SUSE Security Update: Security update for SUSE Manager Server 4.1
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:2373-1
Rating: moderate
References: #1136857 #1165572 #1169553 #1169780 #1170244
#1170468 #1170654 #1171281 #1172279 #1172504
#1172709 #1172807 #1172831 #1172839 #1173169
#1173522 #1173535 #1173554 #1173566 #1173584
#1173932 #1173982 #1173997 #1174025 #1174167
#1174201 #1174229 #1174325 #1174405 #1174470
#1174965 #1175485 #1175555 #1175558 #1175724
#1175791 #678126
Cross-References: CVE-2020-11022
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
______________________________________________________________________________
An update that solves one vulnerability and has 36 fixes is
now available.
Description:
This update fixes the following issues:
cobbler:
- More old modules naming fixes (bsc#1169553)
image-sync-formula:
- Allow image-sync state on regular minion. Image sync state requires
branch-network pillars to get the directory where to sync images. Use
default `/srv/saltboot` if that pillar is missing so image-sync can be
applied on non branch minions as well.
mgr-libmod:
- Remove unnecessary array wrap in 'list_modules' response object
mgr-osad:
- Move uyuni-base-common dependency from mgr-osad to mgr-osa-dispatcher
(bsc#1174405)
openvpn-formula:
- Add hint that ssl certs must be on system (bsc#1172279)
patterns-suse-manager:
- Add Recommends for golang-github-QubitProducts-exporter_exporter
prometheus-exporters-formula:
- Bugfix: Handle exporters proxy for unsupported distros (bsc#1175555)
- Add support for exporters proxy (exporter_exporter)
pxe-default-image-sle15:
- Rollback the workaround for bsc#1172807, as dracut is now fixed
saltboot-formula:
- Better fix for rounding errors (bsc#1136857)
spacecmd:
- Fix softwarechannel update for vendor channels (bsc#1172709)
- Fix escaping of package names (bsc#1171281)
spacewalk-backend:
- Adds basic functionality for gpg check
- Verify GPG signature of Ubuntu/Debian repository metadata (Release file)
- Take care of SCC auth tokens on DEB repos GPG checks (bsc#1175485)
- Use spacewalk keyring for GPG checks on DEB repos (bsc#1175485)
spacewalk-branding:
- Implement Maintenance Windows
- Fix typo on spacewalk-branding license
spacewalk-certs-tools:
- Strip SSL Certificate Common Name after 63 Characters (bsc#1173535)
- Fix centos detection (bsc#1173584)
spacewalk-java:
- Use media.1/products from media when not specified different
(bsc#1175558)
- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
- Fix error when rolling back a system to a snapshot (bsc#1173997)
- Implement maintenance windows backend
- Add check for maintainence window during executing recurring actions
- Implement maintenance windows in struts
- XMLRPC: Assign/retract maintenance schedule to/from systems
- Fix softwarechannel update for vendor channels (bsc#1172709)
- Avoid deadlock when syncing channels and registering minions at the same
time (bsc#1173566)
- Change system list header text to something better (bsc#1173982)
- Set CPU and memory info for virtual instances (bsc#1170244)
- Add virtual network Start, Stop and Delete actions
- Add virtual network list page
- Fix httpcomponents and gson jar symlinks (bsc#1174229)
- Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584)
- Provide comps.xml and modules.yaml when using onlinerepo for kickstart
- Refresh virtualization pages only on events
- Fix up2date detection on RH8 when salt-minion is used for registration
- Improve performance of the System Groups page with many clients
(bsc#1172839)
- Include number of non-patch package updates to non-critical update
counts in system group pages (bsc#1170468)
- Bump XMLRPC API version number to distinguish from Spacewalk 2.10
- Cluster UI: return to overview page after scheduling actions
- Fix NPE on auto installation when no kernel options are given
(bsc#1173932)
- Fix issue with disabling self_update for autoyast autoupgrade
(bsc#1170654)
- Adapt expectations for jobs return events after switching Salt states to
use 'mgrcompat.module_run' state.
spacewalk-utils:
- Add aarch64 for openSUSE Leap 15.1 and 15.2
spacewalk-web:
- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
- Fix JS linting errors/warnings
- Enable Nutanix AHV virtual host gatherer.
