Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2023:3474-1 Important Update – DoS Issue Resolved in Manager 4.2

suse
Calendar Grey February 27, 2024
Dist Suse Esm H88
Essential upkeep notification for SUSE Manager 4.2 tackles significant concerns and patch updates for security vulnerabilities.
* bsc#1175823 * bsc#1208528 * bsc#1208577 * bsc#1209156 * bsc#1210103

Summary

### This update fixes the following issues: spacecmd: * Version 4.2.24-1 * Update translations spacewalk-backend: * Version 4.2.29-1 * Use a constant to get the product name in python code rather than reading rhn.conf (bsc#1212943) * Only show missing /root/.curlrc error with log_level = 5 (bsc#1212507) spacewalk-web: * Version 4.2.36-1 * Update translations * Fix VHM CPU and RAM display when 0 (bsc#1175823) * Fix parsing error when showing notification message details (bsc#1211469) How to apply this update: 1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Recommended update for SUSE Manager Server 4.2 ###

Topics%20covered

Topics Covered

security advisory update important DoS fix maintenance distributed denial of service SUSE Manager

References

* bsc#1175823

* bsc#1208528

* bsc#1208577

* bsc#1209156

* bsc#1210103

* bsc#1210994

* bsc#1211100

* bsc#1211469

* bsc#1211650

* bsc#1211884

* bsc#1212032

* bsc#1212106

* bsc#1212416

* bsc#1212507

* bsc#1212589

* bsc#1212700

* bsc#1212943

* bsc#1213880

* bsc#1214187

* bsc#1214333

* jsc#MSQA-698

Cross-

* CVE-2023-29409

CVSS scores:

* CVE-2023-29409 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-29409 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* SUSE Manager Proxy 4.2

* SUSE Manager Proxy 4.2 Module 4.2

* SUSE Manager Retail Branch Server 4.2

* SUSE Manager Server 4.2

* SUSE Manager Server 4.2 Module 4.2

An update that solves one vulnerability, contains one feature and has 19

security fixes can now be installed.

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2023:3474-1
Rating: important

Topics%20covered

Topics Covered

security advisory update important DoS fix maintenance distributed denial of service SUSE Manager

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here