SUSE-SU-2025:4445-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2025-62348 CVE-2025-62349

Published: 18 Dec 2025, 08:49

Last modified:23 Mar 2026, 04:51

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

18 Dec 2025, 08:49

Published

Vulnerability first disclosed

23 Mar 2026, 04:51

Last Modified

Vulnerability information updated

Description

Security update 5.1.1.1 for Multi-Linux Manager Salt Bundle This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257) - CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256) - Backport security fixes for vendored tornado * BDSA-2024-3438 * BDSA-2024-3439 * BDSA-2024-9026 - Other changes and bugs fixed: - Fixed TLS and x509 modules for OSes with older cryptography module - Fixed Salt for Python > 3.11 (bsc#1252285) (bsc#1252244) * Use external tornado on Python > 3.11 * Make tls and x509 to use python-cryptography * Remove usage of spwd - Fixed payload signature verification on Tumbleweed (bsc#1251776) - Fixed known_hosts error on gitfs (bsc#1250520) (bsc#1227207)

Affected Systems

suse•venv-salt-minion&distro=SUSE Multi Linux Manager Tools SLE-12
< 3006.0-120002.5.6.1

SUSE-SU-2025:4445-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (10)