- Web UI: Implement managing maintenance schedules and calendars - Warn when a system is in multiple groups that configure the same formula
in the system formula's UI (bsc#1173554)
- Add virtual network start, stop and delete actions
- Add virtual network list page
- Fix internal server error when creating module filters in CLM
(bsc#1174325)
- Fix VM creation page when there is no volume in the default storage pool
- Refresh virtualization pages only on events
- Product list in the Wizard doesn't show SLE products first (bsc#1173522)
- Cluster UI: return to overview page after scheduling actions
- Changes in the logic to update the tick icon.
- For the postgres localhost:5432 case, use the
- Fix internal server errors by returning 0 instead of dying
- Add missing dependency to spacewalk-base-minimal (bsc#678126)
- Change kickstart to autoinstallation in navigation on pxt pages
- Debranding
suseRegisterInfo:
- Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584)
susemanager:
- Migrate all occurrences of kickstart to autoinstall in cobbler database
(bsc#1169780)
- Define bootstrap repo data for SUSE Manager Proxies (bsc#1174470)
- Add SLE 15 LTSS Product ID to SLE15 bootstrap repositories, as it is
required to get python3-M2crypto (bsc#1174167)
susemanager-doc-indexes:
- Left navigation structure cleaned up
- Fixed several broken xrefs
- Added hostname admonition for public cloud sections
- Clarified Branch Proxy configuration instructions
- Fixed index page pdf links, urls were 1 step to deep
- SUSECOM 2020 branding update
- PDF 2020 branding update
- WEBUI 2020 branding update
- Added maintenance window documentation
- Added SLE client chapter
- Added 508 compliance
- Added reverse proxy information to Monitoring in Admin Guide
- Add note about accessibility to index
- In the Upgrade Guide, use Major, Minor, and Patch Level terminology for
versioning.
- Added docs for nutanix VHM
- Ubuntu clients using the CLI in SUMA (bsc#1174025)
susemanager-docs_en:
- Left navigation structure cleaned up
- Fixed several broken xrefs
- Added hostname admonition for public cloud sections
- Clarified Branch Proxy configuration instructions
- Fixed index page pdf links, urls were 1 step to deep
- SUSECOM 2020 branding update
- PDF 2020 branding update
- WEBUI 2020 branding update
- Added maintenance window documentation
- Added SLE client chapter
- Added 508 compliance
- Added reverse proxy information to Monitoring in Admin Guide
- Add note about accessibility to index
- In the Upgrade Guide, use Major, Minor, and Patch Level terminology for
versioning.
- Added docs for nutanix VHM
- Ubuntu clients using the CLI in SUMA (bsc#1174025)
susemanager-frontend-libs:
- Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831)
susemanager-schema:
- Add new states and types for virtual instances in order to support
Nutanix AHV.
- Implement Maintenance Windows
- Add virtual network state change action
- Internal fixes to avoid problems with the idempotency tests
susemanager-sls:
- Fix the dnf plugin to add the token to the HTTP header (bsc#1175724)
- Fix: supply a dnf base when dealing w/repos (bsc#1172504)
- Fix: autorefresh in repos is zypper-only
- Add virtual network state change state to handle start, stop and delete
- Add virtual network state change state to handle start and stop
- Fetch oracle-release when looking for RedHat Product Info (bsc#1173584)
- Force a refresh after deleting a virtual storage volume
- Prevent stuck Hardware Refresh actions on Salt 2016.11.10 based SSH
minions (bsc#1173169)
- Require PyYAML version >= 5.1
- Log out of Docker registries after image build (bsc#1165572)
- Prevent "module.run" deprecation warnings by using custom mgrcompat
module
susemanager-sync-data:
- Remove version from centos and oracle linux identifier (bsc#1173584)
uyuni-common-libs:
- Fix issues importing RPM packages with long RPM headers (bsc#1174965)
virtual-host-gatherer:
- Add new gatherer module for Nutanix AHV.
