Stay Secure with the Latest Linux Advisories

security advisorymoderateupdate

SUSE: 2018:1751-1 Moderate Security Alert for SUSE Manager Server 3.1

An update that solves two vulnerabilities and has 41 fixes is now available. . SUSE Security Update: Security update for SUSE Manager Server 3.1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:1751-1 Rating: moderate References: #1073267 #1074594 #1075466 #1080474 #1081714 #1082796 #1083278 #1083513 #1084679 #1085044 #1085471 #1085650 #1085838 #1087055 #1087071 #1087840 #1088667 #1088861 #1089103 #1089396 #1089401 #1089468 #1090040 #1090059 #1090205 #1090221 #1090395 #1090400 #1090401 #1090585 #1091052 #1091091 #1091667 #1091840 #1091855 #1092161 #1092194 #1092275 #1092383 #1092492 #1095231 #1095569 #1096714 Cross-References: CVE-2014-5326 CVE-2017-1000469 Affected Products: SUSE Manager Server 3.1 ______________________________________________________________________________ An update that solves two vulnerabilities and has 41 fixes is now available. Description: This update provides the following fixes and improvements for SUSE Manager Server 3.1: The following new package has been added: py26-compat-salt: This package provides compatibility with Python 2.6 for salt. This update includes the following new features: (fate#325476) Additonally, the following issues have been fixed: cobbler: - Detect if there is already another instance of "cobbler sync" running and exit with failure if so. (bsc#1081714) - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594) - Add sles15 distro profile. (bsc#1090205) google-gson: - Update to version 2.8.2. (bsc#1091091) patterns-suse-manager: - Require py26-compat-salt and python3-salt to be able to connect with salt-ssh to a system which has python2.6 or python3installed. (fate#325476) salt-netapi-client: - See https://github.com/SUSE/salt-netapi-client/releases/tag/v0.14.0 spacewalk-backend: - Do not fail boostrap if no ip6addr interface. (bsc#1090395) - Allow again to use a higher version of spacewalk-backend-libs with spacewalk-backend. (bsc#1092383) - SLE15 support: recommended/required flag for products and channels. spacewalk-branding: - Fix URL for new products page. (bsc#1092492) - SLE15 support: recommended/required flag for products and channels. - Show channel label when listing config channels. (bsc#1083278) spacewalk-certs-tools: - Fix bootstrap script for python3. (bsc#1091840) - Support SLE15 product family. spacewalk-java: - Do not create new product if product_id exists, update it instead (bsc#1096714) - Fix deletion of Taskomatic schedules via the GUI (bsc#1095569) - Fix unknown installed products when using salt-ssh. (bsc#1088861) - Prevent NPE when no image build history details are available. (bsc#1092161) - Uniform the notification message when scheduling HW refresh. (bsc#1082796) - Add SLES12 SP2 LTSS family. (bsc#1092194) - Fix token cleanup task crashing. (bsc#1090585) - HW refresh fails on SLE15 Salt client. (bsc#1090221) - Only show the most relevant (least effort) solutions. (bsc#1087071) - Add support for autoinstallation of SLE15. (bsc#1090205) - Update sles_register cobbler snippets to work with SLE15. (bsc#1090205) - Support SLE15 product family. - Show channel label when listing config channels. (bsc#1083278) - Fix equals to display channels with same name but different label. (bsc#1083278) - Avoid init.sls files with no revision on Config State Channels. (bsc#1091855) - Fix taskomatic deadlock in failure case. (bsc#1085471) - Render configuration