[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:21216-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":18,"duplicates":19,"related":20,"reserved_at":9,"published_at":23,"modified_at":24,"state":9,"summary":25,"references_raw":27,"kevs":156,"epss":9,"epss_history":157,"metrics":158,"affected":159},"SUSE-SU-2025:21216-1","Security update 5.0.6 for Multi-Linux Manager Client Tools, Salt and Salt Bundle\n\nThis update fixes the following issues:\n\nsalt:\n\n- Security issues fixed:\n\n  - CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)\n  - CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)\n  - Backport security fixes for vendored tornado\n    * BDSA-2024-3438\n    * BDSA-2024-3439\n    * BDSA-2024-9026\n\n- Other changes and bugs fixed:\n\n  - Fixed TLS and x509 modules for OSes with older cryptography module\n  - Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)\n    * Use external tornado on Python > 3.11\n    * Make tls and x509 to use python-cryptography\n    * Remove usage of spwd\n  - Fixed payload signature verification on Tumbleweed (bsc#1251776)\n  - Fixed broken symlink on migration to Leap 16.0 (bsc#1250755)\n  - Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)\n  - Fixed functional.states.test_user for SLES 16 and Micro systems\n  - Fixed the tests failing on AlmaLinux 10 and other clones\n  - Improved SL Micro 6.2 detection with grains\n  - Require Python dependencies only for used Python version\n  - Reverted requirement of M2Crypto >= 0.44.0 for SUSE Family distros\n  - Set python-CherryPy as required for python-salt-testsuite\n\nuyuni-tools:\n\n- Version 0.1.37-0\n\n  * Added --registry-host, --registry-user and --registry-password to pull images from an authenticate registry\n  * Added a lowercase version of --logLevel (bsc#1243611)\n  * Added migration for server monitoring configuration (bsc#1247688)\n  * Added SLE15SP7 to buildin productmap\n  * Adjusted traefik exposed configuration for chart v27+ (bsc#1247721)\n  * Automatically get up-to-date systemid file on salt based proxy hosts (bsc#1246789)\n  * Check for restorecon presence before calling (bsc#1246925)\n  * Convert the traefik install time to local time (bsc#1251138)\n  * Deprecated --registry\n  * Do not require backups to be at the same location for restoring (bsc#1246906)\n  * Do not use sudo when running as a root user (bsc#1246882)\n  * Fixed channel override for distro copy\n  * Fixed loading product map from mgradm configuration file (bsc#1246068)\n  * Fixed recomputing proxy images when installing a ptf or test (bsc#1246553)\n  * Handle CA files with symlinks during migration (bsc#1251044)\n  * Migrate custom auto installation snippets (bsc#1246320)\n  * Run smdba and reindex only during migration (bsc#1244534)\n  * Stop executing scripts in temporary folder (bsc#1243704)\n  * Support config: collect podman inspect for hub container(bsc#1245099)\n  * Use new dedicated path for Cobbler settings (bsc#1244027)\n\n- Version 0.1.36-0\n\n  * Bump the default image tag to 5.0.5.1\n\n- Version 0.1.35-0\n\n  * Restore SELinux contexts for restored backup volumes (bsc#1244127)\n\n- Version 0.1.34-0\n\n  * Fixed mgradm backup create handling of images and systemd files (bsc#1246738)\n\n- Version 0.1.33-0\n\n  * Restore volumes using tar instead of podman import (bsc#1244127)\n\n- Version 0.1.32-0\n\n  * Fixed version compare by backport from main (bsc#1246662)\n\nvenv-salt-minion:\n\n- Security issues fixed:\n\n  - CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257)\n  - CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256)\n  - Backport security fixes for vendored tornado\n    * BDSA-2024-3438\n    * BDSA-2024-3439\n    * BDSA-2024-9026\n\n- Other changes and bugs fixed:\n\n  - Added `minion_legacy_req_warnings` option to avoid noisy warnings\n  - Fixed TLS and x509 modules for OSes with older cryptography module\n  - Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244)\n\n    * Use external tornado on Python > 3.11\n    * Make tls and x509 to use python-cryptography\n    * Remove usage of spwd\n\n  - Filter out zero-length check as the empty files are expected there\n  - Filter out env-script-interpreter for ssh-id-wrapper as not used\n    with the Salt Bundle, but present inside the salt module\n  - Fixed functional.states.test_user for SLES 16 and Micro systems\n  - Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)\n  - Fixed payload signature verification on Tumbleweed (bsc#1251776)\n  - Fixed the tests failing on AlmaLinux 10 and other clones\n  - Improve SL Micro 6.2 detection with grains\n  - Removed unused activate script (bsc#1245740)\n  - Use more strict way to Fixed shebang in the bundle scripts\n  - Use versioned python interpreter for salt-ssh\n\n",null,[],[],[],[14,16],{"_key":15},"CVE-2025-62348",{"_key":17},"CVE-2025-62349",[],[],[21,22],{"_key":15},{"_key":17},"2025-12-16T07:20:56Z","2026-03-23T04:51:16.699468Z",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[28,34,39,43,47,51,55,59,63,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,127,131,135,139,143,147,152],{"url":29,"sources":30,"tags":32},"https://www.suse.com/support/update/announcement/2025/suse-su-202521216-1/",[31],"osv_suse",[33],"Advisory",{"url":35,"sources":36,"tags":37},"https://bugzilla.suse.com/1227207",[31],[38],"REPORT",{"url":40,"sources":41,"tags":42},"https://bugzilla.suse.com/1243611",[31],[38],{"url":44,"sources":45,"tags":46},"https://bugzilla.suse.com/1243704",[31],[38],{"url":48,"sources":49,"tags":50},"https://bugzilla.suse.com/1244027",[31],[38],{"url":52,"sources":53,"tags":54},"https://bugzilla.suse.com/1244127",[31],[38],{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1244534",[31],[38],{"url":60,"sources":61,"tags":62},"https://bugzilla.suse.com/1245099",[31],[38],{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/1245740",[31],[38],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1246068",[31],[38],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1246320",[31],[38],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1246553",[31],[38],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/1246662",[31],[38],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/1246738",[31],[38],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/1246789",[31],[38],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/1246882",[31],[38],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/1246906",[31],[38],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/1246925",[31],[38],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/1247688",[31],[38],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/1247721",[31],[38],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/1250520",[31],[38],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/1250755",[31],[38],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/1251044",[31],[38],{"url":124,"sources":125,"tags":126},"https://bugzilla.suse.com/1251138",[31],[38],{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/1251776",[31],[38],{"url":132,"sources":133,"tags":134},"https://bugzilla.suse.com/1252244",[31],[38],{"url":136,"sources":137,"tags":138},"https://bugzilla.suse.com/1252285",[31],[38],{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/1254256",[31],[38],{"url":144,"sources":145,"tags":146},"https://bugzilla.suse.com/1254257",[31],[38],{"url":148,"sources":149,"tags":150},"https://www.suse.com/security/cve/CVE-2025-62348",[31],[151],"WEB",{"url":153,"sources":154,"tags":155},"https://www.suse.com/security/cve/CVE-2025-62349",[31],[151],[],[],[],[160],{"ecosystem":161,"name":162,"vendor":163,"product":164,"cpe_part":9,"purl_type":165,"purl_namespace":163,"purl_name":164,"source":9,"versions":166},"SUSE Linux Enterprise","salt","suse","salt&distro=SUSE Linux Micro 6.0","rpm",[167],{"version":168,"is_range":169,"range_type":170,"version_start":9,"version_start_type":9,"version_end":171,"version_end_type":172,"fixed_in":9},"lt3006_0_14_1",true,"ecosystem","3006.0-14.1","excluding"]