virtualization-host-formula:
- Ensure kernel-default and libvirt-python3 are installed
- Set bridge network as default
- Fix conditionals (bsc#1175791)
yomi-formula:
- Update to version 0.0.1+git.1595952633.b300be2:
* pillar: install always kernel-default
* chroot: python3-base is now a capability
* Move systemctl calls inside chroot
* Network: initial work for network declaration
* MicroOS: Remove tmp subvolume
* Update format following the new standard
* Fix __mount_device wrapper
httpcomponents-core:
- Include the correct package in SUSE Manager Server (no source changes)
httpcomponents-client:
- Include the correct package in SUSE Manager Server (no source changes)
google-gson:
- Include the correct package in SUSE Manager Server (no source changes)
How to apply this update: 1. Log in as root user to the SUSE Manager
server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the
patch using either zypper patch or YaST Online Update. 4. Upgrade the
database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service:
spacewalk-service start
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2373=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2020-2373=1
Package List:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (ppc64le s390x x86_64):
golang-github-QubitProducts-exporter_exporter-0.4.0-6.3.6
openvpn-formula-0.1.1-3.3.6
patterns-suma_retail-4.1-6.3.6
patterns-suma_server-4.1-6.3.6
python3-uyuni-common-libs-4.1.6-3.3.6
spacewalk-branding-4.1.9-3.3.6
susemanager-4.1.18-3.3.6
susemanager-tools-4.1.18-3.3.6
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (noarch):
cobbler-3.0.0+git20190806.32c4bae0-5.3.6
google-gson-2.8.5-3.2.6
httpcomponents-client-4.5.6-3.2.6
httpcomponents-core-4.4.10-3.2.6
ical4j-3.0.18-3.2.7
image-sync-formula-0.1.1595937550.0285244-3.3.6
mgr-libmod-4.1.4-3.3.6
mgr-osa-dispatcher-4.1.3-2.3.6
prometheus-exporters-formula-0.7.1-3.5.2
pxe-default-image-sle15-4.1.0-Build5.3
python3-mgr-osa-common-4.1.3-2.3.6
python3-mgr-osa-dispatcher-4.1.3-2.3.6
python3-spacewalk-certs-tools-4.1.12-3.3.6
python3-suseRegisterInfo-4.1.3-4.3.6
saltboot-formula-0.1.1595937550.0285244-3.3.6
spacecmd-4.1.6-4.3.6
spacewalk-backend-4.1.14-4.5.2
spacewalk-backend-app-4.1.14-4.5.2
spacewalk-backend-applet-4.1.14-4.5.2
spacewalk-backend-config-files-4.1.14-4.5.2
spacewalk-backend-config-files-common-4.1.14-4.5.2
spacewalk-backend-config-files-tool-4.1.14-4.5.2
spacewalk-backend-iss-4.1.14-4.5.2
spacewalk-backend-iss-export-4.1.14-4.5.2
spacewalk-backend-package-push-server-4.1.14-4.5.2
spacewalk-backend-server-4.1.14-4.5.2
spacewalk-backend-sql-4.1.14-4.5.2
spacewalk-backend-sql-postgresql-4.1.14-4.5.2
spacewalk-backend-tools-4.1.14-4.5.2
spacewalk-backend-xml-export-libs-4.1.14-4.5.2
spacewalk-backend-xmlrpc-4.1.14-4.5.2
spacewalk-base-4.1.15-3.3.6
spacewalk-base-minimal-4.1.15-3.3.6
spacewalk-base-minimal-config-4.1.15-3.3.6
spacewalk-certs-tools-4.1.12-3.3.6
spacewalk-html-4.1.15-3.3.6
spacewalk-java-4.1.18-3.5.3
spacewalk-java-config-4.1.18-3.5.3
spacewalk-java-lib-4.1.18-3.5.3
spacewalk-java-postgresql-4.1.18-3.5.3
spacewalk-taskomatic-4.1.18-3.5.3
spacewalk-utils-4.1.11-3.3.6
spacewalk-utils-extras-4.1.11-3.3.6
suseRegisterInfo-4.1.3-4.3.6
susemanager-doc-indexes-4.1-11.7.2
susemanager-docs_en-4.1-11.7.2
susemanager-docs_en-pdf-4.1-11.7.2
