Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisorymoderateupdateSUSE Manager Client Tools Update 2025:20295-1 Moderate DB Credentials Issue
* bsc#1228182 * bsc#1228690 * bsc#1229079 * bsc#1229104 * bsc#1231497 . # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2025:20295-1 Release Date: 2025-02-13T08:38:11Z Rating: moderate References: * bsc#1228182 * bsc#1228690 * bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231618 * bsc#1231759 * bsc#1232575 * bsc#1232769 * bsc#1232817 * bsc#1233202 * bsc#1233279 * bsc#1233630 * bsc#1233660 * bsc#1233667 * bsc#1234123 * jsc#MSQA-914 Cross-References: * CVE-2024-22037 CVSS scores: * CVE-2024-22037 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22037 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for SUSE Linux Micro 6 An update that solves one vulnerability, contains one feature and has 16 fixes can now be installed. ## Description: This update fixes the following issues: salt: * Revert setting SELinux context for minion service (bsc#1233667) * Removed System V init support * Fix the condition of alternatives for Tumbleweed and Leap 16 * Build all python bindings for all flavors * Make minion reconnecting on changing master IP (bsc#1228182) * Handle logger exception when flushing already closed file * Include passlib as a recommended dependency * Make Salt Bundle more tolerant to long running jobs (bsc#1228690) uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 *IsInstalled function fix * Run systemctl daemon-reload after changing the container image config (bsc#1233279) * Coco-replicas-upgrade * Persist search server indexes (bsc#1231759) * Sync deletes files during migration (bsc#1233660) * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) * Add --registry back to mgrpxy (bsc#1233202) * Only add java.hostname on migrated server if not present * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) venv-salt-minion: * Included D-Bus python module for SUSE distros (bsc#1231618) * Reverted setting SELinux context for minion service (bsc#1233667) * Make minion reconnecting on changing master IP (bsc#1228182) * Fixed post_start_cleanup.sh shebang to work on all systems * Handle logger exception when flushing already closed file * Made Salt Bundle more tolerant to long running jobs (bsc#1228690) * Modified: * include-rpm * filter-requires.sh ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SUSE Linux Micro 6 zypper in -t patch SUSE-Manager-Tools-For-SL-Micro-6-211=1 ## Package List: * SUSE Manager Client Tools for SUSE Linux Micro 6 (aarch64 ppc64le s390x x86_64) *mgrctl-debuginfo-0.1.28-1.1 * venv-salt-minion-3006.0-4.1 * mgrctl-0.1.28-1.1 * SUSE Manager Client Tools for SUSE Linux Micro 6 (noarch) * mgrctl-bash-completion-0.1.28-1.1 * mgrctl-zsh-completion-0.1.28-1.1 * mgrctl-lang-0.1.28-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22037.html * https://bugzilla.suse.com/show_bug.cgi?id=1228182 * https://bugzilla.suse.com/show_bug.cgi?id=1228690 * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229104 * https://bugzilla.suse.com/show_bug.cgi?id=1231497 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231618 * https://bugzilla.suse.com/show_bug.cgi?id=1231759 * https://bugzilla.suse.com/show_bug.cgi?id=1232575 * https://bugzilla.suse.com/show_bug.cgi?id=1232769 * https://bugzilla.suse.com/show_bug.cgi?id=1232817 * https://bugzilla.suse.com/show_bug.cgi?id=1233202 * https://bugzilla.suse.com/show_bug.cgi?id=1233279 * https://bugzilla.suse.com/show_bug.cgi?id=1233630 * https://bugzilla.suse.com/show_bug.cgi?id=1233660 * https://bugzilla.suse.com/show_bug.cgi?id=1233667 * https://bugzilla.suse.com/show_bug.cgi?id=1234123 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-914&page_caps=&user_role= . A refresh for SUSE Manager Client Utilities addresses a significant concern regarding database access credentials, reinforcing overall security measures.. SUSE Manager Security Update, Linux Client Tools Update, Moderate Threat Patch. . Severity: Important. LinuxSecurity.com Team
Jun 04, 2025
•Important
SuSE
100
security advisorymoderatesecurity updateSUSE: 2025:0529-1 Moderate: Addressing Database Credential Risks
* bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231759 . # Security update for SUSE Manager Client Tools MU 5.0.3 Announcement ID: SUSE-SU-2025:0529-1 Release Date: 2025-02-14T07:19:47Z Rating: moderate References: * bsc#1229079 * bsc#1229104 * bsc#1231497 * bsc#1231568 * bsc#1231759 * bsc#1232575 * bsc#1232769 * bsc#1232817 * bsc#1233202 * bsc#1233279 * bsc#1233630 * bsc#1233660 * bsc#1234123 * jsc#MSQA-914 Cross-References: * CVE-2024-22037 CVSS scores: * CVE-2024-22037 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22037 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Debian 12 An update that solves one vulnerability, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: spacecmd was updated to version 5.0.11-0: * Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix * Run systemctl daemon-reload after changing the container image config (bsc#1233279) * Coco-replicas-upgrade * Persist search server indexes (bsc#1231759) * Sync deletes files during migration (bsc#1233660) * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) * Add --registry back to mgrpxy (bsc#1233202) * Only add java.hostname on migrated server if notpresent * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2025-529=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (all) * mgrctl-fish-completion-0.1.28-2.16.1 * mgrctl-bash-completion-0.1.28-2.16.1 * spacecmd-5.0.11-3.26.1 * mgrctl-zsh-completion-0.1.28-2.16.1 * SUSE Manager Client Tools for Debian 12 (amd64) * mgrctl-0.1.28-2.