Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

SUSE: 2021:0480-1 Moderate: Manager Client Tools Security Update

suse
Calendar Grey February 15, 2021
Dist Suse Esm H88
SUSE Security Update addresses vulnerabilities in Manager Client Tools, assigned a moderate severity level, delivering crucial repairs and updates.
An update that solves four vulnerabilities and has 19 fixes is now available

Summary

This update fixes the following issues: prometheus-exporter-exporter: - Initial release (Closes: #968029). salt: - Remove deprecated warning that breaks minion execution when "server_id_use_crc" opts is missing - Revert wrong zypper patch to support vendorchanges flags on pkg.install - Force zyppnotify to prefer Packages.db than Packages if it exists - Allow vendor change option with zypper - Add pkg.services_need_restart - Fix for file.check_perms to work with numeric uid/gid - Virt: more network support Add more network and PCI/USB host devices passthrough support to virt module and states - Bigvm backports - Virt consoles, CPU tuning and topology, and memory tuning. - Fix pkg states when DEB package has "all" arch - Do not force beacons configuration to be a list. Revert

References

#1083110 #1157479 #1158441 #1159284 #1162504

#1163981 #1165425 #1167556 #1169604 #1171257

#1171461 #1172211 #1173909 #1173911 #1175549

#1176293 #1176823 #1178319 #1178361 #1178362

#1178485 #1179566 #1180584

Cross- CVE-2019-17361 CVE-2020-16846 CVE-2020-17490

CVE-2020-25592

CVSS scores:

CVE-2019-17361 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2019-17361 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-16846 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-16846 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-17490 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2020-17490 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Announcement ID: SUSE-SU-2021:0480-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.