{"affected":[{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150000.3.48.2"}]},"package":{"ecosystem":"SUSE:Manager Client Tools 15","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Client%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150000.3.48.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150000.3.48.2"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for SLE Micro 5","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150000.3.48.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150000.3.48.2"}]},"package":{"ecosystem":"SUSE:Manager Proxy Module 4.3","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Proxy%20Module%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150000.3.48.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150000.3.48.2"}]},"package":{"ecosystem":"SUSE:Manager Server Module 4.3","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Manager%20Server%20Module%204.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150000.3.48.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update fixes the following issues:\n\nvenv-salt-minion:\n\n  * Security fixes:\n    * CVE-2023-34049: Arbitrary code execution via symlink attack (bsc#1215157)\n  * Non security fixes:\n    * Add python dateutil module to the bundle\n    * Allow all primitive grain types for autosign_grains (bsc#1214477)\n    * Remove non-free RNG schema file (bsc#1213351)\n","id":"SUSE-SU-2023:4749-1","modified":"2023-12-13T09:26:13Z","published":"2023-12-13T09:26:13Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20234749-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213351"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214477"},{"type":"REPORT","url":"https://bugzilla.suse.com/1215157"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-34049"}],"related":["CVE-2023-34049"],"summary":"Security update for SUSE Manager Salt Bundle","upstream":["CVE-2023-34049"]}