SUSE: 2018:2898-2 Important: SMT and YaST2-SMT Security Fixes

This update for yast2-smt to 3.0.14 and smt to 3.0.37 fixes the following issues: These security issues were fixed in SMT: - CVE-2018-12471: Xml External Entity processing in the RegistrationSharing modules allowed to read arbitrary file read (bsc#1103809). - CVE-2018-12470: SQL injection in RegistrationSharing module allows remote attackers to run arbitrary SQL statements (bsc#1103810). - CVE-2018-12472: Authentication bypass in sibling check facilitated further attacks on SMT (bsc#1104076). SUSE would like to thank Jake Miller for reporting these issues to us. These non-security issues were fixed in SMT: - Fix cron jobs randomization (bsc#1097560) - Fix duplicate migration paths (bsc#1097824) This non-security issue was fixed in yast2-smt: - Remove cron job rescheduling (bsc#1097560)