Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2021:0913-2 Critical Update for Manager Client Tools

suse
Calendar Grey March 19, 2021
Dist Suse Esm H88
This patch resolves 11 security issues in SUSE Manager Client Utilities, delivering essential improvements and corrections.
An update that solves 11 vulnerabilities and has 8 fixes is now available

Summary

This update fixes the following issues: salt: - virt.network_update: handle missing ipv4 netmask attribute - Do not monkey patch yaml loaders: Prevent breaking Ansible filter modules (bsc#1177474) - Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110) - Allow extra_filerefs as sanitized kwargs for SSH client - Fix regression on cmd.run when passing tuples as cmd (bsc#1182740) - Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565)

Topics%20covered

Topics Covered

security advisory update critical patch SUSE issue resolution client tools

References

#1099976 #1172110 #1174855 #1177474 #1179696

#1181347 #1181550 #1181556 #1181557 #1181558

#1181559 #1181560 #1181561 #1181562 #1181563

#1181564 #1181565 #1182382 #1182740

Cross- CVE-2020-28243 CVE-2020-28972 CVE-2020-35662

CVE-2021-25281 CVE-2021-25282 CVE-2021-25283

CVE-2021-25284 CVE-2021-25315 CVE-2021-3144

CVE-2021-3148 CVE-2021-3197

CVSS scores:

CVE-2020-28243 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-28243 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-28972 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2020-28972 (SUSE): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVE-2020-35662 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Announcement ID: SUSE-SU-2021:0913-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory update critical patch SUSE issue resolution client tools

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here