{"affected":[{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150002.5.9.1"}]},"package":{"ecosystem":"SUSE:Multi Linux Manager Tools SLE-15","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150002.5.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"venv-salt-minion":"3006.0-150002.5.9.1"}]},"package":{"ecosystem":"SUSE:Multi Linux Manager Tools SLE-Micro-5","name":"venv-salt-minion","purl":"pkg:rpm/suse/venv-salt-minion&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3006.0-150002.5.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update fixes the following issues:\n\nvenv-salt-minion:\n\n- Backported security patches for Salt vendored tornado:\n  * CVE-2025-67724: Fixed missing validation of supplied reason phrase (bsc#1254903)\n  * CVE-2025-67725: Fixed DoS via malicious HTTP request (bsc#1254905)\n  * CVE-2025-67726: Fixed HTTP header parameter parsing algorithm (bsc#1254904)\n\n- Made syntax in httputil_test compatible with Python 3.6\n- Fixed KeyError in postgres module with PostgreSQL 17 (bsc#1254325)\n- Use internal deb classes instead of external aptsource lib\n- Speed up wheel key.finger call (bsc#1240532)\n- Improved utils.find_json function (bsc#1246130)\n- Extended warn_until period to 2027\n\n","id":"SUSE-SU-2026:0631-1","modified":"2026-02-25T09:47:24Z","published":"2026-02-25T09:47:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20260631-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240532"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246130"},{"type":"REPORT","url":"https://bugzilla.suse.com/1254325"},{"type":"REPORT","url":"https://bugzilla.suse.com/1254903"},{"type":"REPORT","url":"https://bugzilla.suse.com/1254904"},{"type":"REPORT","url":"https://bugzilla.suse.com/1254905"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-67724"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-67725"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-67726"}],"related":["CVE-2025-67724","CVE-2025-67725","CVE-2025-67726"],"summary":"Security update 5.1.2 for Multi-Linux Manager Salt Bundle","upstream":["CVE-2025-67724","CVE-2025-67725","CVE-2025-67726"]}