SUSE: 2019:1703-1 moderate: SUSE Manager Server 3.2

    Date25 Jun 2019
    CategorySuSE
    749
    Posted ByLinuxSecurity Advisories
    Suse Large
    An update that solves one vulnerability and has 24 fixes is now available.
    
       SUSE Security Update: Security update for SUSE Manager Server 3.2
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:1703-1
    Rating:             moderate
    References:         #1117017 #1125090 #1128061 #1128838 #1129079 
                        #1130492 #1130551 #1131423 #1131704 #1131780 
                        #1131867 #1131929 #1131954 #1132103 #1132197 
                        #1133424 #1133587 #1133629 #1134195 #1134876 
                        #1135166 #1136029 #1136102 #1136250 #1136423 
                        
    Cross-References:   CVE-2019-3684
    Affected Products:
                        SUSE Manager Server 3.2
                        SUSE Manager Proxy 3.2
    ______________________________________________________________________________
    
       An update that solves one vulnerability and has 24 fixes is
       now available.
    
    Description:
    
    
       This update fixes the following issues:
    
       cobbler:
    
       - Removes string replace for textmode fix (bsc#1134195)
    
       py26-compat-salt:
    
       - Avoid syntax error on yumpkg module running on Python 2.6 (bsc#1136250)
       - Use ThreadPool from multiprocessing.pool to avoid leakins when
         calculating FQDNs
       - Fix usermod options for SLE11 (bsc#1117017)
       - Do not report patches as installed on RHEL systems when not all the
         related packages are installed (bsc#1128061)
       - Do not include "ordereddict" and "singledispatch" on the thin for Python
         2.6 systems.
       - Fix paths for py26-compat dependencies on SLE15 and newer
       - Port optimization_order config parameter (bsc#1131423)
       - Use special tornado and msgpack-python compat packages on sles15sp1 and
         greater in py26-compat-salt.conf (bsc#1131423)
       - Add missing py26 thin dependencies
       - Calculate the "FQDNs" grains in parallel to avoid long blocking
         (bsc#1129079)
    
       salt-netapi-client:
    
       - Add workaround for Salt issue 52762
       - Version 0.16.0 see
         https://github.com/SUSE/salt-netapi-client/releases/tag/v0.16.0
    
       spacewalk-backend:
    
       - Fix spacewalk-repo-sync for Ubuntu repositories in mirror case
         (bsc#1136029)
       - Use new names in code for client tool packages which were renamed
         (bsc#1134876)
       - Fix HTTP headers handling to avoid duplicated entries (bsc#1125090)
       - Use suseLib.get_proxy to get the HTTP proxy configuration properly on
         DEB repos (bsc#1133424)
    
       spacewalk-certs-tools:
    
       - Fix missing quotation in bootstrap script (bsc#1136423)
       - Add new packages names to instructions for adding remote configuration
         support for traditional clients
       - Print error message instead of stacktrace for client_config_update.py
    
       spacewalk-config:
    
       - Fix config declaration for rhn.conf (bsc#1132197)
    
       spacewalk-java:
    
       - Remove the 'Returning' clause from the query as oracle doesn't support
         it (bsc#1135166)
       - Use new names in code for client tool packages which were renamed
         (bsc#1134876)
       - Handle the different retcodes that are being returned when salt module
         is not available (bsc#1131704)
       - Do not implicitly set parent channel when cloning (bsc#1130492)
       - Prevent Actions that were actually completed to be displayed as "in
         progress" forever (bsc#1131780)
       - Enable batching mode for salt synchronous calls
       - Show minion id in System Details GUI and API
       - Do not report Provisioning installed product to subscription matcher
         (bsc#1128838)
       - Fix product package conflicts with SLES for SAP systems (bsc#1130551)
       - Add support for Salt batch execution mode
       - Fix NPE on remote commands when no targets match (bsc1123375)
       - Fix apidoc return order on mergePackages
       - Take into account only synced products when scheduling SP migration from
         the API (bsc#1131929)
    
       spacewalk-web:
    
       - Change WebUI string version to 3.2.8
    
       susemanager:
    
       - Make swap files readable only by root (bsc#1131954, CVE-2019-3684)
       - Do not show false errors when configuring swapfile during setup
       - Create bootstrap repo for new Red Hat channels (bsc#1133587)
    
       susemanager-docs_en:
    
       - Minion ID is visible in System Info box.
       - Managing Systems Completely via SSH now fully supported (bsc#1131867).
    
       susemanager-schema:
    
       - Copy 3.1 schema migrations to 3.2 to be able to migrate from an older
         schema version to 3.2
       - Add support for Salt batch execution mode
    
       susemanager-sls:
    
       - Add support for Salt batch execution mode
    
       susemanager-sync-data:
    
       - Add SLES11 SP4 LTSS channels for SLES for SAP (bsc#1133629)
       - Add SLES11 SP4 LTSS channels for ppc64 (bsc#1132103)
    
       zypp-plugin-spacewalk:
    
       - Fix python syntax error in distupgrade (bsc#1136102)
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Manager Server 3.2:
    
          zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2019-1703=1
    
       - SUSE Manager Proxy 3.2:
    
          zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2019-1703=1
    
    
    
    Package List:
    
       - SUSE Manager Server 3.2 (ppc64le s390x x86_64):
    
          susemanager-3.2.18-3.25.2
          susemanager-tools-3.2.18-3.25.2
    
       - SUSE Manager Server 3.2 (noarch):
    
          cobbler-2.6.6-6.19.1
          py26-compat-salt-2016.11.10-6.26.1
          python2-spacewalk-certs-tools-2.8.8.10-3.11.1
          salt-netapi-client-0.16.0-4.11.1
          spacewalk-backend-2.8.57.16-3.30.1
          spacewalk-backend-app-2.8.57.16-3.30.1
          spacewalk-backend-applet-2.8.57.16-3.30.1
          spacewalk-backend-config-files-2.8.57.16-3.30.1
          spacewalk-backend-config-files-common-2.8.57.16-3.30.1
          spacewalk-backend-config-files-tool-2.8.57.16-3.30.1
          spacewalk-backend-iss-2.8.57.16-3.30.1
          spacewalk-backend-iss-export-2.8.57.16-3.30.1
          spacewalk-backend-libs-2.8.57.16-3.30.1
          spacewalk-backend-package-push-server-2.8.57.16-3.30.1
          spacewalk-backend-server-2.8.57.16-3.30.1
          spacewalk-backend-sql-2.8.57.16-3.30.1
          spacewalk-backend-sql-oracle-2.8.57.16-3.30.1
          spacewalk-backend-sql-postgresql-2.8.57.16-3.30.1
          spacewalk-backend-tools-2.8.57.16-3.30.1
          spacewalk-backend-xml-export-libs-2.8.57.16-3.30.1
          spacewalk-backend-xmlrpc-2.8.57.16-3.30.1
          spacewalk-base-2.8.7.16-3.27.1
          spacewalk-base-minimal-2.8.7.16-3.27.1
          spacewalk-base-minimal-config-2.8.7.16-3.27.1
          spacewalk-certs-tools-2.8.8.10-3.11.1
          spacewalk-config-2.8.5.7-3.16.1
          spacewalk-html-2.8.7.16-3.27.1
          spacewalk-java-2.8.78.22-3.32.1
          spacewalk-java-config-2.8.78.22-3.32.1
          spacewalk-java-lib-2.8.78.22-3.32.1
          spacewalk-java-oracle-2.8.78.22-3.32.1
          spacewalk-java-postgresql-2.8.78.22-3.32.1
          spacewalk-taskomatic-2.8.78.22-3.32.1
          susemanager-advanced-topics_en-pdf-3.2-11.26.1
          susemanager-best-practices_en-pdf-3.2-11.26.1
          susemanager-docs_en-3.2-11.26.1
          susemanager-getting-started_en-pdf-3.2-11.26.1
          susemanager-jsp_en-3.2-11.26.1
          susemanager-reference_en-pdf-3.2-11.26.1
          susemanager-schema-3.2.19-3.25.1
          susemanager-sls-3.2.25-3.29.1
          susemanager-sync-data-3.2.15-3.23.1
          susemanager-web-libs-2.8.7.16-3.27.1
    
       - SUSE Manager Proxy 3.2 (noarch):
    
          python2-rhncfg-5.10.122.3-3.3.1
          python2-rhncfg-actions-5.10.122.3-3.3.1
          python2-rhncfg-client-5.10.122.3-3.3.1
          python2-rhncfg-management-5.10.122.3-3.3.1
          python2-spacewalk-certs-tools-2.8.8.10-3.11.1
          python2-zypp-plugin-spacewalk-1.0.5-3.7.1
          rhncfg-5.10.122.3-3.3.1
          rhncfg-actions-5.10.122.3-3.3.1
          rhncfg-client-5.10.122.3-3.3.1
          rhncfg-management-5.10.122.3-3.3.1
          spacewalk-backend-2.8.57.16-3.30.1
          spacewalk-backend-libs-2.8.57.16-3.30.1
          spacewalk-base-minimal-2.8.7.16-3.27.1
          spacewalk-base-minimal-config-2.8.7.16-3.27.1
          spacewalk-certs-tools-2.8.8.10-3.11.1
          spacewalk-proxy-broker-2.8.5.5-3.6.2
          spacewalk-proxy-common-2.8.5.5-3.6.2
          spacewalk-proxy-installer-2.8.6.6-3.12.1
          spacewalk-proxy-management-2.8.5.5-3.6.2
          spacewalk-proxy-package-manager-2.8.5.5-3.6.2
          spacewalk-proxy-redirect-2.8.5.5-3.6.2
          spacewalk-proxy-salt-2.8.5.5-3.6.2
          susemanager-web-libs-2.8.7.16-3.27.1
          zypp-plugin-spacewalk-1.0.5-3.7.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-3684.html
       https://bugzilla.suse.com/1117017
       https://bugzilla.suse.com/1125090
       https://bugzilla.suse.com/1128061
       https://bugzilla.suse.com/1128838
       https://bugzilla.suse.com/1129079
       https://bugzilla.suse.com/1130492
       https://bugzilla.suse.com/1130551
       https://bugzilla.suse.com/1131423
       https://bugzilla.suse.com/1131704
       https://bugzilla.suse.com/1131780
       https://bugzilla.suse.com/1131867
       https://bugzilla.suse.com/1131929
       https://bugzilla.suse.com/1131954
       https://bugzilla.suse.com/1132103
       https://bugzilla.suse.com/1132197
       https://bugzilla.suse.com/1133424
       https://bugzilla.suse.com/1133587
       https://bugzilla.suse.com/1133629
       https://bugzilla.suse.com/1134195
       https://bugzilla.suse.com/1134876
       https://bugzilla.suse.com/1135166
       https://bugzilla.suse.com/1136029
       https://bugzilla.suse.com/1136102
       https://bugzilla.suse.com/1136250
       https://bugzilla.suse.com/1136423
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":13.33,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"26","type":"x","order":"3","pct":34.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.