SUSE: 2022:3761-1 moderate: release-notes-susemanager, release-note...

What Are You Looking For?

Popular Tags

Contribute

   SUSE Security Update: Security update for release-notes-susemanager, release-notes-susemanager-proxy
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:3761-1
Rating:             moderate
References:         #1191857 #1195624 #1196729 #1197027 #1198168 
                    #1198903 #1199726 #1200480 #1200573 #1200629 
                    #1201210 #1201220 #1201260 #1201589 #1201626 
                    #1201753 #1201788 #1201913 #1201918 #1202271 
                    #1202272 #1202367 #1202455 #1202464 #1202602 
                    #1202728 #1202729 #1202805 #1202899 #1203026 
                    #1203049 #1203056 #1203169 #1203287 #1203288 
                    #1203385 #1203406 #1203422 #1203449 #1203478 
                    #1203484 #1203564 #1203585 #1203611 
Cross-References:   CVE-2021-41411 CVE-2021-42740 CVE-2021-43138
                    CVE-2022-0860 CVE-2022-31129
CVSS scores:
                    CVE-2021-41411 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-41411 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-42740 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-42740 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-43138 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-43138 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2022-0860 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
                    CVE-2022-0860 (SUSE): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
                    CVE-2022-31129 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-31129 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Manager Proxy 4.3
                    SUSE Manager Retail Branch Server 4.3
                    SUSE Manager Server 4.3
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 39 fixes is
   now available.

Description:

   This update for release-notes-susemanager, release-notes-susemanager-proxy
   fixes the following issues:

   Release notes for SUSE Manager:

   - Update to SUSE Manager 4.3.2
     * Containerized proxy and RBS are now fully supported
     * HTTP API is now fully supported
     * Ubuntu 22.04 is now supported as a client
     * Cobbler has been upgraded to version 3.3.3 which also includes
       building ISOs with UEFI support
     * pip support has been added for the Salt Bundle
     * Prometheus exporter for Apache has been upgraded to 0.10.0
     * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138,
       CVE-2022-0860, CVE-2022-31129
     * Bugs mentioned: bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027,
       bsc#1198168 bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573,
       bsc#1200629 bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626,
       bsc#1201753 bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271,
       bsc#1202272 bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602,
       bsc#1202728 bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026,
       bsc#1203049 bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288,
       bsc#1203385 bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478,
       bsc#1203484 bsc#1203564, bsc#1203585, bsc#1203611

   Release notes for SUSE Manager Proxy:

   - Update to SUSE Manager 4.3.2
     * Containerized proxy and RBS are now fully supported
     * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129
     * Bugs mentioned: bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589,
       bsc#1201788 bsc#1203287, bsc#1203288, bsc#1203585


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 4.3:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761=1

   - SUSE Manager Retail Branch Server 4.3:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761=1

   - SUSE Manager Proxy 4.3:

      zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761=1



Package List:

   - SUSE Manager Server 4.3 (ppc64le s390x x86_64):

      release-notes-susemanager-4.3.2-150400.3.15.1

   - SUSE Manager Retail Branch Server 4.3 (x86_64):

      release-notes-susemanager-proxy-4.3.2-150400.3.9.3

   - SUSE Manager Proxy 4.3 (x86_64):

      release-notes-susemanager-proxy-4.3.2-150400.3.9.3


References:

   https://www.suse.com/security/cve/CVE-2021-41411.html
   https://www.suse.com/security/cve/CVE-2021-42740.html
   https://www.suse.com/security/cve/CVE-2021-43138.html
   https://www.suse.com/security/cve/CVE-2022-0860.html
   https://www.suse.com/security/cve/CVE-2022-31129.html
   https://bugzilla.suse.com/1191857
   https://bugzilla.suse.com/1195624
   https://bugzilla.suse.com/1196729
   https://bugzilla.suse.com/1197027
   https://bugzilla.suse.com/1198168
   https://bugzilla.suse.com/1198903
   https://bugzilla.suse.com/1199726
   https://bugzilla.suse.com/1200480
   https://bugzilla.suse.com/1200573
   https://bugzilla.suse.com/1200629
   https://bugzilla.suse.com/1201210
   https://bugzilla.suse.com/1201220
   https://bugzilla.suse.com/1201260
   https://bugzilla.suse.com/1201589
   https://bugzilla.suse.com/1201626
   https://bugzilla.suse.com/1201753
   https://bugzilla.suse.com/1201788
   https://bugzilla.suse.com/1201913
   https://bugzilla.suse.com/1201918
   https://bugzilla.suse.com/1202271
   https://bugzilla.suse.com/1202272
   https://bugzilla.suse.com/1202367
   https://bugzilla.suse.com/1202455
   https://bugzilla.suse.com/1202464
   https://bugzilla.suse.com/1202602
   https://bugzilla.suse.com/1202728
   https://bugzilla.suse.com/1202729
   https://bugzilla.suse.com/1202805
   https://bugzilla.suse.com/1202899
   https://bugzilla.suse.com/1203026
   https://bugzilla.suse.com/1203049
   https://bugzilla.suse.com/1203056
   https://bugzilla.suse.com/1203169
   https://bugzilla.suse.com/1203287
   https://bugzilla.suse.com/1203288
   https://bugzilla.suse.com/1203385
   https://bugzilla.suse.com/1203406
   https://bugzilla.suse.com/1203422
   https://bugzilla.suse.com/1203449
   https://bugzilla.suse.com/1203478
   https://bugzilla.suse.com/1203484
   https://bugzilla.suse.com/1203564
   https://bugzilla.suse.com/1203585
   https://bugzilla.suse.com/1203611

SUSE: 2022:3761-1 moderate: release-notes-susemanager, release-notes-susemanager-proxy

October 26, 2022
An update that solves 5 vulnerabilities and has 39 fixes is now available

Summary

This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues: Release notes for SUSE Manager: - Update to SUSE Manager 4.3.2 * Containerized proxy and RBS are now fully supported * HTTP API is now fully supported * Ubuntu 22.04 is now supported as a client * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support * pip support has been added for the Salt Bundle * Prometheus exporter for Apache has been upgraded to 0.10.0 * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129 * Bugs mentioned: bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168 bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629 bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753 bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272 bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728 bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049 bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385 bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484 bsc#1203564, bsc#1203585, bsc#1203611 Release notes for SUSE Manager Proxy: - Update to SUSE Manager 4.3.2 * Containerized proxy and RBS are now fully supported * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129 * Bugs mentioned: bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788 bsc#1203287, bsc#1203288, bsc#1203585 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.3: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761=1 - SUSE Manager Retail Branch Server 4.3: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761=1 - SUSE Manager Proxy 4.3: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761=1 Package List: - SUSE Manager Server 4.3 (ppc64le s390x x86_64): release-notes-susemanager-4.3.2-150400.3.15.1 - SUSE Manager Retail Branch Server 4.3 (x86_64): release-notes-susemanager-proxy-4.3.2-150400.3.9.3 - SUSE Manager Proxy 4.3 (x86_64): release-notes-susemanager-proxy-4.3.2-150400.3.9.3

References

#1191857 #1195624 #1196729 #1197027 #1198168

#1198903 #1199726 #1200480 #1200573 #1200629

#1201210 #1201220 #1201260 #1201589 #1201626

#1201753 #1201788 #1201913 #1201918 #1202271

#1202272 #1202367 #1202455 #1202464 #1202602

#1202728 #1202729 #1202805 #1202899 #1203026

#1203049 #1203056 #1203169 #1203287 #1203288

#1203385 #1203406 #1203422 #1203449 #1203478

#1203484 #1203564 #1203585 #1203611

Cross- CVE-2021-41411 CVE-2021-42740 CVE-2021-43138

CVE-2022-0860 CVE-2022-31129

CVSS scores:

CVE-2021-41411 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-41411 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2021-42740 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-42740 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-43138 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2021-43138 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2022-0860 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVE-2022-0860 (SUSE): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CVE-2022-31129 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2022-31129 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Manager Proxy 4.3

SUSE Manager Retail Branch Server 4.3

SUSE Manager Server 4.3

https://www.suse.com/security/cve/CVE-2021-41411.html

https://www.suse.com/security/cve/CVE-2021-42740.html

https://www.suse.com/security/cve/CVE-2021-43138.html

https://www.suse.com/security/cve/CVE-2022-0860.html

https://www.suse.com/security/cve/CVE-2022-31129.html

https://bugzilla.suse.com/1191857

https://bugzilla.suse.com/1195624

https://bugzilla.suse.com/1196729

https://bugzilla.suse.com/1197027

https://bugzilla.suse.com/1198168

https://bugzilla.suse.com/1198903

https://bugzilla.suse.com/1199726

https://bugzilla.suse.com/1200480

https://bugzilla.suse.com/1200573

https://bugzilla.suse.com/1200629

https://bugzilla.suse.com/1201210

https://bugzilla.suse.com/1201220

https://bugzilla.suse.com/1201260

https://bugzilla.suse.com/1201589

https://bugzilla.suse.com/1201626

https://bugzilla.suse.com/1201753

https://bugzilla.suse.com/1201788

https://bugzilla.suse.com/1201913

https://bugzilla.suse.com/1201918

https://bugzilla.suse.com/1202271

https://bugzilla.suse.com/1202272

https://bugzilla.suse.com/1202367

https://bugzilla.suse.com/1202455

https://bugzilla.suse.com/1202464

https://bugzilla.suse.com/1202602

https://bugzilla.suse.com/1202728

https://bugzilla.suse.com/1202729

https://bugzilla.suse.com/1202805

https://bugzilla.suse.com/1202899

https://bugzilla.suse.com/1203026

https://bugzilla.suse.com/1203049

https://bugzilla.suse.com/1203056

https://bugzilla.suse.com/1203169

https://bugzilla.suse.com/1203287

https://bugzilla.suse.com/1203288

https://bugzilla.suse.com/1203385

https://bugzilla.suse.com/1203406

https://bugzilla.suse.com/1203422

https://bugzilla.suse.com/1203449

https://bugzilla.suse.com/1203478

https://bugzilla.suse.com/1203484

https://bugzilla.suse.com/1203564

https://bugzilla.suse.com/1203585

https://bugzilla.suse.com/1203611

Severity
Announcement ID: SUSE-SU-2022:3761-1
Rating: moderate

Related News

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

Microsoft Opens Azure Confidential Containers to Public Preview

News

Advisories

HOWTOs

Features

Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack
ManageEngine Vulnerability Manager Plus: How To Protect Your Enterprise from Security Vulnerabilities
High-Impact DoS, Arbitrary Code Execution, Spoofing Bugs Fixed in Thunderbird 102.9.0
A Guide to Business Cybersecurity: Common Digital Attacks and Precautions
New Linux IceFire Ransomware Variant Discovered: What You Need to Know to Secure Your Systems

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy