Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2022:1531-1 Important: Client Tools Security Update

suse
Calendar Grey May 4, 2022
Dist Suse Esm H88
The latest SUSE Security Update for Manager Client Tools provides crucial patches for five unique security vulnerabilities, enhancing the integrity and defenses of these tools.
An update that solves 5 vulnerabilities, contains 5 features and has three fixes is now available

Summary

This update fixes the following issues: golang-github-prometheus-alertmanager: - CVE-2022-21698: Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24077) - Update to version 0.23.0: * amtool: Detect version drift and warn users (#2672) * Add ability to skip TLS verification for amtool (#2663) * Fix empty isEqual in amtool. (#2668) * Fix main tests (#2670) * cli: add new template render command (#2538) * OpsGenie: refer to alert instead of incident (#2609) * Docs: target_match and source_match are DEPRECATED (#2665) * Fix test not waiting for cluster member to be ready - Added hardening to systemd service(s) (bsc#1181400). Modified: prometheus-alertmanager.service golang-github-prometheus-node_exporter:

Topics%20covered

Topics Covered

security advisory software update system hardening suse security issues important fixes client tools

References

#1181400 #1190535 #1196338 #1196704 #1197042

#1197417 #1197579 #1197689 SLE-24077 SLE-24138

SLE-24139 SLE-24238 SLE-24239

Cross- CVE-2020-22935 CVE-2022-21698 CVE-2022-22934

CVE-2022-22936 CVE-2022-22941

CVSS scores:

CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-22934 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-22934 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-22936 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-22936 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-22941 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:1531-1
Rating: important

Topics%20covered

Topics Covered

security advisory software update system hardening suse security issues important fixes client tools

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here