SUSE: 2022:2143-1 moderate: Recommended SUSE Manager 4.1.15 Release...

   SUSE Security Update: Recommended update for SUSE Manager 4.1.15 Release Notes
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:2143-1
Rating:             moderate
References:         #1182742 #1189501 #1190535 #1192850 #1193032 
                    #1193238 #1193707 #1194262 #1194447 #1194594 
                    #1194909 #1195561 #1196338 #1196407 #1196702 
                    #1196704 #1197356 #1197429 #1197438 #1197488 
                    #1198221 #1198356 #1198686 #1198914 #1199036 
                    #1199142 #1199149 #1199512 #1199528 #1199629 
                    #1199677 #1199888 
Cross-References:   CVE-2022-21724 CVE-2022-21952 CVE-2022-26520
                    CVE-2022-31248
CVSS scores:
                    CVE-2022-21724 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-21724 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
                    CVE-2022-26520 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-26520 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
                    CVE-2022-31248 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:
                    SUSE Manager Proxy 4.1
                    SUSE Manager Retail Branch Server 4.1
                    SUSE Manager Server 4.1
______________________________________________________________________________

   An update that solves four vulnerabilities and has 28 fixes
   is now available.

Description:

   This update for SUSE Manager 4.1.15 Release Notes provides the following
   additions:

   Release notes for SUSE Manager:

   - Update to 4.1.15
     * Salt has been upgraded to 3004 version
     * Grafana has been upgraded to 8.3.5
     * Postgres exporter has been upgraded to 0.10.0
     * Alertmanager has been upgraded to 0.23.0
     * Node exporter has been upgraded 1.3.0
     * CVEs fixed: CVE-2022-21724, CVE-2022-21952, CVE-2022-31248,
       CVE-2022-26520
     * Bugs mentioned: bsc#1182742, bsc#1189501, bsc#1190535, bsc#1192850,
       bsc#1193032 bsc#1193238, bsc#1193707, bsc#1194262, bsc#1194447,
       bsc#1194594 bsc#1194909, bsc#1195561, bsc#1196338, bsc#1196407,
       bsc#1196702 bsc#1196704, bsc#1197356, bsc#1197429, bsc#1197438,
       bsc#1197488 bsc#1198221, bsc#1198356, bsc#1198686, bsc#1198914,
       bsc#1199036 bsc#1199142, bsc#1199149, bsc#1199512, bsc#1199528,
       bsc#1199629 bsc#1199677, bsc#1199888

   Release notes for SUSE Manager proxy:

   - Update to 4.1.15
     * Salt has been upgraded to 3004 version
     * Bugs mentioned: bsc#1190535, bsc#1193238, bsc#1194447, bsc#1194594,
       bsc#1194909 bsc#1196338, bsc#1196704, bsc#1199142, bsc#1199528


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2143=1

   - SUSE Manager Retail Branch Server 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2143=1

   - SUSE Manager Proxy 4.1:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2143=1



Package List:

   - SUSE Manager Server 4.1 (ppc64le s390x x86_64):

      release-notes-susemanager-4.1.15-150200.3.80.1

   - SUSE Manager Retail Branch Server 4.1 (x86_64):

      release-notes-susemanager-proxy-4.1.15-150200.3.56.1

   - SUSE Manager Proxy 4.1 (x86_64):

      release-notes-susemanager-proxy-4.1.15-150200.3.56.1


References:

   https://www.suse.com/security/cve/CVE-2022-21724.html
   https://www.suse.com/security/cve/CVE-2022-21952.html
   https://www.suse.com/security/cve/CVE-2022-26520.html
   https://www.suse.com/security/cve/CVE-2022-31248.html
   https://bugzilla.suse.com/1182742
   https://bugzilla.suse.com/1189501
   https://bugzilla.suse.com/1190535
   https://bugzilla.suse.com/1192850
   https://bugzilla.suse.com/1193032
   https://bugzilla.suse.com/1193238
   https://bugzilla.suse.com/1193707
   https://bugzilla.suse.com/1194262
   https://bugzilla.suse.com/1194447
   https://bugzilla.suse.com/1194594
   https://bugzilla.suse.com/1194909
   https://bugzilla.suse.com/1195561
   https://bugzilla.suse.com/1196338
   https://bugzilla.suse.com/1196407
   https://bugzilla.suse.com/1196702
   https://bugzilla.suse.com/1196704
   https://bugzilla.suse.com/1197356
   https://bugzilla.suse.com/1197429
   https://bugzilla.suse.com/1197438
   https://bugzilla.suse.com/1197488
   https://bugzilla.suse.com/1198221
   https://bugzilla.suse.com/1198356
   https://bugzilla.suse.com/1198686
   https://bugzilla.suse.com/1198914
   https://bugzilla.suse.com/1199036
   https://bugzilla.suse.com/1199142
   https://bugzilla.suse.com/1199149
   https://bugzilla.suse.com/1199512
   https://bugzilla.suse.com/1199528
   https://bugzilla.suse.com/1199629
   https://bugzilla.suse.com/1199677
   https://bugzilla.suse.com/1199888

