Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2023:5567-2 Important: SUSE Manager Server Components Security Update

suse
Calendar Grey December 13, 2022
Dist Suse Esm H88
SUSE Manager Client Tools' security update addresses 12 vulnerabilities, featuring important enhancements and fixes.
An update that solves 12 vulnerabilities, contains one feature and has two fixes is now available

Summary

This update fixes the following issues: golang-github-boynux-squid_exporter: - Exclude s390 architecture - Enhanced to build on Enterprise Linux 8 grafana: - Version update from 8.3.10 to 8.5.13 (jsc#PED-2145) - Security fixes: * CVE-2022-36062: (bsc#1203596) * CVE-2022-35957: (bsc#1203597) * CVE-2022-31107: (bsc#1201539) * CVE-2022-31097: (bsc#1201535) * CVE-2022-29170: (bsc#1199810) * CVE-2021-43813, CVE-2021-43815: (bsc#1193686) * CVE-2021-43798: (bsc#1193492) * CVE-2021-41244: (bsc#1192763) * CVE-2021-41174: (bsc#1192383) * CVE-2021-3711: (bsc#1189520) * CVE-2021-36222: (bsc#1188571) - Features and enhancements: * AccessControl: Disable user remove and user update roles when they do not have the permissions * AccessControl: Provisioning for teams

Topics%20covered

Topics Covered

security advisory moderate security update vulnerability update details patch instructions SUSE Manager Tools

References

#1188571 #1189520 #1192383 #1192763 #1193492

#1193686 #1199810 #1201535 #1201539 #1202945

#1203283 #1203596 #1203597 #1203599 PED-2145

Cross- CVE-2021-36222 CVE-2021-3711 CVE-2021-41174

CVE-2021-41244 CVE-2021-43798 CVE-2021-43813

CVE-2021-43815 CVE-2022-29170 CVE-2022-31097

CVE-2022-31107 CVE-2022-35957 CVE-2022-36062

CVSS scores:

CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2022:4439-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update vulnerability update details patch instructions SUSE Manager Tools

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here