files with UTF-8. (bsc#1088667) - Update google-gson to version 2.8.2. (bsc#1091091) - Fix updating Subscription cache. (bsc#1075466) - Fix NPE inwebsocket session configurator. (bsc#1080474) - Wait until minion is back to set RebootAction as COMPLETED. (bsc#1089401) - Add support for Prometheus monitoring. - Fix constraint violation errors when onboarding. (bsc#1089468) - Fix Advanced search for systems with installed packages. (bsc#1085838) spacewalk-utils: - Clone-by-date removes packages only if the list is not empty. (bsc#1089396) spacewalk-web: - Fix misleading message when syncing channels. (bsc#1089103) - Automatically select mandatory channels when selecting a base channel. (bsc#1083513) - Fix ace.js editor config to use soft tabs. (bsc#1090040) - Display always config channel name and label. (bsc#1083278) susemanager: - Add missing python3 packages to bootstrap JeOS image. (bsc#1085044) - Support SLE15 product family. - Fix crash on not properly configured environment. (bsc#1092275) - Provide full traditional stack in RES bootstrap repo. (bsc#1091667) - Fix bootstrap script for python3. (bsc#1091840) - Fix unknown installed products when using salt-ssh. (bsc#1088861) - Add python2-salt to RES7 and SLES12 bootstrap repository. - Fix bootstrapping RHEL 7 salt client (missing python-ipaddress). (bsc#1087055) susemanager-frontend-libs: - Enforce susemanager-nodejs-sdk-devel dependency version. (bsc#1095231) susemanager-docs_en: - Documentation: mgr-create-bootstrap-repo documented flag is not correct. (bsc#1090400) - Remove LTSS from SUSE Linux Enterprise 11 SP4 in gs. (bsc#1090401) - Configuration Macros do not work. (bsc#1084679) - Updated spacecmd with new functions. - Update bootstrap warning for sles 15 clients and python 3 - in reference and gs. susemanager-schema: - Add SLE15 distribution. (bsc#1090205) - SLE15 support: recommended/required flag for products and channels. - Support SLE15 product family. - Fix a race condition on lookup_evr. (bsc#1090059) susemanager-sls: - Install python2/3 saltflavours on buildhosts to generate a compatible thin for the dockerimage beeing build. (bsc#1092161) - Docker.login requires a list as input. (bsc#1092161) - Fix profileupdate sls to execute retrieval of kernel live patching info. (bsc#1091052) - Support SLE15 product family. - Fix hardware refresh when FQDN changes. (bsc#1073267) - Create bootstrap repo only if it exist in the server. (bsc#1087840) - Fix master tops merging when running salt> =2018. - Use dockermod with new salt and user repository/tag option for build. susemanager-sync-data: - Set SLE15 channel update tags to final version. - Add SLES12 SP2 LTSS family. (bsc#1092194) - Add SLES12-SP2-LTSS product classes. (bsc#1092194) - Add debuginfo channels for SLE15 products. - Add PackageHub 15 Products. - Add product sle-module-live-patching 15. - Add new HPC 15 Product. - Add missing channel to sle-module-basesystem 15. - Support SLE15 product family. susemanager-tftpsync: - Detect if there is already another instance of "cobbler sync" running and exit with failure if so. (bsc#1081714) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 3.1: zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-1174=1 Package List: - SUSE Manager Server 3.1 (ppc64le s390x x86_64): patterns-suma_server-3.1-3.3.2 spacewalk-branding-2.7.2.13-2.19.5 susemanager-3.1.14-2.19.5 susemanager-tftpsync-3.1.3-3.6.2 susemanager-tools-3.1.14-2.19.5 - SUSE Manager Server 3.1 (noarch): cobbler-2.6.6-5.10.4 google-gson-2.8.2-3.3.6 prometheus-client-java-0.3.0-1.3.5 py26-compat-salt-2016.11.4-1.7.2 salt-netapi-client-0.14.0-3.9.5 spacewalk-backend-2.7.73.13-2.19.5 spacewalk-backend-app-2.7.73.13-2.19.5 spacewalk-backend-applet-2.7.73.13-2.19.5 spacewalk-backend-config-files-2.7.73.13-2.19.5 spacewalk-backend-config-files-common-2.7.73.13-2.19.5 spacewalk-backend-config-files-tool-2.7.73.13-2.19.5 spacewalk-backend-iss-2.7.73.13-2.19.5 spacewalk-backend-iss-export-2.7.73.13-2.19.5 spacewalk-backend-libs-2.7.73.13-2.19.5 spacewalk-backend-package-push-server-2.7.73.13-2.19.5 spacewalk-backend-server-2.7.73.13-2.19.5 spacewalk-backend-sql-2.7.73.13-2.19.5 spacewalk-backend-sql-oracle-2.7.73.13-2.19.5 spacewalk-backend-sql-postgresql-2.7.73.13-2.19.5 spacewalk-backend-tools-2.7.73.13-2.19.5 spacewalk-backend-xml-export-libs-2.7.73.13-2.19.5 spacewalk-backend-xmlrpc-2.7.73.13-2.19.5 spacewalk-base-2.7.1.16-2.19.5 spacewalk-base-minimal-2.7.1.16-2.19.5 spacewalk-base-minimal-config-2.7.1.16-2.19.5 spacewalk-certs-tools-2.7.0.10-2.12.4 spacewalk-html-2.7.1.16-2.19.5 spacewalk-java-2.7.46.14-2.25.1 spacewalk-java-config-2.7.46.14-2.25.1 spacewalk-java-lib-2.7.46.14-2.25.1 spacewalk-java-oracle-2.7.46.14-2.25.1 spacewalk-java-postgresql-2.7.46.14-2.25.1 spacewalk-taskomatic-2.7.46.14-2.25.1 spacewalk-utils-2.7.10.7-2.10.4 susemanager-advanced-topics_en-pdf-3.1-10.20.7 susemanager-best-practices_en-pdf-3.1-10.20.7 susemanager-docs_en-3.1-10.20.7 susemanager-frontend-libs-3.1.1-3.3.2 susemanager-getting-started_en-pdf-3.1-10.20.7 susemanager-jsp_en-3.1-10.20.7 susemanager-reference_en-pdf-3.1-10.20.7 susemanager-schema-3.1.17-2.23.3 susemanager-sls-3.1.17-2.23.2 susemanager-sync-data-3.1.14-2.23.2 References: https://www.suse.com/security/cve/CVE-2014-5326.html https://www.suse.com/security/cve/CVE-2017-1000469.html https://bugzilla.suse.com/1073267 https://bugzilla.suse.com/1074594 https://bugzilla.suse.com/1075466 https://bugzilla.suse.com/1080474 https://bugzilla.suse.com/1081714 https://bugzilla.suse.com/1082796 https://bugzilla.suse.com/1083278 https://bugzilla.suse.com/1083513 https://bugzilla.suse.com/1084679 https://bugzilla.suse.com/1085044 https://bugzilla.suse.com/1085471 https://bugzilla.suse.com/1085650 https://bugzilla.suse.com/1085838 https://bugzilla.suse.com/1087055 https://bugzilla.suse.com/1087071 https://bugzilla.suse.com/1087840 https://bugzilla.suse.com/1088667 https://bugzilla.suse.com/1088861 https://bugzilla.suse.com/1089103 https://bugzilla.suse.com/1089396 https://bugzilla.suse.com/1089401 https://bugzilla.suse.com/1089468 https://bugzilla.suse.com/1090040 https://bugzilla.suse.com/1090059 https://bugzilla.suse.com/1090205 https://bugzilla.suse.com/1090221 https://bugzilla.suse.com/1090395 https://bugzilla.suse.com/1090400 https://bugzilla.suse.com/1090401 https://bugzilla.suse.com/1090585 https://bugzilla.suse.com/1091052 https://bugzilla.suse.com/1091091 https://bugzilla.suse.com/1091667 https://bugzilla.suse.com/1091840 https://bugzilla.suse.com/1091855 https://bugzilla.suse.com/1092161 https://bugzilla.suse.com/1092194 https://bugzilla.suse.com/1092275 https://bugzilla.suse.com/1092383 https://bugzilla.suse.com/1092492 https://bugzilla.suse.com/1095231 https://bugzilla.suse.com/1095569 https://bugzilla.suse.com/1096714 . SUSE Manager Server 3.1 receives a crucial security update addressing vulnerabilities, enhancing both stability and efficiency.. SUSE Manager Server, Security Update, Patch Fixes, SUSE Linux, Update Management. . LinuxSecurity.com Team

Jun 19, 2018 SuSE