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22037.html * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229104 * https://bugzilla.suse.com/show_bug.cgi?id=1231497 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231759 * https://bugzilla.suse.com/show_bug.cgi?id=1232575 * https://bugzilla.suse.com/show_bug.cgi?id=1232769 * https://bugzilla.suse.com/show_bug.cgi?id=1232817 * https://bugzilla.suse.com/show_bug.cgi?id=1233202 * https://bugzilla.suse.com/show_bug.cgi?id=1233279 * https://bugzilla.suse.com/show_bug.cgi?id=1233630 * https://bugzilla.suse.com/show_bug.cgi?id=1233660 *https://bugzilla.suse.com/show_bug.cgi?id=1234123 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-914&page_caps=&user_role= . SUSE Manager Client Tools version 5.0.3 release tackles security vulnerabilities, especially in credential management. Upgrade today!. SUSE Manager update, security advisory, Debian tools, moderate severity. . LinuxSecurity.com Team
Feb 14, 2025
SuSE
100
security advisorymoderatesecurity updateSUSE: 2025:0532-1 moderate: podman secret database issue
* bsc#1229079 * bsc#1229104 * bsc#1230361 * bsc#1231497 * bsc#1231568 . # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2025:0532-1 Release Date: 2025-02-14T07:20:13Z Rating: moderate References: * bsc#1229079 * bsc#1229104 * bsc#1230361 * bsc#1231497 * bsc#1231568 * bsc#1231759 * bsc#1232575 * bsc#1232769 * bsc#1232817 * bsc#1233202 * bsc#1233279 * bsc#1233630 * bsc#1233660 * bsc#1234123 * jsc#ECO-3319 * jsc#MSQA-914 Cross-References: * CVE-2024-22037 CVSS scores: * CVE-2024-22037 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22037 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves one vulnerability, contains two features and has 13 security fixes can now be installed. ## Description: This update fixes the following issues: scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319): * Added Ism profile for OL8, OL9 * Added new product kylinserver10 * Created OL10 product * Release SLMicro5 product * Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible (bsc#1230361) * Updated PCI-DSS control file for version 4.0.1 spacecmd was updated to version 5.0.11-0: * Updated translation strings uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0: * Security issues fixed: * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Other changes and bugs fixed: * Version 0.1.27-0 * Bump the default image tag to 5.0.3 * IsInstalled function fix * Run systemctl daemon-reload afterchanging the container image config (bsc#1233279) * Coco-replicas-upgrade * Persist search server indexes (bsc#1231759) * Sync deletes files during migration (bsc#1233660) * Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079) * Add --registry back to mgrpxy (bsc#1233202) * Only add java.hostname on migrated server if not present * Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104) * Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630) * Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123) * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Use the uyuni network for all podman containers (bsc#1232817) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-532=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.28-1.14.1 * mgrctl-debuginfo-0.1.28-1.14.1 * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch) * mgrctl-zsh-completion-0.1.28-1.14.1 * scap-security-guide-redhat-0.1.75-1.32.1 * spacecmd-5.0.11-1.44.1 * mgrctl-bash-completion-0.1.28-1.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22037.html * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229104 * https://bugzilla.suse.com/show_bug.cgi?id=1230361 *https://bugzilla.suse.com/show_bug.cgi?id=1231497 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231759 * https://bugzilla.suse.com/show_bug.cgi?id=1232575 * https://bugzilla.suse.com/show_bug.cgi?id=1232769 * https://bugzilla.suse.com/show_bug.cgi?id=1232817 * https://bugzilla.suse.com/show_bug.cgi?id=1233202 * https://bugzilla.suse.com/show_bug.cgi?id=1233279 * https://bugzilla.suse.com/show_bug.cgi?id=1233630 * https://bugzilla.suse.com/show_bug.cgi?id=1233660 * https://bugzilla.suse.com/show_bug.cgi?id=1234123 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FECO-3319&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FMSQA-914&page_caps=&user_role= . Patch announcement for SUSE Manager Client Tools, detailing vulnerabilities resolved and guidance for implementation.. SUSE Manager Tools, security updates, software patching, SUSE advisory. . LinuxSecurity.com Team
Feb 14, 2025
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!