Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

SUSE 202501:15287-1 moderate: Security Update for Manager Client Tools

suse
Calendar Grey February 14, 2025
Dist Suse Esm H88
Critical enhancements for the SUSE Manager Client Utilities, focusing on vulnerabilities and integrating advanced functionalities for improved oversight.
* bsc#1229079 * bsc#1229104 * bsc#1230361 * bsc#1231497 * bsc#1231568

Summary

## This update fixes the following issues: scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319): * Added Ism profile for OL8, OL9 * Added new product kylinserver10 * Created OL10 product * Release SLMicro5 product * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible (bsc#1230361) * Updated PCI-DSS control file for version 4.0.1 spacecmd was updated to version 5.0.11-0: * Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix * Run systemctl daemon-reload after changing the container image config (bsc#1233279)

References

* bsc#1229079

* bsc#1229104

* bsc#1230361

* bsc#1231497

* bsc#1231568

* bsc#1231759

* bsc#1232575

* bsc#1232769

* bsc#1232817

* bsc#1233202

* bsc#1233279

* bsc#1233630

* bsc#1233660

* bsc#1234123

* jsc#ECO-3319

* jsc#MSQA-914

Cross-

* CVE-2024-22037

CVSS scores:

* CVE-2024-22037 ( SUSE ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L

* CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-22037 ( NVD ): 5.7

CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

Announcement ID: SUSE-SU-202501:15287-1
Release Date: 2025-02-14T07:19:35Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here