Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:2832-1 moderate: SUSE Manager Server 4.1

    Date 02 Oct 2020
    241
    Posted By LinuxSecurity Advisories
    An update that solves one vulnerability and has 25 fixes is now available.
    
       SUSE Security Update: Security update for SUSE Manager Server 4.1
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:2832-1
    Rating:             moderate
    References:         #1151557 #1165287 #1165829 #1171836 #1172079 
                        #1172263 #1173073 #1173520 #1173603 #1173621 
                        #1174025 #1174254 #1174357 #1174423 #1174636 
                        #1175103 #1175512 #1175529 #1175545 #1175556 
                        #1175889 #1176500 #1176503 #1176844 #1176862 
                        #1176913 
    Cross-References:   CVE-2019-14900
    Affected Products:
                        SUSE Linux Enterprise Module for SUSE Manager Server 4.1
    ______________________________________________________________________________
    
       An update that solves one vulnerability and has 25 fixes is
       now available.
    
    Description:
    
    
       This update fixes the following issues:
    
       golang-github-QubitProducts-exporter_exporter:
    
       - Pin Golang version to 1.14
    
       golang-github-prometheus-node_exporter:
    
       - Update to 1.0.1
         * Changes to build specification
           + Modify spec: update golang version to 1.14
           + Remove update tarball script
           + Add _service file to allow for updates via `osc service disabledrun`
         * Bug fixes
           + [BUGFIX] filesystem_freebsd: Fix label values #1728
           + [BUGFIX] Update prometheus/procfs to fix log noise #1735
           + [BUGFIX] Fix build tags for collectors #1745
           + [BUGFIX] Handle no data from powersupplyclass #1747, #1749
       - Update to 1.0.0
         * Bug fixes
           + [BUGFIX] Read /proc/net files with a single read syscall #1380
           + [BUGFIX] Renamed label state to name on
             node_systemd_service_restart_total. #1393
           + [BUGFIX] Fix netdev nil reference on Darwin #1414
           + [BUGFIX] Strip path.rootfs from mountpoint labels #1421
           + [BUGFIX] Fix seconds reported by schedstat #1426
           + [BUGFIX] Fix empty string in path.rootfs #1464
           + [BUGFIX] Fix typo in cpufreq metric names #1510
           + [BUGFIX] Read /proc/stat in one syscall #1538
           + [BUGFIX] Fix OpenBSD cache memory information #1542
           + [BUGFIX] Refactor textfile collector to avoid looping defer #1549
           + [BUGFIX] Fix network speed math #1580
           + [BUGFIX] collector/systemd: use regexp to extract systemd version
             #1647
           + [BUGFIX] Fix initialization in perf collector when using multiple
             CPUs #1665
           + [BUGFIX] Fix accidentally empty lines in meminfo_linux #1671
         * Several enhancements
           + See https://github.com/prometheus/node_exporter/releases/tag/v1.0.0
       - Update to 1.0.0-rc.0
         * The netdev collector CLI argument --collector.netdev.ignored-devices
           was renamed to --collector.netdev.device-blacklist in order to conform
           with the systemd collector. #1279
         * The label named state on node_systemd_service_restart_total metrics
           was changed to name to better describe the metric. #1393
         * Refactoring of the mdadm collector changes several metrics
           node_md_disks_active is removed node_md_disks now has a state label
           for "fail", "spare", "active" disks. node_md_is_active is replaced by
           node_md_state with a state set of "active", "inactive", "recovering",
           "resync".
         * Additional label mountaddr added to NFS device metrics to distinguish
           mounts from the same URL, but different IP addresses. #1417
         * Metrics node_cpu_scaling_frequency_min_hrts and
           node_cpu_scaling_frequency_max_hrts of the cpufreq collector were
           renamed to node_cpu_scaling_frequency_min_hertz and
           node_cpu_scaling_frequency_max_hertz. #1510
         * Collectors that are enabled, but are unable to find data to collect,
           now return 0 for node_scrape_collector_success.
       - Add missing sysconfig file in rpm  bsc#1151557
    
       hibernate5:
    
       - Address CVE-2019-14900 (bsc#1172079)
       - Add patch:
    
       hub-xmlrpc-api:
    