susemanager-frontend-libs-4.1.0-3.3.6
susemanager-schema-4.1.12-3.3.6
susemanager-sls-4.1.14-3.5.2
susemanager-sync-data-4.1.7-3.3.6
susemanager-web-libs-4.1.15-3.3.6
virtual-host-gatherer-1.0.21-4.3.6
virtual-host-gatherer-Kubernetes-1.0.21-4.3.6
virtual-host-gatherer-Nutanix-1.0.21-4.3.6
virtual-host-gatherer-VMware-1.0.21-4.3.6
virtual-host-gatherer-libcloud-1.0.21-4.3.6
virtualization-host-formula-0.5-3.3.1
yomi-formula-0.0.1+git.1595952633.b300be2-3.3.6
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (x86_64):
golang-github-QubitProducts-exporter_exporter-0.4.0-6.3.6
patterns-suma_proxy-4.1-6.3.6
python3-uyuni-common-libs-4.1.6-3.3.6
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (noarch):
mgr-osad-4.1.3-2.3.6
python3-mgr-osa-common-4.1.3-2.3.6
python3-mgr-osad-4.1.3-2.3.6
python3-spacewalk-certs-tools-4.1.12-3.3.6
python3-suseRegisterInfo-4.1.3-4.3.6
spacecmd-4.1.6-4.3.6
spacewalk-backend-4.1.14-4.5.2
spacewalk-base-minimal-4.1.15-3.3.6
spacewalk-base-minimal-config-4.1.15-3.3.6
spacewalk-certs-tools-4.1.12-3.3.6
spacewalk-proxy-broker-4.1.2-3.3.6
spacewalk-proxy-common-4.1.2-3.3.6
spacewalk-proxy-management-4.1.2-3.3.6
spacewalk-proxy-package-manager-4.1.2-3.3.6
spacewalk-proxy-redirect-4.1.2-3.3.6
spacewalk-proxy-salt-4.1.2-3.3.6
suseRegisterInfo-4.1.3-4.3.6
References:
https://www.suse.com/security/cve/CVE-2020-11022.html
https://bugzilla.suse.com/1136857
https://bugzilla.suse.com/1165572
https://bugzilla.suse.com/1169553
https://bugzilla.suse.com/1169780
https://bugzilla.suse.com/1170244
https://bugzilla.suse.com/1170468
https://bugzilla.suse.com/1170654
https://bugzilla.suse.com/1171281
https://bugzilla.suse.com/1172279
https://bugzilla.suse.com/1172504
https://bugzilla.suse.com/1172709
https://bugzilla.suse.com/1172807
https://bugzilla.suse.com/1172831
https://bugzilla.suse.com/1172839
https://bugzilla.suse.com/1173169
https://bugzilla.suse.com/1173522
https://bugzilla.suse.com/1173535
https://bugzilla.suse.com/1173554
https://bugzilla.suse.com/1173566
https://bugzilla.suse.com/1173584
https://bugzilla.suse.com/1173932
https://bugzilla.suse.com/1173982
https://bugzilla.suse.com/1173997
https://bugzilla.suse.com/1174025
https://bugzilla.suse.com/1174167
https://bugzilla.suse.com/1174201
https://bugzilla.suse.com/1174229
https://bugzilla.suse.com/1174325
https://bugzilla.suse.com/1174405
https://bugzilla.suse.com/1174470
https://bugzilla.suse.com/1174965
https://bugzilla.suse.com/1175485
https://bugzilla.suse.com/1175555
https://bugzilla.suse.com/1175558
https://bugzilla.suse.com/1175724
https://bugzilla.suse.com/1175791
https://bugzilla.suse.com/678126
_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates
SUSE: 2020:2373-1 moderate: SUSE Manager Server 4.1
August 28, 2020
An update that solves one vulnerability and has 36 fixes is now available
Summary
