Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

SUSE: 2025:20124-1 moderate: Security Issues in Manager Client Tools

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
The latest security patch for SUSE Manager Client Tools introduces crucial enhancements, particularly addressing CVE-2024-22037 and additional vulnerabilities.
* bsc#1228182 * bsc#1228690 * bsc#1229079 * bsc#1229104 * bsc#1231497

Summary

## This update fixes the following issues: salt: * Revert setting SELinux context for minion service (bsc#1233667) * Removed System V init support * Fix the condition of alternatives for Tumbleweed and Leap 16 * Build all python bindings for all flavors * Make minion reconnecting on changing master IP (bsc#1228182) * Handle logger exception when flushing already closed file * Include passlib as a recommended dependency * Make Salt Bundle more tolerant to long running jobs (bsc#1228690) uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix

References

* bsc#1228182

* bsc#1228690

* bsc#1229079

* bsc#1229104

* bsc#1231497

* bsc#1231568

* bsc#1231618

* bsc#1231759

* bsc#1232575

* bsc#1232769

* bsc#1232817

* bsc#1233202

* bsc#1233279

* bsc#1233630

* bsc#1233660

* bsc#1233667

* bsc#1234123

* jsc#MSQA-914

Cross-

* CVE-2024-22037

CVSS scores:

* CVE-2024-22037 ( SUSE ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L

* CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-22037 ( NVD ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

Announcement ID: SUSE-SU-2025:20124-1
Release Date: 2025-02-13T08:40:08Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here