Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE 15: 2020:3160-1 Important: rmt-server Security Issues Fixed

suse
Calendar Grey November 5, 2020
Dist Suse Esm H88
Essential security patch for rmt-agent addresses 16 significant vulnerabilities. Make sure your SUSE installations are up to date.
An update that fixes 16 vulnerabilities is now available

Summary

This update for rmt-server fixes the following issues: - Version 2.6.5 - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one. - Version 2.6.4 - Add web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf. - Version 2.6.3 - Instead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name. - Version 2.6.2 - Fix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the

Topics%20covered

Topics Covered

security advisory update important software issue rmt-server SUSE 15

References

#1172177 #1172182 #1172184 #1172186 #1173351

Cross- CVE-2019-16770 CVE-2019-5418 CVE-2019-5419

CVE-2019-5420 CVE-2020-11076 CVE-2020-11077

CVE-2020-15169 CVE-2020-5247 CVE-2020-5249

CVE-2020-5267 CVE-2020-8164 CVE-2020-8165

CVE-2020-8166 CVE-2020-8167 CVE-2020-8184

CVE-2020-8185

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15-SP1

SUSE Linux Enterprise Module for Public Cloud 15-SP1

https://www.suse.com/security/cve/CVE-2019-16770.html

https://www.suse.com/security/cve/CVE-2019-5418.html

https://www.suse.com/security/cve/CVE-2019-5419.html

https://www.suse.com/security/cve/CVE-2019-5420.html

https://www.suse.com/security/cve/CVE-2020-11076.html

https://www.suse.com/security/cve/CVE-2020-11077.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2020:3160-1
Rating: important

Topics%20covered

Topics Covered

security advisory update important software issue rmt-server SUSE 15

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here