This update fixes the following issues: cobbler: - More old modules naming fixes (bsc#1169553) image-sync-formula: - Allow image-sync state on regular minion. Image sync state requires branch-network pillars to get the directory where to sync images. Use default `/srv/saltboot` if that pillar is missing so image-sync can be applied on non branch minions as well. mgr-libmod: - Remove unnecessary array wrap in 'list_modules' response object mgr-osad: - Move uyuni-base-common dependency from mgr-osad to mgr-osa-dispatcher (bsc#1174405) openvpn-formula: - Add hint that ssl certs must be on system (bsc#1172279) patterns-suse-manager: - Add Recommends for golang-github-QubitProducts-exporter_exporter prometheus-exporters-formula: - Bugfix: Handle exporters proxy for unsupported distros (bsc#1175555) - Add support for exporters proxy (exporter_exporter) pxe-default-image-sle15: - Rollback the workaround for bsc#1172807, as dracut is now fixed saltboot-formula: - Better fix for rounding errors (bsc#1136857) spacecmd: - Fix softwarechannel update for vendor channels (bsc#1172709) - Fix escaping of package names (bsc#1171281) spacewalk-backend: - Adds basic functionality for gpg check - Verify GPG signature of Ubuntu/Debian repository metadata (Release file) - Take care of SCC auth tokens on DEB repos GPG checks (bsc#1175485) - Use spacewalk keyring for GPG checks on DEB repos (bsc#1175485) spacewalk-branding: - Implement Maintenance Windows - Fix typo on spacewalk-branding license spacewalk-certs-tools: - Strip SSL Certificate Common Name after 63 Characters (bsc#1173535) - Fix centos detection (bsc#1173584) spacewalk-java: - Use media.1/products from media when not specified different (bsc#1175558) - Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831) - Fix error when rolling back a system to a snapshot (bsc#1173997) - Implement maintenance windows backend - Add check for maintainence window during executing recurring actions - Implement maintenance windows in struts - XMLRPC: Assign/retract maintenance schedule to/from systems - Fix softwarechannel update for vendor channels (bsc#1172709) - Avoid deadlock when syncing channels and registering minions at the same time (bsc#1173566) - Change system list header text to something better (bsc#1173982) - Set CPU and memory info for virtual instances (bsc#1170244) - Add virtual network Start, Stop and Delete actions - Add virtual network list page - Fix httpcomponents and gson jar symlinks (bsc#1174229) - Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584) - Provide comps.xml and modules.yaml when using onlinerepo for kickstart - Refresh virtualization pages only on events - Fix up2date detection on RH8 when salt-minion is used for registration - Improve performance of the System Groups page with many clients (bsc#1172839) - Include number of non-patch package updates to non-critical update counts in system group pages (bsc#1170468) - Bump XMLRPC API version number to distinguish from Spacewalk 2.10 - Cluster UI: return to overview page after scheduling actions - Fix NPE on auto installation when no kernel options are given (bsc#1173932) - Fix issue with disabling self_update for autoyast autoupgrade (bsc#1170654) - Adapt expectations for jobs return events after switching Salt states to use 'mgrcompat.module_run' state. spacewalk-utils: - Add aarch64 for openSUSE Leap 15.1 and 15.2 spacewalk-web: - Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831) - Fix JS linting errors/warnings - Enable Nutanix AHV virtual host gatherer. - Web UI: Implement managing maintenance schedules and calendars - Warn when a system is in multiple groups that configure the same formula in the system formula's UI (bsc#1173554) - Add virtual network