       - One configuration flag was renamed for clarity
       - Added USE_SSL flag to https insted of plain http
       - Updated docs
       - Bugfixes
       - Changed configuration to plain variables
       - Bugfixes
    
       patterns-suse-manager:
    
       - Change PostgreSQL requirements to require at least PostgreSQL 12
    
       prometheus-exporters-formula:
    
       - Bugfix: More robust handling of NoneType arguments (bsc#1176844)
       - Bugfix: Handle  arguments (bsc#1176844)
    
       salt-netapi-client:
    
       - Fix text resource usage
    
       spacecmd:
    
       - Fix softwarechannel_listlatestpackages throwing error on empty channels
         (bsc#1175889)
    
       spacewalk-backend:
    
       - Fix strings (mentions of Satellite, replace SUSE Manager with
         PRODUCT_NAME, etc)
       - Only regenerate bootstrap repositories when linking new packages
         (bsc#1174636)
       - Support installer_updates flag in ISS
       - Remove duplicate languages and update translation strings
    
       spacewalk-branding:
    
       - Re-enable language picker for user creation
    
       spacewalk-certs-tools:
    
       - Add option --nostricthostkeychecking to spacewalk-ssh-push-init
       - Fix the fallback to RES bootstrap repo for Centos (bsc#1174423)
    
       spacewalk-client-tools:
    
       - Remove duplicated languages and update translation strings
    
       spacewalk-java:
    
       - Force disable SPA for non-navigation links (bsc#1175512)
       - Fix strings (mentions of Satellite, replace SUSE Manager with
         PRODUCT_NAME, etc)
       - Pass the log level parameter to matcher
       - Add language picker to user preferences and user creation
       - Detect client organization from connected proxy (bsc#1175545)
       - Fix EntityExistsException on migration from traditional to salt minion
         via proxy (bsc#1175556)
       - Fix: use quiet API method when using spacewalk-common-channels
         (bsc#1175529)
       - Add java.allow_adding_patches_via_api to allow adding errata to vendor
         channels
       - Fix alignment on icon on entitlement page
       - Support installer update channels during autoinstallation
       - Filter machines not in maintenance mode for remote commands
       - Reset the server path on minion registration (bsc#1174254)
       - Data null means the sync never ran yet (bsc#1174357)
    
       spacewalk-utils:
    
       - Avoid exceptions on the logs when looking for channels that do not exist
         (bsc#1175529)
    
       spacewalk-web:
    
       - Fix the jQuery selector in SP Migration page (bsc#1176500)
       - Fix JavaScript error caused by SPA navigation event with empty event
         field (bsc#1176503)
       - Force disable SPA for non-navigation links (bsc#1175512)
       - Add translation support for react t() function
       - Fix striping on react tables
       - Update translation strings
    
       subscription-matcher:
    
       - Allow matching any guest products for Unlimited Virtualization
         subscriptions (bsc#1165287)
       - Only report confirmed matches in the output.json
       - Expose the log level setting to the command line
       - In the subscriptions CSV output, print the active subscriptions first
    
       susemanager:
    
       - Add missing packages to SLE12 >= SP1 bootstrap data to fix JeOS
         bootstrap problems (bsc#1176913)
       - Fix strings (mentions of Satellite, replace SUSE Manager with
         PRODUCT_NAME, etc)
       - Support installer update channels during autoinstallation
    
       susemanager-build-keys:
    
       - Trust PackageHub key (bsc#1175103)
    
       susemanager-doc-indexes:
    