SUSE: 2022:2143-1 moderate: Recommended SUSE Manager 4.1.15 Release Notes

June 21, 2022
An update that solves four vulnerabilities and has 28 fixes is now available

Summary

This update for SUSE Manager 4.1.15 Release Notes provides the following additions: Release notes for SUSE Manager: - Update to 4.1.15 * Salt has been upgraded to 3004 version * Grafana has been upgraded to 8.3.5 * Postgres exporter has been upgraded to 0.10.0 * Alertmanager has been upgraded to 0.23.0 * Node exporter has been upgraded 1.3.0 * CVEs fixed: CVE-2022-21724, CVE-2022-21952, CVE-2022-31248, CVE-2022-26520 * Bugs mentioned: bsc#1182742, bsc#1189501, bsc#1190535, bsc#1192850, bsc#1193032 bsc#1193238, bsc#1193707, bsc#1194262, bsc#1194447, bsc#1194594 bsc#1194909, bsc#1195561, bsc#1196338, bsc#1196407, bsc#1196702 bsc#1196704, bsc#1197356, bsc#1197429, bsc#1197438, bsc#1197488 bsc#1198221, bsc#1198356, bsc#1198686, bsc#1198914, bsc#1199036 bsc#1199142, bsc#1199149, bsc#1199512, bsc#1199528, bsc#1199629 bsc#1199677, bsc#1199888 Release notes for SUSE Manager proxy: - Update to 4.1.15 * Salt has been upgraded to 3004 version * Bugs mentioned: bsc#1190535, bsc#1193238, bsc#1194447, bsc#1194594, bsc#1194909 bsc#1196338, bsc#1196704, bsc#1199142, bsc#1199528 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2143=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2143=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2143=1 Package List: - SUSE Manager Server 4.1 (ppc64le s390x x86_64): release-notes-susemanager-4.1.15-150200.3.80.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): release-notes-susemanager-proxy-4.1.15-150200.3.56.1 - SUSE Manager Proxy 4.1 (x86_64): release-notes-susemanager-proxy-4.1.15-150200.3.56.1

References

#1182742 #1189501 #1190535 #1192850 #1193032

#1193238 #1193707 #1194262 #1194447 #1194594

#1194909 #1195561 #1196338 #1196407 #1196702

#1196704 #1197356 #1197429 #1197438 #1197488

#1198221 #1198356 #1198686 #1198914 #1199036

#1199142 #1199149 #1199512 #1199528 #1199629

#1199677 #1199888

Cross- CVE-2022-21724 CVE-2022-21952 CVE-2022-26520

CVE-2022-31248

CVSS scores:

CVE-2022-21724 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-21724 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVE-2022-26520 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-26520 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVE-2022-31248 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

SUSE Manager Proxy 4.1

SUSE Manager Retail Branch Server 4.1

SUSE Manager Server 4.1

https://www.suse.com/security/cve/CVE-2022-21724.html

https://www.suse.com/security/cve/CVE-2022-21952.html

https://www.suse.com/security/cve/CVE-2022-26520.html

https://www.suse.com/security/cve/CVE-2022-31248.html

https://bugzilla.suse.com/1182742

https://bugzilla.suse.com/1189501

https://bugzilla.suse.com/1190535

https://bugzilla.suse.com/1192850

https://bugzilla.suse.com/1193032

https://bugzilla.suse.com/1193238

https://bugzilla.suse.com/1193707

https://bugzilla.suse.com/1194262

https://bugzilla.suse.com/1194447

https://bugzilla.suse.com/1194594

https://bugzilla.suse.com/1194909

https://bugzilla.suse.com/1195561

https://bugzilla.suse.com/1196338

https://bugzilla.suse.com/1196407

https://bugzilla.suse.com/1196702

https://bugzilla.suse.com/1196704

https://bugzilla.suse.com/1197356

https://bugzilla.suse.com/1197429

https://bugzilla.suse.com/1197438

https://bugzilla.suse.com/1197488

https://bugzilla.suse.com/1198221

https://bugzilla.suse.com/1198356

https://bugzilla.suse.com/1198686

https://bugzilla.suse.com/1198914

https://bugzilla.suse.com/1199036

https://bugzilla.suse.com/1199142

https://bugzilla.suse.com/1199149

https://bugzilla.suse.com/1199512

https://bugzilla.suse.com/1199528

https://bugzilla.suse.com/1199629

https://bugzilla.suse.com/1199677

https://bugzilla.suse.com/1199888

Severity
Announcement ID: SUSE-SU-2022:2143-1
Rating: moderate

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.