Bug 1181563 - (CVE-2021-25284) VUL-0: CVE-2021-25284: salt: Salt.modules.cmdmod can log credential to the “error” log level
(CVE-2021-25284)
VUL-0: CVE-2021-25284: salt: Salt.modules.cmdmod can log credential to the “e...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
:
Depends on:
Blocks: 1181550
  Show dependency treegraph
 
Reported: 2021-01-29 09:55 UTC by Alexander Bergmann
Modified: 2022-04-18 14:22 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Marcus Meissner 2021-02-02 06:38:04 UTC
CRD: 2021-02-04
Comment 6 Alexander Bergmann 2021-02-05 07:34:53 UTC
The public release was postponed.

https://saltproject.io/security_announcements/salt-feb-4th-cve-release-delayed/

New release date:

CRD: 2021-02-25 19:00 UTC
Comment 11 Swamp Workflow Management 2021-02-26 14:17:35 UTC
SUSE-RU-2021:0632-1: An update that solves 10 vulnerabilities and has one errata is now available.

Category: recommended (moderate)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    release-notes-susemanager-4.0.12.1-3.68.1
SUSE Manager Retail Branch Server 4.0 (src):    release-notes-susemanager-proxy-4.0.12.1-0.16.52.1
SUSE Manager Proxy 4.0 (src):    release-notes-susemanager-proxy-4.0.12.1-0.16.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2021-02-26 14:20:06 UTC
SUSE-SU-2021:0624-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (src):    py26-compat-salt-2016.11.10-6.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2021-02-26 14:23:50 UTC
SUSE-SU-2021:14650-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS (src):    salt-2016.11.10-43.69.1
SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS (src):    salt-2016.11.10-43.69.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2021-02-26 14:29:45 UTC
SUSE-SU-2021:0626-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for SUSE Manager Server 4.0 (src):    py26-compat-salt-2016.11.10-10.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Swamp Workflow Management 2021-02-26 14:34:11 UTC
SUSE-RU-2021:0633-1: An update that solves 10 vulnerabilities and has one errata is now available.

Category: recommended (moderate)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    release-notes-susemanager-4.1.5.1-3.38.1
SUSE Manager Retail Branch Server 4.1 (src):    release-notes-susemanager-proxy-4.1.5.1-3.26.1
SUSE Manager Proxy 4.1 (src):    release-notes-susemanager-proxy-4.1.5.1-3.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2021-02-26 14:36:44 UTC
SUSE-SU-2021:0619-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2021-02-26 14:40:15 UTC
SUSE-SU-2021:0628-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    salt-3000-5.106.1
SUSE Linux Enterprise Server 15-LTSS (src):    salt-3000-5.106.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    salt-3000-5.106.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    salt-3000-5.106.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2021-02-26 14:45:07 UTC
SUSE-SU-2021:0625-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2021-02-26 14:48:38 UTC
SUSE-SU-2021:0630-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP2 (src):    salt-3000-24.1
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    salt-3000-24.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    salt-3000-24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2021-02-26 14:51:21 UTC
SUSE-SU-2021:14647-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2021-02-26 14:55:07 UTC
SUSE-SU-2021:14649-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2021-02-26 15:00:10 UTC
SUSE-SU-2021:0631-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    salt-3000-24.1
SUSE Manager Retail Branch Server 4.0 (src):    salt-3000-24.1
SUSE Manager Proxy 4.0 (src):    salt-3000-24.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    salt-3000-24.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    salt-3000-24.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    salt-3000-24.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    salt-3000-24.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    salt-3000-24.1
SUSE Enterprise Storage 6 (src):    salt-3000-24.1
SUSE CaaS Platform 4.0 (src):    salt-3000-24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2021-02-26 15:02:51 UTC
SUSE-SU-2021:14646-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2021-02-26 15:05:25 UTC
SUSE-SU-2021:0627-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Tools 12 (src):    salt-3000-46.129.1
SUSE Linux Enterprise Point of Sale 12-SP2 (src):    salt-3000-46.129.1
SUSE Linux Enterprise Module for Advanced Systems Management 12 (src):    salt-3000-46.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2021-02-26 20:20:08 UTC
openSUSE-SU-2021:0347-1: An update that solves 10 vulnerabilities and has two fixes is now available.