start, stop and delete actions - Add virtual network list page - Fix internal server error when creating module filters in CLM (bsc#1174325) - Fix VM creation page when there is no volume in the default storage pool - Refresh virtualization pages only on events - Product list in the Wizard doesn't show SLE products first (bsc#1173522) - Cluster UI: return to overview page after scheduling actions - Changes in the logic to update the tick icon. - For the postgres localhost:5432 case, use the - Fix internal server errors by returning 0 instead of dying - Add missing dependency to spacewalk-base-minimal (bsc#678126) - Change kickstart to autoinstallation in navigation on pxt pages - Debranding suseRegisterInfo: - Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584) susemanager: - Migrate all occurrences of kickstart to autoinstall in cobbler database (bsc#1169780) - Define bootstrap repo data for SUSE Manager Proxies (bsc#1174470) - Add SLE 15 LTSS Product ID to SLE15 bootstrap repositories, as it is required to get python3-M2crypto (bsc#1174167) susemanager-doc-indexes: - Left navigation structure cleaned up - Fixed several broken xrefs - Added hostname admonition for public cloud sections - Clarified Branch Proxy configuration instructions - Fixed index page pdf links, urls were 1 step to deep - SUSECOM 2020 branding update - PDF 2020 branding update - WEBUI 2020 branding update - Added maintenance window documentation - Added SLE client chapter - Added 508 compliance - Added reverse proxy information to Monitoring in Admin Guide - Add note about accessibility to index - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for versioning. - Added docs for nutanix VHM - Ubuntu clients using the CLI in SUMA (bsc#1174025) susemanager-docs_en: - Left navigation structure cleaned up - Fixed several broken xrefs - Added hostname admonition for public cloud sections - Clarified Branch Proxy configuration instructions - Fixed index page pdf links, urls were 1 step to deep - SUSECOM 2020 branding update - PDF 2020 branding update - WEBUI 2020 branding update - Added maintenance window documentation - Added SLE client chapter - Added 508 compliance - Added reverse proxy information to Monitoring in Admin Guide - Add note about accessibility to index - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for versioning. - Added docs for nutanix VHM - Ubuntu clients using the CLI in SUMA (bsc#1174025) susemanager-frontend-libs: - Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831) susemanager-schema: - Add new states and types for virtual instances in order to support Nutanix AHV. - Implement Maintenance Windows - Add virtual network state change action - Internal fixes to avoid problems with the idempotency tests susemanager-sls: - Fix the dnf plugin to add the token to the HTTP header (bsc#1175724) - Fix: supply a dnf base when dealing w/repos (bsc#1172504) - Fix: autorefresh in repos is zypper-only - Add virtual network state change state to handle start, stop and delete - Add virtual network state change state to handle start and stop - Fetch oracle-release when looking for RedHat Product Info (bsc#1173584) - Force a refresh after deleting a virtual storage volume - Prevent stuck Hardware Refresh actions on Salt 2016.11.10 based SSH minions (bsc#1173169) - Require PyYAML version >= 5.1 - Log out of Docker registries after image build (bsc#1165572) - Prevent "module.run" deprecation warnings by using custom mgrcompat module susemanager-sync-data: - Remove version from centos and oracle linux identifier (bsc#1173584) uyuni-common-libs: - Fix issues importing RPM packages with long RPM headers (bsc#1174965) virtual-host-gatherer: - Add new gatherer module for Nutanix AHV. virtualization-host-formula: - Ensure kernel-default and libvirt-python3 are installed - Set bridge network as default - Fix conditionals (bsc#1175791) yomi-formula: - Update to version 0.0.1+git.1595952633.b300be2: * pillar: install always kernel-default * chroot: python3-base is now a capability * Move systemctl calls inside chroot * Network: initial work for network declaration * MicroOS: Remove tmp subvolume * Update format following the new standard * Fix __mount_device wrapper httpcomponents-core: - Include the correct package in SUSE Manager Server (no source changes) httpcomponents-client: - Include the correct package in SUSE Manager Server (no source changes) google-gson: - Include the correct package in SUSE Manager Server (no source changes) How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2373=1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2020-2373=1 Package List: - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (ppc64le s390x x86_64): golang-github-QubitProducts-exporter_exporter-0.4.0-6.3.6 openvpn-formula-0.1.1-3.3.6 patterns-suma_retail-4.1-6.3.6 patterns-suma_server-4.1-6.3.6 python3-uyuni-common-libs-4.1.6-3.3.6 spacewalk-branding-4.1.9-3.3.6 susemanager-4.1.18-3.3.6 susemanager-tools-4.1.18-3.3.6 - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (noarch): cobbler-3.0.0+git20190806.32c4bae0-5.3.6 google-gson-2.8.5-3.2.6 httpcomponents-client-4.5.6-3.2.6 httpcomponents-core-4.4.10-3.2.6 ical4j-3.0.18-3.2.7 image-sync-formula-0.1.1595937550.0285244-3.3.6 mgr-libmod-4.1.4-3.3.6 mgr-osa-dispatcher-4.1.3-2.3.6 prometheus-exporters-formula-0.7.1-3.5.2 pxe-default-image-sle15-4.1.0-Build5.3 python3-mgr-osa-common-4.1.3-2.3.6 python3-mgr-osa-dispatcher-4.1.3-2.3.6 python3-spacewalk-certs-tools-4.1.12-3.3.6 python3-suseRegisterInfo-4.1.3-4.3.6 saltboot-formula-0.1.1595937550.0285244-3.3.6 spacecmd-4.1.6-4.3.6 spacewalk-backend-4.1.14-4.5.2 spacewalk-backend-app-4.1.14-4.5.2 spacewalk-backend-applet-4.1.14-4.5.2 spacewalk-backend-config-files-4.1.14-4.5.2 spacewalk-backend-config-files-common-4.1.14-4.5.2 spacewalk-backend-config-files-tool-4.1.14-4.5.2 spacewalk-backend-iss-4.1.14-4.5.2 spacewalk-backend-iss-export-4.1.14-4.5.2 spacewalk-backend-package-push-server-4.1.14-4.5.2 spacewalk-backend-server-4.1.14-4.5.2 spacewalk-backend-sql-4.1.14-4.5.2 spacewalk-backend-sql-postgresql-4.1.14-4.5.2 spacewalk-backend-tools-4.1.14-4.5.2 spacewalk-backend-xml-export-libs-4.1.14-4.5.2 spacewalk-backend-xmlrpc-4.1.14-4.5.2 spacewalk-base-4.1.15-3.3.6 spacewalk-base-minimal-4.1.15-3.3.6 spacewalk-base-minimal-config-4.1.15-3.3.6 spacewalk-certs-tools-4.1.12-3.3.6 spacewalk-html-4.1.15-3.3.6 spacewalk-java-4.1.18-3.5.3 spacewalk-java-config-4.1.18-3.5.3 spacewalk-java-lib-4.1.18-3.5.3 spacewalk-java-postgresql-4.1.18-3.5.3 spacewalk-taskomatic-4.1.18-3.5.3 spacewalk-utils-4.1.11-3.3.6 