Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:2650-1 moderate: SUSE Manager Proxy 4.0

    Date
    165
    Posted By
    An update that solves one vulnerability and has 8 fixes is now available.
    
       SUSE Security Update: Security update for SUSE Manager Proxy 4.0
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:2650-1
    Rating:             moderate
    References:         #1167907 #1169664 #1171281 #1172831 #1173535 
                        #1173554 #1174201 #1175224 #1175889 
    Cross-References:   CVE-2020-11022
    Affected Products:
                        SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0
    ______________________________________________________________________________
    
       An update that solves one vulnerability and has 8 fixes is
       now available.
    
    Description:
    
    
       This update fixes the following issues:
    
       spacecmd:
    
       - Python3 fixes for errata in spacecmd (bsc#1169664)
       - Python3 fix for sorted usage (bsc#1167907)
       - Fix softwarechannel_listlatestpackages throwing error on empty channels
         (bsc#1175889)
       - Fix escaping of package names (bsc#1171281)
    
       spacewalk-certs-tools:
    
       - Add option --nostricthostkeychecking to spacewalk-ssh-push-init
       - Strip SSL Certificate Common Name after 63 Characters (bsc#1173535)
    
       spacewalk-proxy:
    
       - Python3 fix for loading pickle file during kickstart procedure
         (bsc#1174201)
    
       spacewalk-web:
    
       - Fix login page after jQuery upgrade (bsc#1175224)
       - Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
       - Warn when a system is in multiple groups that configure the same formula
         in the system formula's UI (bsc#1173554)
    
       How to apply this update: 1. Log in as root user to the SUSE Manager
       proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch
       using either zypper patch or YaST Online Update. 4. Start the Spacewalk
       service: spacewalk-proxy start
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0:
    
          zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-2650=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0 (noarch):
    
          python3-spacewalk-certs-tools-4.0.17-3.21.3
          spacecmd-4.0.20-3.19.2
          spacewalk-base-minimal-4.0.23-3.30.3
          spacewalk-base-minimal-config-4.0.23-3.30.3
          spacewalk-certs-tools-4.0.17-3.21.3
          spacewalk-proxy-broker-4.0.14-3.10.3
          spacewalk-proxy-common-4.0.14-3.10.3
          spacewalk-proxy-management-4.0.14-3.10.3
          spacewalk-proxy-package-manager-4.0.14-3.10.3
          spacewalk-proxy-redirect-4.0.14-3.10.3
          spacewalk-proxy-salt-4.0.14-3.10.3
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2020-11022.html
       https://bugzilla.suse.com/1167907
       https://bugzilla.suse.com/1169664
       https://bugzilla.suse.com/1171281
       https://bugzilla.suse.com/1172831
       https://bugzilla.suse.com/1173535
       https://bugzilla.suse.com/1173554
       https://bugzilla.suse.com/1174201
       https://bugzilla.suse.com/1175224
       https://bugzilla.suse.com/1175889
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://lists.suse.com/mailman/listinfo/sle-security-updates
    

    LinuxSecurity Poll

    Which aspect of server security are you most interested in learning more about?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/38-which-aspect-of-server-security-are-you-most-interested-in-learning-more-about?task=poll.vote&format=json
    38
    radio
    [{"id":"131","title":"Preventing information leakage","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"132","title":"Firewall considerations","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"133","title":"Permissions ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.