Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

openSUSE 15 SP2: 2021:0058-1 Moderate Cobbler Security Alert

opensuse
Calendar Grey January 14, 2021
Dist Opensuse Esm H88
Important security patch released for openSUSE addressing vulnerabilities in cobbler, enhancing system security and reliability.
An update that solves 6 vulnerabilities and has 58 fixes is now available

Description

This update for cobbler fixes the following issues:

- Add cobbler-tests subpackage for unit testing for openSUSE/SLE

- Adds LoadModule definitions for openSUSE/SLE

- Switch to new refactored auth module.

- use systemctl to restart cobblerd on logfile rotation (boo#1169207)

Mainline logrotate conf file uses already /sbin/service instead of

outdated: /etc/init.d/cobblerd

- Fix cobbler sync for DHCP or DNS (boo#1169553) Fixed mainline by commit

2d6cfe42da

- Signatures file now uses "default_autoinstall" which fixes import

problem happening with some distributions (boo#1159010)

- Fix for kernel and initrd detection (boo#1159010)

- New:

* For the distro there is now a parameter remote_boot_initrd and

remote_boot_kernel ()

* For the profile there is now a parameter filename for DHCP. (#2280)

* Signatures for ESXi 6 and 7 (#2308)

* The hardlink command is now detected more dynamically and thus more

error...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory moderate security update system management bug fix system update network boot openSUSE cobbler

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP2:

zypper in -t patch openSUSE-2021-58=1

Package List

- openSUSE Backports SLE-15-SP2 (noarch):

cobbler-3.1.2-bp152.4.3.1

cobbler-tests-3.1.2-bp152.4.3.1

cobbler-web-3.1.2-bp152.4.3.1

References

https://www.suse.com/security/cve/CVE-2011-4953.html

https://www.suse.com/security/cve/CVE-2012-2395.html

https://www.suse.com/security/cve/CVE-2017-1000469.html

https://www.suse.com/security/cve/CVE-2018-1000225.html

https://www.suse.com/security/cve/CVE-2018-1000226.html

https://www.suse.com/security/cve/CVE-2018-10931.html

https://bugzilla.suse.com/1020376

https://bugzilla.suse.com/1029276

https://bugzilla.suse.com/1048183

https://bugzilla.suse.com/1074594

https://bugzilla.suse.com/1075014

https://bugzilla.suse.com/1081714

https://bugzilla.suse.com/1081739

https://bugzilla.suse.com/1090205

https://bugzilla.suse.com/1097733

https://bugzilla.suse.com/1101670

https://bugzilla.suse.com/1104189

https://bugzilla.suse.com/1104190

https://bugzilla.suse.com/1104287

https://bugzilla.suse.com/1105440

https://bugzilla.suse.com/1105442

https://bugzilla.suse.com/1113747

https://bugzilla.suse.com/1128754

https://bugzilla.suse.com/1128926

https://bugzilla.suse.com/1130658

https://bugzilla.suse.com/1134588

https://bugzilla.s...

Read the Full Advisory

Announcement ID: openSUSE-SU-2021:0058-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP2 ble.

Topics%20covered

Topics Covered

security advisory moderate security update system management bug fix system update network boot openSUSE cobbler

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here