SUSE: 2019:0863-1 moderate: several packages related

    Date03 Apr 2019
    CategorySuSE
    527
    Posted ByLinuxSecurity Advisories
    An update that solves three vulnerabilities and has 17 fixes is now available.
    
       SUSE Security Update: Security update for several packages related to SUSE Manger 3.1
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:0863-1
    Rating:             moderate
    References:         #1109316 #1111191 #1111910 #1114029 #1114059 
                        #1114157 #1114169 #1117759 #1119081 #1119964 
                        #1121038 #1121195 #1121856 #1122836 #1123991 
                        #1124639 #1126862 #1128781 #1129765 #1130658 
                        
    Cross-References:   CVE-2018-10851 CVE-2018-14626 CVE-2018-17197
                       
    Affected Products:
                        SUSE Manager Server 3.1
                        SUSE Manager Proxy 3.1
    ______________________________________________________________________________
    
       An update that solves three vulnerabilities and has 17
       fixes is now available.
    
    Description:
    
       This consolidated update includes multiple patchinfos for SUSE Manager
       Server and Proxy and follow security issues fixed:
    
       - CVE-2018-10851: Fixed denial of service via crafted zone record or
         crafted answer (bsc#1114157).
       - CVE-2018-14626: Fixed packet cache pollution via crafted query
         (bsc#1114169).
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Manager Server 3.1:
    
          zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2019-863=1
    
       - SUSE Manager Proxy 3.1:
    
          zypper in -t patch SUSE-SUSE-Manager-Proxy-3.1-2019-863=1
    
    
    
    Package List:
    
       - SUSE Manager Server 3.1 (ppc64le s390x x86_64):
    
          spacewalk-branding-2.7.2.17-2.31.3
          susemanager-3.1.19-2.34.2
          susemanager-tools-3.1.19-2.34.2
    
       - SUSE Manager Server 3.1 (noarch):
    
          cobbler-2.6.6-5.25.1
          py26-compat-salt-2016.11.10-1.19.3
          spacecmd-2.7.8.15-2.32.1
          spacewalk-base-2.7.1.21-2.35.1
          spacewalk-base-minimal-2.7.1.21-2.35.1
          spacewalk-base-minimal-config-2.7.1.21-2.35.1
          spacewalk-html-2.7.1.21-2.35.1
          spacewalk-java-2.7.46.19-2.41.3
          spacewalk-java-config-2.7.46.19-2.41.3
          spacewalk-java-lib-2.7.46.19-2.41.3
          spacewalk-java-oracle-2.7.46.19-2.41.3
          spacewalk-java-postgresql-2.7.46.19-2.41.3
          spacewalk-taskomatic-2.7.46.19-2.41.3
          spacewalk-utils-2.7.10.11-2.23.3
          subscription-matcher-0.22-4.9.2
          susemanager-advanced-topics_en-pdf-3.1-10.29.4
          susemanager-best-practices_en-pdf-3.1-10.29.4
          susemanager-docs_en-3.1-10.29.4
          susemanager-frontend-libs-3.1.2-3.10.1
          susemanager-getting-started_en-pdf-3.1-10.29.4
          susemanager-jsp_en-3.1-10.29.4
          susemanager-reference_en-pdf-3.1-10.29.4
          susemanager-schema-3.1.21-2.36.1
          tika-core-1.20-1.6.2
    
       - SUSE Manager Proxy 3.1 (noarch):
    
          spacewalk-base-minimal-2.7.1.21-2.35.1
          spacewalk-base-minimal-config-2.7.1.21-2.35.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-10851.html
       https://www.suse.com/security/cve/CVE-2018-14626.html
       https://www.suse.com/security/cve/CVE-2018-17197.html
       https://bugzilla.suse.com/1109316
       https://bugzilla.suse.com/1111191
       https://bugzilla.suse.com/1111910
       https://bugzilla.suse.com/1114029
       https://bugzilla.suse.com/1114059
       https://bugzilla.suse.com/1114157
       https://bugzilla.suse.com/1114169
       https://bugzilla.suse.com/1117759
       https://bugzilla.suse.com/1119081
       https://bugzilla.suse.com/1119964
       https://bugzilla.suse.com/1121038
       https://bugzilla.suse.com/1121195
       https://bugzilla.suse.com/1121856
       https://bugzilla.suse.com/1122836
       https://bugzilla.suse.com/1123991
       https://bugzilla.suse.com/1124639
       https://bugzilla.suse.com/1126862
       https://bugzilla.suse.com/1128781
       https://bugzilla.suse.com/1129765
       https://bugzilla.suse.com/1130658
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.