Today we released an unscheduled release on top of Uyuni 2020.09, for
CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592 that affect salt master and
First, a small warning. The current salt on openSUSE Leap 15.2/15.2 fixes the
CVEs already, but contains a regression that breaks onboarding from WebUI and
salt ssh manage minions.
A fix for this is already in the openSUSE queue and should be released soon.
Please make sure you are on the most recent release (2020.09) and use the
following commands on the Uyuni server:
This will download the required spacewalk-java and py26-compat-salt packages
and packages, as well as salt from openSUSE Leap 15.2
Proxies and Clients
Just sync your channels on the Uyuni Server for all operating systems, and that
will get the updated salt packages.
Then apply the updates to all your clients as you would do for any other
Julio González Gil
Release Engineer, SUSE Manager and Uyuni