.2", "0.10.3", "0.10.4", "0.10.5", "0.11.0", "0.11.1", "0.12.0", "0.12.1", "0.13.0", "0.13.1", "0.13.2", "0.13.3", "0.14.0", "0.14.1", "0.15.0", "0.15.1", "0.15.2", "0.15.3", "0.15.90", "0.16.0", "0.16.1", "0.16.2", "0.16.3", "0.16.4", "0.17.0rc1", "0.17.0", "0.17.1", "0.17.2", "0.17.3", "0.17.4", "0.17.5", "2014.1.0rc1", "2014.1.0rc2", "2014.1.0rc3", "2014.1.0", "2014.1.1", "2014.1.2", "2014.1.3", "2014.1.4", "2014.1.5", "2014.1.6", "2014.1.7", "2014.1.8", "2014.1.9", "2014.1.10", "2014.1.11", "2014.1.12", "2014.1.13", "2014.7.0rc1", "2014.7.0rc2", "2014.7.0rc3", "2014.7.0rc4", "2014.7.0rc5", "2014.7.0rc6", "2014.7.0rc7", "2014.7.0", "2014.7.1", "2014.7.2", "2014.7.3", "2014.7.4", "2014.7.5", "2014.7.6", "2014.7.7", "2015.2.0rc1", "2015.2.0rc2", "2015.5.0", "2015.5.1", "2015.5.2", "2015.5.3", "2015.5.4", "2015.5.5", "2015.5.6", "2015.5.7", "2015.5.8", "2015.5.9", "2015.5.10", "2015.5.11", "2015.8.0rc1", "2015.8.0rc2", "2015.8.0rc3", "2015.8.0rc4", "2015.8.0rc5", "2015.8.0", "2015.8.1", "2015.8.2", "2015.8.3", "2015.8.4", "2015.8.5", "2015.8.7", "2015.8.8", "2015.8.8.2", "2015.8.9", "2015.8.11", "2015.8.12", "2016.3.0", "2016.3.1", "2016.3.2", "2016.3.3", "2016.3.5", "2016.3.7", "2016.11.0", "2016.11.1", "2016.11.2", "2016.11.4", "2016.11.5", "2016.11.7", "2016.11.8", "2016.11.9", "2017.7.0", "2017.7.1", "2017.7.2", "2017.7.3", "2017.7.5", "2017.7.6", "2017.7.7", "2018.3.0rc1", "2018.3.0", "2018.3.1", "2018.3.2", "2018.3.3", "2018.3.4", "2019.2.0", "2019.2.1", "2019.2.2", "2019.2.3", "2019.2.4", "3000", "3000.1", "3000.2", ], }, ], aliases: [ "CVE-2020-16846", ], details: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", id: "PYSEC-2020-104", modified: "2021-03-30T13:29:00Z", published: "2020-11-06T08:15:00Z", references: [ { type: "WEB", url: "https://github.com/saltstack/salt/releases", }, { type: "ARTICLE", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves/", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA/", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { type: "ADVISORY", url: "https://security.gentoo.org/glsa/202011-13", }, { type: "WEB", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, { type: "ADVISORY", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380/", }, { type: "ADVISORY", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379/", }, { type: "ADVISORY", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383/", }, { type: "ADVISORY", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381/", }, { type: "ADVISORY", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382/", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { type: "ADVISORY", url: "https://www.debian.org/security/2021/dsa-4837", }, ], }
ghsa-qr38-h96j-2j3w
Vulnerability from github
Published
2022-05-24 17:33
Modified
2024-10-22 14:53
Severity ?
Summary
SaltStack Salt Command Injection in netapi ssh client
Details
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
{ affected: [ { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "2015.8.13", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "2016.3.0", }, { fixed: "2016.3.8", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "2016.11.0", }, { fixed: "2016.11.10", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "2017.5.0", }, { fixed: "2017.7.8", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "2018.2.0", }, { fixed: "2018.3.5", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "2019.2.0", }, { fixed: "2019.2.6", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "3000.0", }, { fixed: "3000.4", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "3001", }, { fixed: "3001.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "salt", }, ranges: [ { events: [ { introduced: "3002", }, { fixed: "3002.1", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2020-16846", ], database_specific: { cwe_ids: [ "CWE-78", ], github_reviewed: true, github_reviewed_at: "2024-04-22T22:23:42Z", nvd_published_at: "2020-11-06T08:15:00Z", severity: "CRITICAL", }, details: "An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.", id: "GHSA-qr38-h96j-2j3w", modified: "2024-10-22T14:53:06Z", published: "2022-05-24T17:33:18Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-16846", }, { type: "WEB", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1383", }, { type: "WEB", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1382", }, { type: "WEB", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1381", }, { type: "WEB", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1380", }, { type: "WEB", url: "https://www.zerodayinitiative.com/advisories/ZDI-20-1379", }, { type: "WEB", url: "https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclosed-three-new-cves", }, { type: "WEB", url: "https://www.debian.org/security/2021/dsa-4837", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202011-13", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TPOGB2F6XUAIGFDTOCQDNB2VIXFXHWMA", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00000.html", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2020/12/msg00007.html", }, { type: "WEB", url: "https://github.com/saltstack/salt/releases", }, { type: "WEB", url: "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3002.1.rst#L12", }, { type: "WEB", url: "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3001.2.rst#L10", }, { type: "WEB", url: "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/3000.4.rst#L10", }, { type: "WEB", url: "https://github.com/saltstack/salt/blob/8f9405cf8e6f7d7776d5000841c886dec6d96250/doc/topics/releases/2019.2.6.rst#L10", }, { type: "PACKAGE", url: "https://github.com/saltstack/salt", }, { type: "WEB", url: "https://github.com/pypa/advisory-database/tree/main/vulns/salt/PYSEC-2020-104.yaml", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00029.html", }, { type: "WEB", url: "http://packetstormsecurity.com/files/160039/SaltStack-Salt-REST-API-Arbitrary-Command-Execution.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], summary: "SaltStack Salt Command Injection in netapi ssh client", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.