openSUSE: 2021:2675-1 moderate: SUSE Manager Client Tools
Description
This update fixes the following issues: ansible: - The support level for ansible is l2, not l3 dracut-saltboot: - Force installation of libexpat.so.1 (bsc#1188846) - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE Linux Enterprise 15, 15 SP1, 15 SP2 - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723 * Scaleway Discovery: Fix nil pointer dereference. #8737 * Consul Discovery: Restart no longer required after config update with no targets. #8766 + Features: * Promtool: Retroactive rule evaluation functionality. * Configuration: Environment variable expansion for external labels. Behind '--enable-feature=expand-external-labels' flag. * Add a flag '--storage.tsdb.max-block-chunk-segment-size' to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. * AWS Lightsail Discovery: Add AWS Lightsail Discovery. * Docker Discovery: Add Docker Service Discovery. * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. * Remote Write: Send exemplars via remote write. Experimental and disabled by default. + Enhancements: * Digital Ocean Discovery: Add '__meta_digitalocean_vpc' label. * Scaleway Discovery: Read Scaleway secret from a file. * Scrape: Add configurable limits for label size and count. * UI: Add 16w and 26w time range steps. * Templating: Enable parsing strings in humanize functions. - Update package with changes from `server:monitoring` (bsc#1175478) Left out removal of 'firewalld' related configuration files as SUSE Linux Enterprise 15-SP1's `firewalld` package does not contain 'prometheus' configuration yet. mgr-cfg: - No visible impact for the user mgr-custom-info: - No visible impact for the user mgr-osad: - No visible impact for the user mgr-push: - No visible impact for the user mgr-virtualization: - No visible impact for the user rhnlib: - No visible impact for the user spacecmd: - Make spacecmd aware of retracted patches/packages - Enhance help for installation types when creating distributions (bsc#1186581) - Parse empty argument when nothing in between the separator spacewalk-client-tools: - Update translation strings spacewalk-koan: - Fix for spacewalk-koan tests after switching to the new Docker images spacewalk-oscap: - No visible impact for the user suseRegisterInfo: - No visible impact for the user uyuni-common-libs: - Handle broken RPM packages to prevent exceptions causing fails on repository synchronization (bsc#1186650) - Maintainer field in debian packages are only recommended (bsc#1186508)
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2021-2675=1
Package List
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): python2-uyuni-common-libs-4.2.5-1.15.1 python3-uyuni-common-libs-4.2.5-1.15.1 - openSUSE Leap 15.3 (noarch): ansible-2.9.21-1.5.1 ansible-doc-2.9.21-1.5.1 ansible-test-2.9.21-1.5.1 dracut-saltboot-0.1.1627546504.96a0b3e-1.27.1 mgr-cfg-4.2.3-1.18.1 mgr-cfg-actions-4.2.3-1.18.1 mgr-cfg-client-4.2.3-1.18.1 mgr-cfg-management-4.2.3-1.18.1 mgr-custom-info-4.2.2-1.12.1 mgr-osa-dispatcher-4.2.6-1.30.1 mgr-osad-4.2.6-1.30.1 mgr-push-4.2.3-1.12.1 mgr-virtualization-host-4.2.2-1.20.1 python2-mgr-cfg-4.2.3-1.18.1 python2-mgr-cfg-actions-4.2.3-1.18.1 python2-mgr-cfg-client-4.2.3-1.18.1 python2-mgr-cfg-management-4.2.3-1.18.1 python2-mgr-osa-common-4.2.6-1.30.1 python2-mgr-osa-dispatcher-4.2.6-1.30.1 python2-mgr-osad-4.2.6-1.30.1 python2-mgr-push-4.2.3-1.12.1 python2-mgr-virtualization-common-4.2.2-1.20.1 python2-mgr-virtualization-host-4.2.2-1.20.1 python2-rhnlib-4.2.4-3.28.1 python2-spacewalk-check-4.2.12-3.44.1 python2-spacewalk-client-setup-4.2.12-3.44.1 python2-spacewalk-client-tools-4.2.12-3.44.1 python2-spacewalk-koan-4.2.4-3.21.1 python2-spacewalk-oscap-4.2.2-3.12.1 python2-suseRegisterInfo-4.2.4-3.15.1 python3-mgr-cfg-4.2.3-1.18.1 python3-mgr-cfg-actions-4.2.3-1.18.1 python3-mgr-cfg-client-4.2.3-1.18.1 python3-mgr-cfg-management-4.2.3-1.18.1 python3-mgr-osa-common-4.2.6-1.30.1 python3-mgr-osa-dispatcher-4.2.6-1.30.1 python3-mgr-osad-4.2.6-1.30.1 python3-mgr-push-4.2.3-1.12.1 python3-mgr-virtualization-common-4.2.2-1.20.1 python3-mgr-virtualization-host-4.2.2-1.20.1 python3-rhnlib-4.2.4-3.28.1 python3-spacewalk-check-4.2.12-3.44.1 python3-spacewalk-client-setup-4.2.12-3.44.1 python3-spacewalk-client-tools-4.2.12-3.44.1 python3-spacewalk-koan-4.2.4-3.21.1 python3-spacewalk-oscap-4.2.2-3.12.1 python3-suseRegisterInfo-4.2.4-3.15.1 spacecmd-4.2.11-3.62.1 spacewalk-check-4.2.12-3.44.1 spacewalk-client-setup-4.2.12-3.44.1 spacewalk-client-tools-4.2.12-3.44.1 spacewalk-koan-4.2.4-3.21.1 spacewalk-oscap-4.2.2-3.12.1 suseRegisterInfo-4.2.4-3.15.1
References
https://www.suse.com/security/cve/CVE-2021-27962.html https://www.suse.com/security/cve/CVE-2021-28146.html https://www.suse.com/security/cve/CVE-2021-28147.html https://www.suse.com/security/cve/CVE-2021-28148.html https://www.suse.com/security/cve/CVE-2021-29622.html https://bugzilla.suse.com/1175478 https://bugzilla.suse.com/1186242 https://bugzilla.suse.com/1186508 https://bugzilla.suse.com/1186581 https://bugzilla.suse.com/1186650 https://bugzilla.suse.com/1188846