Category: security (critical)
Bug References: 1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    salt-3000-lp152.3.27.1
Comment 32 Swamp Workflow Management 2021-03-19 20:30:49 UTC
SUSE-SU-2021:0913-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2021-03-19 20:34:00 UTC
SUSE-SU-2021:14679-1: An update that solves 11 vulnerabilities and has 7 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2021-03-19 20:37:13 UTC
SUSE-SU-2021:0914-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Tools 15-BETA (src):    salt-3002.2-8.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2021-03-19 20:40:28 UTC
SUSE-SU-2021:14677-1: An update that solves 10 vulnerabilities and has 10 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1179696,1180101,1180818,1181290,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2021-03-19 20:49:33 UTC
SUSE-SU-2021:14682-1: An update that solves 10 vulnerabilities and has 6 fixes is now available.

Category: security (moderate)
Bug References: 1181290,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1181807,1182339,1182603,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA (src):    mgr-osad-4.2.3-8.12.1, rhnlib-4.2.2-15.12.1, salt-2016.11.10-46.15.1, spacewalk-client-tools-4.2.7-30.24.1
SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA (src):    mgr-osad-4.2.3-8.12.1, rhnlib-4.2.2-15.12.1, salt-2016.11.10-46.15.1, spacewalk-client-tools-4.2.7-30.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2021-03-19 20:53:15 UTC
SUSE-SU-2021:0910-1: An update that solves 10 vulnerabilities and has 10 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1179696,1180101,1180818,1181290,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2021-03-19 21:12:39 UTC
SUSE-SU-2021:14678-1: An update that solves 11 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1177474,1179696,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182382,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-25315,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2021-03-19 21:16:14 UTC
SUSE-SU-2021:0915-1: An update that solves 10 vulnerabilities and has 10 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1172110,1174855,1179696,1180101,1180818,1181290,1181347,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182740
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-3197
JIRA References: 
Sources used:
SUSE Manager Tools 12-BETA (src):    salt-3000-49.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Pablo Suárez Hernández 2021-05-05 10:40:18 UTC
I think we're done with here.

The patch we submitted to fix this issue is the one attached at https://bugzilla.suse.com/show_bug.cgi?id=1181550

I'm setting back the assignee to the Security team. Thanks!
Comment 43 Swamp Workflow Management 2021-05-21 19:20:25 UTC
SUSE-SU-2021:14733-1: An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1171257,1172110,1174855,1176293,1177474,1179831,1180101,1180818,1181290,1181347,1181368,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182281,1182293,1182740,1185092,1185281
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-31607,CVE-2021-3197
JIRA References: ECO-3212
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Swamp Workflow Management 2021-05-21 19:23:47 UTC
SUSE-SU-2021:14734-1: An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1171257,1172110,1174855,1176293,1177474,1179831,1180101,1180818,1181290,1181347,1181368,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182281,1182293,1182740,1185092,1185281
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-31607,CVE-2021-3197
JIRA References: ECO-3212
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2021-05-21 19:33:28 UTC
SUSE-SU-2021:1690-1: An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1171257,1172110,1174855,1176293,1177474,1179831,1180101,1180818,1181290,1181347,1181368,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182281,1182293,1182740,1185092,1185281
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-31607,CVE-2021-3197
JIRA References: ECO-3212
Sources used:
SUSE Manager Tools 15-BETA (src):    salt-3002.2-8.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2021-05-21 19:38:00 UTC
SUSE-SU-2021:1694-1: An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available.

Category: security (moderate)
Bug References: 1099976,1171257,1172110,1174855,1176293,1177474,1179831,1180101,1180818,1181290,1181347,1181368,1181550,1181556,1181557,1181558,1181559,1181560,1181561,1181562,1181563,1181564,1181565,1182281,1182293,1182740,1185092,1185281
CVE References: CVE-2020-28243,CVE-2020-28972,CVE-2020-35662,CVE-2021-25281,CVE-2021-25282,CVE-2021-25283,CVE-2021-25284,CVE-2021-3144,CVE-2021-3148,CVE-2021-31607,CVE-2021-3197
JIRA References: ECO-3212
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Marcus Meissner 2022-04-18 14:22:19 UTC
reelased