Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE: 2024:4009-1 critical: SUSE Manager 5.0 Security Fixes

suse
Calendar Grey November 18, 2024
Dist Suse Esm H88
Key maintenance release for SUSE Manager version 5.0 targeting significant vulnerabilities and bug resolutions, enhancing overall security and performance across various components.
* bsc#1228945 * bsc#1229077 * bsc#1229923 * bsc#1230255 * bsc#1230536

Summary

### This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8 * Update for next release ## Recommended update for SUSE Manager Retail Branch Server 5.0 ### This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8

Topics%20covered

Topics Covered

security advisory security issue critical security fix SUSE Linux Enterprise SUSE Manager maintenance update

References

* bsc#1228945

* bsc#1229077

* bsc#1229923

* bsc#1230255

* bsc#1230536

* bsc#1231332

* bsc#1231568

* bsc#1231852

* bsc#1231900

* bsc#1231922

* jsc#MSQA-863

Cross-

* CVE-2024-47533

* CVE-2024-49502

* CVE-2024-49503

CVSS scores:

* CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-49502 ( SUSE ): 4.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

* CVE-2024-49503 ( SUSE ): 4.6

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

Affected Products:

* SUSE Linux Enterprise Micro 5.5

* SUSE Manager Proxy 5.0 Extension 5.0

* SUSE Manager Retail Branch Server 5.0 Extension 5.0

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:4009-1
Release Date: 2024-11-18T13:21:54Z
Rating: critical

Topics%20covered

Topics Covered

security advisory security issue critical security fix SUSE Linux Enterprise SUSE Manager maintenance update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here