Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2025:0532-1 moderate: podman secret database issue

suse
Calendar Grey February 14, 2025
Dist Suse Esm H88
Patch announcement for SUSE Manager Client Tools, detailing vulnerabilities resolved and guidance for implementation.
* bsc#1229079 * bsc#1229104 * bsc#1230361 * bsc#1231497 * bsc#1231568

Summary

## This update fixes the following issues: scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319): * Added Ism profile for OL8, OL9 * Added new product kylinserver10 * Created OL10 product * Release SLMicro5 product * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible (bsc#1230361) * Updated PCI-DSS control file for version 4.0.1 spacecmd was updated to version 5.0.11-0: * Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix * Run systemctl daemon-reload after changing the container image config (bsc#1233279)

Topics%20covered

Topics Covered

security advisory moderate security update security fix software updates patch instructions SUSE Manager SUSE Manager Client Tools database credentials CVE-2024-22037 RHEL tools

References

* bsc#1229079

* bsc#1229104

* bsc#1230361

* bsc#1231497

* bsc#1231568

* bsc#1231759

* bsc#1232575

* bsc#1232769

* bsc#1232817

* bsc#1233202

* bsc#1233279

* bsc#1233630

* bsc#1233660

* bsc#1234123

* jsc#ECO-3319

* jsc#MSQA-914

Cross-

* CVE-2024-22037

CVSS scores:

* CVE-2024-22037 ( SUSE ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L

* CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-22037 ( NVD ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

Announcement ID: SUSE-SU-2025:0532-1
Release Date: 2025-02-14T07:20:13Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security update security fix software updates patch instructions SUSE Manager SUSE Manager Client Tools database credentials CVE-2024-22037 RHEL tools

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here