saltbundle/venv-salt-minion
SHA256
7
0
Fork 4
Code Pull Requests 2 Activity

Compare commits

merge into: saltbundle:bundle_testing_el9_deps_fix
Branches Tags
saltbundle:bundle saltbundle:bundle_testing saltbundle:bundle_testing_fix_selinux_on_sle16 saltbundle:bundle_next saltbundle:bundle_next_fix_selinux_on_sle16 saltbundle:bundle_testing_el9_deps_fix saltbundle:bundle_next_el9_deps_fix
...
pull from: saltbundle:bundle
Branches Tags
saltbundle:bundle saltbundle:bundle_testing saltbundle:bundle_testing_fix_selinux_on_sle16 saltbundle:bundle_next saltbundle:bundle_next_fix_selinux_on_sle16 saltbundle:bundle_testing_el9_deps_fix saltbundle:bundle_next_el9_deps_fix

4 Commits
bundle_tes ... bundle

Author SHA256 Message Date
vzhestkov
84c03aa45f Fix the issue preventing SELinux profile to be loaded on SLES 16 
(bsc#1258957)
 2026-03-09 16:20:20 +00:00
vzhestkov
3b5f89d785 Fix the typo causing buiding EL9 bundle without binary dependencies 2026-03-09 16:20:20 +00:00
Marek Czernek
07bf93f300 Fix CVE entries in changelog 2026-03-09 16:20:14 +00:00
Michael Calmer
97859d8369 adapt changelog for rebuild 2026-02-02 14:50:50 +01:00
3 changed files with 27 additions and 8 deletions
Expand all files Collapse all files

2
_lastrevision
View File

@@ -1 +1 @@
c0445b44ea96c5db56fbd74a2c29c81f16c8d5c0
b9f7b17d7248f80ac48596f6347fb328bd11c402

25
venv-salt-minion.changes
View File

@@ -1,3 +1,19 @@
-------------------------------------------------------------------
Wed Mar 4 07:55:57 UTC 2026 - Victor Zhestkov <vzhestkov@suse.com>
- Fix the issue preventing SELinux profile to be loaded on SLES 16
deployed using cloud images (bsc#1258957)
-------------------------------------------------------------------
Mon Feb 16 13:46:38 UTC 2026 - Victor Zhestkov <vzhestkov@suse.com>
- Fix the typo causing buiding EL9 bundle without binary dependencies
-------------------------------------------------------------------
Mon Feb 2 13:50:23 UTC 2026 - Michael Calmer <mc@suse.com>
- Rebuild because of maintenance release
-------------------------------------------------------------------
Mon Jan 19 09:31:06 UTC 2026 - Marek Czernek <marek.czernek@suse.com>
@@ -14,7 +30,10 @@ Wed Jan 14 14:25:41 UTC 2026 - Marek Czernek <marek.czernek@suse.com>
- Use internal deb classes instead of external aptsource lib
* Drop dependency on saltbundlepy-apt
- Speed up wheel key.finger call (bsc#1240532)
- Add security patches (bsc#1254903,bsc#1254905,bsc#1254904)
- Backport security patches for Salt vendored tornado:
* CVE-2025-67724: missing validation of supplied reason phrase (bsc#1254903)
* CVE-2025-67725: fix DoS via malicious HTTP request (bsc#1254905)
* CVE-2025-67726: fix HTTP header parameter parsing algorithm (bsc#1254904)
- Simplify and speed up utils.find_json function (bsc#1246130)
- Added:
@@ -37,12 +56,12 @@ Thu Jan 8 08:39:12 UTC 2026 - Marek Czernek <marek.czernek@suse.com>
-------------------------------------------------------------------
Mon Nov 24 21:02:49 UTC 2025 - Alexander Graul <alexander.graul@suse.com>
- Add minimum_auth_version to enforce security (CVE-2025-62349)
- CVE-2025-62349: Add minimum_auth_version to enforce security (bsc#1254257)
- Backport security fixes for vendored tornado
* BDSA-2024-3438
* BDSA-2024-3439
* BDSA-2024-9026
- Junos module yaml loader fix (CVE-2025-62348)
- CVE-2025-62348: Junos module yaml loader fix (bsc#1254256)
- Added:
* backport-3006.17-security-fixes-739.patch

8
venv-salt-minion.spec
View File

@@ -736,7 +736,7 @@ sed -i -r 's# /libzmq.so/d;# /libzmq.so/d; /libcrypto.so/d; /libssl.so/d;#' %{S:
# Exclude `libcrypt.so` from binary dependencies to make EL9 bundle
# compatible with openEuler, in case if there is no required libcrypt.so
# on the system, salt will use `passlib` instead of `crypt`.
sed -i -r 's# /libzmq.so/d;# /libzmq.so/d; /libcrypt.so/d;/d;#' %{S:101}
sed -i -r 's# /libzmq.so/d;# /libzmq.so/d; /libcrypt.so/d;#' %{S:101}
%endif
# Expand SELinux policy files
@@ -1040,7 +1040,7 @@ if [ $1 -gt 1 ] && [ ! -d "%{salt_venv}%{venv}/lib/%{python_ver_short}" ]; then
# Upgrading python version; save the previous environment
prev_python_ver_short="$(find %{salt_venv}%{venv}/lib/python* -maxdepth 0 -type d | xargs basename || :)"
rm -rf %{salt_venv}%{venv}/lib/prev_env
if [ ! -z "$prev_python_ver_short" ]; then
if [ ! -z "$prev_python_ver_short" ]; then
cp -r "%{salt_venv}%{venv}/lib/$prev_python_ver_short" "%{salt_venv}%{venv}/lib/prev_env"
echo $prev_python_ver_short > "%{salt_venv}%{venv}/lib/prev_env/prev_python_ver_short"
fi
@@ -1048,7 +1048,7 @@ fi
%post
if test -f %{salt_venv}%{venv}/selinux/venv-salt-minion.pp ; then
if which semodule > /dev/null 2>&1 ; then
if command -v semodule > /dev/null 2>&1 ; then
semodule -n -i %{salt_venv}%{venv}/selinux/venv-salt-minion.pp 2> /dev/null || :
if /usr/sbin/selinuxenabled ; then
/usr/sbin/load_policy
@@ -1143,7 +1143,7 @@ if [ "$1" = "remove" ] || [ "$1" = "purge" ]; then
%else
if [ $1 -eq 0 ]; then
%endif
if which semodule > /dev/null 2>&1 ; then
if command -v semodule > /dev/null 2>&1 ; then
semodule -n -r venv-salt-minion 2> /dev/null || :
if /usr/sbin/selinuxenabled ; then
/usr/sbin/load_policy