Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 547
Alerts This Week
Warning Icon 1 547

SUSE: 2021:0906-1 Moderate: SSL Update For Manager Proxy 4.1

suse
Calendar Grey March 19, 2021
Dist Suse Esm H88
New update released for SUSE Manager Proxy 4.1, resolving critical security vulnerabilities with essential improvements.
An update that solves one vulnerability and has 5 fixes is now available

Summary

This update fixes the following issues: mgr-osad: - Adapt to new SSL implementation of rhnlib (bsc#1181807) rhnlib: - Change SSL implementation to python ssl for better SAN and hostname matching support (bsc#1181807) spacewalk-backend: - Open repomd files as binary (bsc#1173893) - Fix requesting Release file in debian repos (bsc#1182006) - Reposync: Fixed Kickstart functionality. - Reposync: Fixed URLGrabber error handling. - Reposync: Fix modular data handling for cloned channels (bsc#1177508) spacewalk-client-tools: - Adapt to new SSL implementation of rhnlib (bsc#1181807) spacewalk-proxy: - Adapt to new SSL implementation of rhnlib (bsc#1181807) spacewalk-proxy-installer: - Adapt to new SSL implementation of rhnlib (bsc#1181807) spacewalk-web:

References

#1173893 #1177508 #1180558 #1181807 #1182006

#1182685

Cross- CVE-2020-28477

CVSS scores:

CVE-2020-28477 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1

https://www.suse.com/security/cve/CVE-2020-28477.html

https://bugzilla.suse.com/1173893

https://bugzilla.suse.com/1177508

https://bugzilla.suse.com/1180558

https://bugzilla.suse.com/1181807

https://bugzilla.suse.com/1182006

https://bugzilla.suse.com/1182685

Announcement ID: SUSE-SU-2021:0906-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.