       - Fix contrast problem for visited links (bsc#1176862)
       - Remove old certs before renaming in Administration Guide (bsc#1171836)
       - Reference example scripts for SP Mass Migration in Upgrade Guide
       - Move PoS Terminal Requirements to the Requirements sections in the
         Retail Guide
       - Updated SP Mass Migration section in Upgrade Guide for clarity
       - Documented Proxy Y Upgrade (SP Migration) in Upgrade Guide
       - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for
         versioning.
       - Align SUSE Manager and Uyuni Proxy installation in the Installation Guide
       - New section Upgrade Uyuni Proxy in Upgrade Guide
       - New section Upgrade Uyuni Server in Upgrade Guide
       - Add GPG information about Oracle clients to SUMA (bsc#1173520)
       - Add hostname admonition to public cloud sections (bsc#1173621)
       - Add error wording to Taskomatic troubleshooting (bsc#1172263)
       - Add required URLs to Installation Guide
       - Replaces removed instructions for adding channels on older Ubuntu
         clients using the CLI in SUMA (bsc#1174025)
       - Added more concepts to Client Cfg
       - Documented maintenance windows feature in Admin Guide
       - Some reorganization of Client Cfg & Admin Guides
       - Updates storage device requirements in Install Guide
       - Adds new section for SUMA formulas in the Salt Guide
       - Updates storage device requirements in Install Guide
       - Added reverse proxy information to Monitoring in Admin Guide
       - Add note about accessibility to index
       - Add note about CentOS upstream repository (bsc#1173603)
       - Add firewall troubleshooting to Admin Guide
       - Fix Azure command in Install Guide (thanks Rahul-CTS)
       - Fix broken links in Auto-Install Proxy in Client Cfg (thanks shirocco88)
       - Adds Ubuntu 20.04 supported features for Uyuni in Client Cfg
       - Adds Uyuni Config Modules to the Salt Guide as tech preview
    
       susemanager-docs_en:
    
       - Fix contrast problem for visited links (bsc#1176862)
       - Remove old certs before renaming in Administration Guide (bsc#1171836)
       - Reference example scripts for SP Mass Migration in Upgrade Guide
       - Move PoS Terminal Requirements to the Requirements sections in the
         Retail Guide
       - Updated SP Mass Migration section in Upgrade Guide for clarity
       - Documented Proxy Y Upgrade (SP Migration) in Upgrade Guide
       - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for
         versioning.
       - Align SUSE Manager and Uyuni Proxy installation in the Installation Guide
       - New section Upgrade Uyuni Proxy in Upgrade Guide
       - New section Upgrade Uyuni Server in Upgrade Guide
       - Add GPG information about Oracle clients to SUMA (bsc#1173520)
       - Add hostname admonition to public cloud sections (bsc#1173621)
       - Add error wording to Taskomatic troubleshooting (bsc#1172263)
       - Add required URLs to Installation Guide
       - Replaces removed instructions for adding channels on older Ubuntu
         clients using the CLI in SUMA (bsc#1174025)
       - Added more concepts to Client Cfg
       - Documented maintenance windows feature in Admin Guide
       - Some reorganization of Client Cfg & Admin Guides
       - Updates storage device requirements in Install Guide
       - Adds new section for SUMA formulas in the Salt Guide
       - Updates storage device requirements in Install Guide
       - Added reverse proxy information to Monitoring in Admin Guide
       - Add note about accessibility to index
       - Add note about CentOS upstream repository (bsc#1173603)
       - Add firewall troubleshooting to Admin Guide
       - Fix Azure command in Install Guide (thanks Rahul-CTS)
       - Fix broken links in Auto-Install Proxy in Client Cfg (thanks shirocco88)
       - Adds Ubuntu 20.04 supported features for Uyuni in Client Cfg
       - Adds Uyuni Config Modules to the Salt Guide as tech preview
    
       susemanager-schema:
    
       - Support installer update channels during autoinstallation
       - Prevent a deadlock error involving delete_server and update_needed_cache
         (bsc#1173073)
    
       susemanager-sls:
    
       - Add uyuni-config-modules subpackage with Salt modules to configure
         Servers
       - Fix reporting of missing products in product.all_installed (bsc#1165829)
    
       How to apply this update: 1. Log in as root user to the SUSE Manager
       server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the
       patch using either zypper patch or YaST Online Update. 4. Upgrade the
       database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service:
       spacewalk-service start
    
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for SUSE Manager Server 4.1:
    
          zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2832=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (ppc64le s390x x86_64):
    
          golang-github-QubitProducts-exporter_exporter-0.4.0-6.9.4
          golang-github-prometheus-node_exporter-1.0.1-3.3.4
          hub-xmlrpc-api-0.7-3.3.3
          hub-xmlrpc-api-debuginfo-0.7-3.3.3
          patterns-suma_retail-4.1-6.6.3
          patterns-suma_server-4.1-6.6.3
          spacewalk-branding-4.1.10-3.6.3
          susemanager-4.1.20-3.8.3
          susemanager-tools-4.1.20-3.8.3
    
       - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (noarch):
    
          hibernate5-5.3.7-3.3.4
          prometheus-exporters-formula-0.7.3-3.10.1
          python3-spacewalk-certs-tools-4.1.13-3.6.3
          python3-spacewalk-client-tools-4.1.6-4.3.3
          salt-netapi-client-0.17.0-15.4.3
          spacecmd-4.1.7-4.6.3
          spacewalk-backend-4.1.15-4.8.4
          spacewalk-backend-app-4.1.15-4.8.4
          spacewalk-backend-applet-4.1.15-4.8.4
          spacewalk-backend-config-files-4.1.15-4.8.4
          spacewalk-backend-config-files-common-4.1.15-4.8.4
          spacewalk-backend-config-files-tool-4.1.15-4.8.4
          spacewalk-backend-iss-4.1.15-4.8.4
          spacewalk-backend-iss-export-4.1.15-4.8.4
          spacewalk-backend-package-push-server-4.1.15-4.8.4
          spacewalk-backend-server-4.1.15-4.8.4
          spacewalk-backend-sql-4.1.15-4.8.4
          spacewalk-backend-sql-postgresql-4.1.15-4.8.4
          spacewalk-backend-tools-4.1.15-4.8.4
          spacewalk-backend-xml-export-libs-4.1.15-4.8.4
          spacewalk-backend-xmlrpc-4.1.15-4.8.4
          spacewalk-base-4.1.18-3.6.3
          spacewalk-base-minimal-4.1.18-3.6.3
          spacewalk-base-minimal-config-4.1.18-3.6.3
          spacewalk-certs-tools-4.1.13-3.6.3
          spacewalk-client-tools-4.1.6-4.3.3
          spacewalk-html-4.1.18-3.6.3
          spacewalk-java-4.1.20-3.11.8
          spacewalk-java-config-4.1.20-3.11.8
          spacewalk-java-lib-4.1.20-3.11.8
          spacewalk-java-postgresql-4.1.20-3.11.8
          spacewalk-taskomatic-4.1.20-3.11.8
          spacewalk-utils-4.1.12-3.6.3
          spacewalk-utils-extras-4.1.12-3.6.3
          subscription-matcher-0.26-3.3.3
          susemanager-build-keys-15.2.1-3.3.2
          susemanager-build-keys-web-15.2.1-3.3.2
          susemanager-doc-indexes-4.1-11.12.2
          susemanager-docs_en-4.1-11.12.2
          susemanager-docs_en-pdf-4.1-11.12.2
          susemanager-schema-4.1.13-3.6.3
          susemanager-sls-4.1.15-3.8.4
          susemanager-web-libs-4.1.18-3.6.3
          uyuni-config-formula-0.1-6.3.3
          uyuni-config-modules-4.1.15-3.8.4
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2019-14900.html
       https://bugzilla.suse.com/1151557
       https://bugzilla.suse.com/1165287
       https://bugzilla.suse.com/1165829
       https://bugzilla.suse.com/1171836
       https://bugzilla.suse.com/1172079
       https://bugzilla.suse.com/1172263
       https://bugzilla.suse.com/1173073
       https://bugzilla.suse.com/1173520
       https://bugzilla.suse.com/1173603
       https://bugzilla.suse.com/1173621
       https://bugzilla.suse.com/1174025
       https://bugzilla.suse.com/1174254
       https://bugzilla.suse.com/1174357
       https://bugzilla.suse.com/1174423
       https://bugzilla.suse.com/1174636
       https://bugzilla.suse.com/1175103
       https://bugzilla.suse.com/1175512
       https://bugzilla.suse.com/1175529
       https://bugzilla.suse.com/1175545
       https://bugzilla.suse.com/1175556
       https://bugzilla.suse.com/1175889
       https://bugzilla.suse.com/1176500
       https://bugzilla.suse.com/1176503
       https://bugzilla.suse.com/1176844
       https://bugzilla.suse.com/1176862
       https://bugzilla.suse.com/1176913
    

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"1","type":"x","order":"1","pct":50,"resources":[]},{"id":"161","title":"1-5 years","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"162","title":"6-10 years","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"1","type":"x","order":"4","pct":50,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.