SUSE: 2022:3313-1 critical: release-notes-susemanager, release-note...

What Are You Looking For?

Popular Tags

Contribute

   SUSE Security Update: Security update for release-notes-susemanager, release-notes-susemanager-proxy
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:3313-1
Rating:             critical
References:         #1172705 #1187028 #1195455 #1195895 #1196729 
                    #1198168 #1198489 #1198738 #1198903 #1199372 
                    #1199659 #1199913 #1199950 #1200276 #1200296 
                    #1200480 #1200532 #1200573 #1200591 #1200629 
                    #1201142 #1201189 #1201210 #1201220 #1201224 
                    #1201527 #1201606 #1201607 #1201626 #1201753 
                    #1201913 #1201918 #1202142 #1202272 #1202464 
                    #1202724 #1202728 #1203287 #1203288 #1203449 
                    
Cross-References:   CVE-2021-41411 CVE-2021-42740 CVE-2021-43138
                    CVE-2022-31129
CVSS scores:
                    CVE-2021-41411 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-41411 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-42740 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-42740 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-43138 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-43138 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-31129 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-31129 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Manager Proxy 4.2
                    SUSE Manager Retail Branch Server 4.2
                    SUSE Manager Server 4.2
______________________________________________________________________________

   An update that solves four vulnerabilities and has 36 fixes
   is now available.

Description:

   This update for release-notes-susemanager, release-notes-susemanager-proxy
   fixes the following issues:

   Release notes for SUSE Manager:

   - Update to SUSE:Manager 4.2.9
     * Notification about SUSE Manager end-of-life has been added
     * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129,
       CVE-2021-41411
     * Bugs mentioned: bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895,
       bsc#1196729 bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903,
       bsc#1199372 bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276,
       bsc#1200296 bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591,
       bsc#1200629 bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220,
       bsc#1201224 bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626,
       bsc#1201753 bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272,
       bsc#1202464 bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449

   Release notes for SUSE Manager Proxy:

   - Update to SUSE Manager 4.2.9
     * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129
     * Bugs mentioned: bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480,
       bsc#1200591 bsc#1201142, bsc#1202142, bsc#1202724


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 4.2:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313=1

   - SUSE Manager Retail Branch Server 4.2:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313=1

   - SUSE Manager Proxy 4.2:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313=1



Package List:

   - SUSE Manager Server 4.2 (ppc64le s390x x86_64):

      release-notes-susemanager-4.2.9-150300.3.54.1

   - SUSE Manager Retail Branch Server 4.2 (x86_64):

      release-notes-susemanager-proxy-4.2.9-150300.3.43.1

   - SUSE Manager Proxy 4.2 (x86_64):

      release-notes-susemanager-proxy-4.2.9-150300.3.43.1


References:

   https://www.suse.com/security/cve/CVE-2021-41411.html
   https://www.suse.com/security/cve/CVE-2021-42740.html
   https://www.suse.com/security/cve/CVE-2021-43138.html
   https://www.suse.com/security/cve/CVE-2022-31129.html
   https://bugzilla.suse.com/1172705
   https://bugzilla.suse.com/1187028
   https://bugzilla.suse.com/1195455
   https://bugzilla.suse.com/1195895
   https://bugzilla.suse.com/1196729
   https://bugzilla.suse.com/1198168
   https://bugzilla.suse.com/1198489
   https://bugzilla.suse.com/1198738
   https://bugzilla.suse.com/1198903
   https://bugzilla.suse.com/1199372
   https://bugzilla.suse.com/1199659
   https://bugzilla.suse.com/1199913
   https://bugzilla.suse.com/1199950
   https://bugzilla.suse.com/1200276
   https://bugzilla.suse.com/1200296
   https://bugzilla.suse.com/1200480
   https://bugzilla.suse.com/1200532
   https://bugzilla.suse.com/1200573
   https://bugzilla.suse.com/1200591
   https://bugzilla.suse.com/1200629
   https://bugzilla.suse.com/1201142
   https://bugzilla.suse.com/1201189
   https://bugzilla.suse.com/1201210
   https://bugzilla.suse.com/1201220
   https://bugzilla.suse.com/1201224
   https://bugzilla.suse.com/1201527
   https://bugzilla.suse.com/1201606
   https://bugzilla.suse.com/1201607
   https://bugzilla.suse.com/1201626
   https://bugzilla.suse.com/1201753
   https://bugzilla.suse.com/1201913
   https://bugzilla.suse.com/1201918
   https://bugzilla.suse.com/1202142
   https://bugzilla.suse.com/1202272
   https://bugzilla.suse.com/1202464
   https://bugzilla.suse.com/1202724
   https://bugzilla.suse.com/1202728
   https://bugzilla.suse.com/1203287
   https://bugzilla.suse.com/1203288
   https://bugzilla.suse.com/1203449

SUSE: 2022:3313-1 critical: release-notes-susemanager, release-notes-susemanager-proxy

September 19, 2022
An update that solves four vulnerabilities and has 36 fixes is now available

