SUSE: 2020:14537-1 Critical: SUSE Manager Client Tools Security Advisory

suse

November 6, 2020

An update that solves three vulnerabilities and has 8 fixes is now available

Summary

This update fixes the following issues: salt: - Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846) - Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867) - Ensure virt.update stop_on_reboot is updated with its default value - Do not break package building for systemd OSes - Drop wrong mock from chroot unit test - Support systemd versions with dot (bsc#1176294) - Fix for grains.test_core unit test - Fix file/directory user and group ownership containing UTF-8 characters (bsc#1176024) - Several changes to virtualization: - - Fix virt update when cpu and memory are changed - - Memory Tuning GSoC - - Properly fix memory setting regression in virt.update

Topics Covered

security advisory security update critical patch fixes SUSE client tools

References

#1159670 #1167907 #1169664 #1175987 #1176024

#1176294 #1176397 #1177867 #1178319 #1178361

#1178362

Cross- CVE-2020-16846 CVE-2020-17490 CVE-2020-25592

Affected Products:

SUSE Manager Ubuntu 20.04-CLIENT-TOOLS

https://www.suse.com/security/cve/CVE-2020-16846.html

https://www.suse.com/security/cve/CVE-2020-17490.html

https://www.suse.com/security/cve/CVE-2020-25592.html

https://bugzilla.suse.com/1159670

https://bugzilla.suse.com/1167907

https://bugzilla.suse.com/1169664

https://bugzilla.suse.com/1175987

https://bugzilla.suse.com/1176024

https://bugzilla.suse.com/1176294

https://bugzilla.suse.com/1176397

https://bugzilla.suse.com/1177867

https://bugzilla.suse.com/1178319

https://bugzilla.suse.com/1178361

Severity

critical

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:14537-1

Rating: critical

Topics Covered

security advisory security update critical patch fixes SUSE client tools

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:14537-1 Critical: SUSE Manager Client Tools Security Advisory

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:14537-1 Critical: SUSE Manager Client Tools Security Advisory

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!