spacewalk-utils-extras-4.1.11-3.3.6 suseRegisterInfo-4.1.3-4.3.6 susemanager-doc-indexes-4.1-11.7.2 susemanager-docs_en-4.1-11.7.2 susemanager-docs_en-pdf-4.1-11.7.2 susemanager-frontend-libs-4.1.0-3.3.6 susemanager-schema-4.1.12-3.3.6 susemanager-sls-4.1.14-3.5.2 susemanager-sync-data-4.1.7-3.3.6 susemanager-web-libs-4.1.15-3.3.6 virtual-host-gatherer-1.0.21-4.3.6 virtual-host-gatherer-Kubernetes-1.0.21-4.3.6 virtual-host-gatherer-Nutanix-1.0.21-4.3.6 virtual-host-gatherer-VMware-1.0.21-4.3.6 virtual-host-gatherer-libcloud-1.0.21-4.3.6 virtualization-host-formula-0.5-3.3.1 yomi-formula-0.0.1+git.1595952633.b300be2-3.3.6 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (x86_64): golang-github-QubitProducts-exporter_exporter-0.4.0-6.3.6 patterns-suma_proxy-4.1-6.3.6 python3-uyuni-common-libs-4.1.6-3.3.6 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (noarch): mgr-osad-4.1.3-2.3.6 python3-mgr-osa-common-4.1.3-2.3.6 python3-mgr-osad-4.1.3-2.3.6 python3-spacewalk-certs-tools-4.1.12-3.3.6 python3-suseRegisterInfo-4.1.3-4.3.6 spacecmd-4.1.6-4.3.6 spacewalk-backend-4.1.14-4.5.2 spacewalk-base-minimal-4.1.15-3.3.6 spacewalk-base-minimal-config-4.1.15-3.3.6 spacewalk-certs-tools-4.1.12-3.3.6 spacewalk-proxy-broker-4.1.2-3.3.6 spacewalk-proxy-common-4.1.2-3.3.6 spacewalk-proxy-management-4.1.2-3.3.6 spacewalk-proxy-package-manager-4.1.2-3.3.6 spacewalk-proxy-redirect-4.1.2-3.3.6 spacewalk-proxy-salt-4.1.2-3.3.6 suseRegisterInfo-4.1.3-4.3.6
References
#1136857 #1165572 #1169553 #1169780 #1170244
#1170468 #1170654 #1171281 #1172279 #1172504
#1172709 #1172807 #1172831 #1172839 #1173169
#1173522 #1173535 #1173554 #1173566 #1173584
#1173932 #1173982 #1173997 #1174025 #1174167
#1174201 #1174229 #1174325 #1174405 #1174470
#1174965 #1175485 #1175555 #1175558 #1175724
#1175791 #678126
Cross- CVE-2020-11022
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
https://www.suse.com/security/cve/CVE-2020-11022.html
https://bugzilla.suse.com/1136857
https://bugzilla.suse.com/1165572
https://bugzilla.suse.com/1169553
https://bugzilla.suse.com/1169780
https://bugzilla.suse.com/1170244
https://bugzilla.suse.com/1170468
https://bugzilla.suse.com/1170654
https://bugzilla.suse.com/1171281
https://bugzilla.suse.com/1172279
https://bugzilla.suse.com/1172504
https://bugzilla.suse.com/1172709
https://bugzilla.suse.com/1172807
https://bugzilla.suse.com/1172831
https://bugzilla.suse.com/1172839
https://bugzilla.suse.com/1173169
https://bugzilla.suse.com/1173522
https://bugzilla.suse.com/1173535
https://bugzilla.suse.com/1173554
https://bugzilla.suse.com/1173566
https://bugzilla.suse.com/1173584
https://bugzilla.suse.com/1173932
https://bugzilla.suse.com/1173982
https://bugzilla.suse.com/1173997
https://bugzilla.suse.com/1174025
https://bugzilla.suse.com/1174167
https://bugzilla.suse.com/1174201
https://bugzilla.suse.com/1174229
https://bugzilla.suse.com/1174325
https://bugzilla.suse.com/1174405
https://bugzilla.suse.com/1174470
https://bugzilla.suse.com/1174965
https://bugzilla.suse.com/1175485
https://bugzilla.suse.com/1175555
https://bugzilla.suse.com/1175558
https://bugzilla.suse.com/1175724
https://bugzilla.suse.com/1175791
https://bugzilla.suse.com/678126
Severity
Announcement ID: SUSE-SU-2020:2373-1
Rating: moderate
News
HOWTOs
Features
About Us
Powered By