Summary

This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues: Release notes for SUSE Manager: - Update to SUSE:Manager 4.2.9 * Notification about SUSE Manager end-of-life has been added * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129, CVE-2021-41411 * Bugs mentioned: bsc#1172705, bsc#1187028, bsc#1195455, bsc#1195895, bsc#1196729 bsc#1198168, bsc#1198489, bsc#1198738, bsc#1198903, bsc#1199372 bsc#1199659, bsc#1199913, bsc#1199950, bsc#1200276, bsc#1200296 bsc#1200480, bsc#1200532, bsc#1200573, bsc#1200591, bsc#1200629 bsc#1201142, bsc#1201189, bsc#1201210, bsc#1201220, bsc#1201224 bsc#1201527, bsc#1201606, bsc#1201607, bsc#1201626, bsc#1201753 bsc#1201913, bsc#1201918, bsc#1202142, bsc#1202272, bsc#1202464 bsc#1202728, bsc#1203287, bsc#1203288, bsc#1203449 Release notes for SUSE Manager Proxy: - Update to SUSE Manager 4.2.9 * CVEs fixed: CVE-2021-43138, CVE-2021-42740, CVE-2022-31129 * Bugs mentioned: bsc#1198168, bsc#1198903, bsc#1199659, bsc#1200480, bsc#1200591 bsc#1201142, bsc#1202142, bsc#1202724 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.2: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3313=1 - SUSE Manager Retail Branch Server 4.2: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3313=1 - SUSE Manager Proxy 4.2: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3313=1 Package List: - SUSE Manager Server 4.2 (ppc64le s390x x86_64): release-notes-susemanager-4.2.9-150300.3.54.1 - SUSE Manager Retail Branch Server 4.2 (x86_64): release-notes-susemanager-proxy-4.2.9-150300.3.43.1 - SUSE Manager Proxy 4.2 (x86_64): release-notes-susemanager-proxy-4.2.9-150300.3.43.1

References

#1172705 #1187028 #1195455 #1195895 #1196729

#1198168 #1198489 #1198738 #1198903 #1199372

#1199659 #1199913 #1199950 #1200276 #1200296

#1200480 #1200532 #1200573 #1200591 #1200629

#1201142 #1201189 #1201210 #1201220 #1201224

#1201527 #1201606 #1201607 #1201626 #1201753

#1201913 #1201918 #1202142 #1202272 #1202464

#1202724 #1202728 #1203287 #1203288 #1203449

Cross- CVE-2021-41411 CVE-2021-42740 CVE-2021-43138

CVE-2022-31129

CVSS scores:

CVE-2021-41411 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-41411 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-42740 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-42740 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-43138 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2021-43138 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-31129 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-31129 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Manager Proxy 4.2

SUSE Manager Retail Branch Server 4.2

SUSE Manager Server 4.2

https://www.suse.com/security/cve/CVE-2021-41411.html

https://www.suse.com/security/cve/CVE-2021-42740.html

https://www.suse.com/security/cve/CVE-2021-43138.html

https://www.suse.com/security/cve/CVE-2022-31129.html

https://bugzilla.suse.com/1172705

https://bugzilla.suse.com/1187028

https://bugzilla.suse.com/1195455

https://bugzilla.suse.com/1195895

https://bugzilla.suse.com/1196729

https://bugzilla.suse.com/1198168

https://bugzilla.suse.com/1198489

https://bugzilla.suse.com/1198738

https://bugzilla.suse.com/1198903

https://bugzilla.suse.com/1199372

https://bugzilla.suse.com/1199659

https://bugzilla.suse.com/1199913

https://bugzilla.suse.com/1199950

https://bugzilla.suse.com/1200276

https://bugzilla.suse.com/1200296

https://bugzilla.suse.com/1200480

https://bugzilla.suse.com/1200532

https://bugzilla.suse.com/1200573

https://bugzilla.suse.com/1200591

https://bugzilla.suse.com/1200629

https://bugzilla.suse.com/1201142

https://bugzilla.suse.com/1201189

https://bugzilla.suse.com/1201210

https://bugzilla.suse.com/1201220

https://bugzilla.suse.com/1201224

https://bugzilla.suse.com/1201527

https://bugzilla.suse.com/1201606

https://bugzilla.suse.com/1201607

https://bugzilla.suse.com/1201626

https://bugzilla.suse.com/1201753

https://bugzilla.suse.com/1201913

https://bugzilla.suse.com/1201918

https://bugzilla.suse.com/1202142

https://bugzilla.suse.com/1202272

https://bugzilla.suse.com/1202464

https://bugzilla.suse.com/1202724

https://bugzilla.suse.com/1202728

https://bugzilla.suse.com/1203287

https://bugzilla.suse.com/1203288

https://bugzilla.suse.com/1203449

Severity
Announcement ID: SUSE-SU-2022:3313-1
Rating: critical

News

Advisories

HOWTOs

Features

A Complete Guide to Security Automation & Reporting Using Open Source Tools
How to Check if Your Linux System is Infected with a Virus
Security Considerations for Azure Linux & Windows Subsystem for Linux Users
Admins Receive Automated Linux Patch Management & Improved Security with ManageEngine Endpoint Central
Linux Malware: The Truth About This Growing Threat [Updated]

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy