drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in SUSE
Name: |
Zwei Probleme in SUSE |
|
ID: |
SUSE-SU-2018:3811-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Manager Server 3.1 |
|
Datum: |
Mo, 19. November 2018, 22:41 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14696
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14695 |
|
Applikationen: |
SUSE |
|
Originalnachricht |
SUSE Security Update: Security update for SUSE Manager Server 3.1 ______________________________________________________________________________
Announcement ID: SUSE-SU-2018:3811-1 Rating: moderate References: #1034030 #1037389 #1042184 #1080474 #1090676 #1094524 #1094992 #1095220 #1095942 #1095972 #1096511 #1098970 #1099857 #1100852 #1101033 #1104120 #1104487 #1105045 #1105074 #1105720 #1105724 #1105886 #1106164 #1106875 #1107117 #1107302 #1107850 #1107869 #1109235 #1111249 #1111542 #1112163 #1113557 #1113698 #1113699 Cross-References: CVE-2017-14695 CVE-2017-14696 Affected Products: SUSE Manager Server 3.1 ______________________________________________________________________________
An update that solves two vulnerabilities and has 33 fixes is now available.
Description:
This update includes the following new features:
- Add support for postgresql 10 (fate#325659)
This update fixes the following issues:
py26-compat-salt:
- Update Salt version to 2016.11.10
- CVE-2018-15750: Fixed directory traversal vulnerability in salt-api (bsc#1113698). - CVE-2018-15751: Fixed remote authentication bypass in salt-api(netapi) that allows to execute arbitrary commands (bsc#1113699).
- Fix wrong recurse behavior on for linux_acl.present (bsc#1106164) - Adding backport for string arg normalization and fix for SUSE ES os - Prepend current directory when path is just filename (bsc#1095942)
smdba:
- Add support for postgresql 10 (fate#325659)
spacecmd:
- Show group id on group_details (bsc#1111542) - State channels handling: Existing commands configchannel_create and configchannel_import were updated while system_scheduleapplyconfigchannels and configchannel_updateinitsls were added.
spacewalk:
- Add support for postgresql10 (fate#325659)
spacewalk-backend:
- Channels to be actually un-subscribed from the assigned systems when being removed using spacewalk-remove-channel tool(bsc#1104120)
spacewalk-branding:
- New messages are added for XMLRPC API for state channels
spacewalk-doc-indexes:
- Use nutch-core dependency instead of nutch
spacewalk-java:
- Change Requires to allow installing with both Tomcat 8 (SLE-12SP3) and 9 (SLE12-SP4) - Fix typo in messages (bsc#1111249) - Remove restrictions on SUSE Manager Channel subscriptions (bsc#1105724) - Added shortcut for editing Software Channel - Fix NullPointerException when refreshing deleted software channel (bsc#1094992) - Add last_boot to listSystems() API call - Check valid postgresql database version - Fix displayed number of systems requiring reboot in Tasks pane (bsc#1106875) - Changed localization strings for file summaries (bsc#1090676) - Added menu item entries for creating/deleting file preservation lists (bsc#1034030) - Better error handling when a websocket connection is aborted (bsc#1080474) - Remove the reference of channel from revision before deleting it(bsc#1107850) - Added link from virtualization tab to Scheduled > Pending Actions (bsc#1037389) - Speedup package listings(bsc#1100852) - Method to Unsubscribe channel from system(bsc#1104120) - Fix mgr-sync refresh when subscription was removed (bsc#1105720) - Fix an error in the system software channels UI due to SUSE product channels missing a corresponding synced channel (bsc#1105886) - XMLRPC API for state channels - Optimize execution of actions in minions (bsc#1099857) - Reschedule taskomatic jobs if task threads limit reached (bsc#1096511) - Logic constraint: results must be ordered and grouped by systemId first (bsc#1101033) - Do not wrap output if stderr is not present (bsc#1105074)
spacewalk-search:
- Discard commons-logging.properties removal on spec file, as OBS package does not contain it - Upgrade tika-core to 0.19.1 and adjust nutch-core (bsc#1109235) - Remove lib jar files and add them as build dependencies on spec - Limit number of old java logfiles (bsc#1107869)
spacewalk-utils:
- Fix typo at --phases option help
spacewalk-web:
- Fix typo in messages (bsc#1111249) - Fix Sles name in base channel filter (Visualization tab) (bsc#1042184)
subscription-matcher:
- Set core dumps location for IBM java (bsc#1107302) - Fix OutOfMemoryError crashes (bsc#1094524) - Updated to version 0.20 - Update partnumbers rule file (bsc#1095972) - Use intermediate object to store confirmed matches within a penalty group and prevent infinite reactivation of Inherited virtualization rule (bsc#1094524)
susemanager:
- Add new option --with-parent-channel to mgr-create-bootrap-repo to specify parent channel to use if multiple options are available (bsc#1104487) - Add support for postgresql10 (fate#325659) - Bootstrap repos for SLE12 SP4 (bsc#1107117)
susemanager-branding-oss:
- Use ASCII quotation marks in license file (bsc#1098970)
susemanager-schema:
- Check valid postgresql database version
susemanager-sls:
- Deploy SSL certificate during onboarding of openSUSE Leap 15.0 (bsc#1112163) - Removed the ssl certificate verification while checking bootstrap repo URL (bsc#1095220) - Removed the need for curl to be present at bootstrap phase (bsc#1095220)
susemanager-sync-data:
- SUSE OpenStack Cloud 9 enablement (bsc#1113557) - Add SUSE Manager 3.1 on SLES12 SP4 - Support SLE12 SP4 product family (bsc#1107117) - Add CaaSP 3.0 channels (bsc#1105045)
Additionally some Java components have been split out of existing packages for better maintenance:
- apache-mybatis - hadoop - icu4j - lucene - nekohtml - nutch-core - picocontainer - tagsoup - tika-core
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 3.1:
zypper in -t patch SUSE-SUSE-Manager-Server-3.1-2018-2708=1
Package List:
- SUSE Manager Server 3.1 (ppc64le s390x x86_64):
smdba-1.6.2-0.2.9.1 spacewalk-branding-2.7.2.15-2.25.1 susemanager-3.1.16-2.26.1 susemanager-tools-3.1.16-2.26.1
- SUSE Manager Server 3.1 (noarch):
apache-mybatis-3.2.3-1.3.1 hadoop-0.18.1-1.3.1 icu4j-55.1-1.3.1 lucene-2.4.1-1.3.1 nekohtml-1.9.21-1.3.1 nutch-core-1.0.1-1.3.1 picocontainer-1.3.7-1.3.1 py26-compat-salt-2016.11.10-1.16.1 spacecmd-2.7.8.13-2.26.1 spacewalk-backend-2.7.73.15-2.26.1 spacewalk-backend-app-2.7.73.15-2.26.1 spacewalk-backend-applet-2.7.73.15-2.26.1 spacewalk-backend-config-files-2.7.73.15-2.26.1 spacewalk-backend-config-files-common-2.7.73.15-2.26.1 spacewalk-backend-config-files-tool-2.7.73.15-2.26.1 spacewalk-backend-iss-2.7.73.15-2.26.1 spacewalk-backend-iss-export-2.7.73.15-2.26.1 spacewalk-backend-libs-2.7.73.15-2.26.1 spacewalk-backend-package-push-server-2.7.73.15-2.26.1 spacewalk-backend-server-2.7.73.15-2.26.1 spacewalk-backend-sql-2.7.73.15-2.26.1 spacewalk-backend-sql-oracle-2.7.73.15-2.26.1 spacewalk-backend-sql-postgresql-2.7.73.15-2.26.1 spacewalk-backend-tools-2.7.73.15-2.26.1 spacewalk-backend-xml-export-libs-2.7.73.15-2.26.1 spacewalk-backend-xmlrpc-2.7.73.15-2.26.1 spacewalk-base-2.7.1.19-2.29.1 spacewalk-base-minimal-2.7.1.19-2.29.1 spacewalk-base-minimal-config-2.7.1.19-2.29.1 spacewalk-common-2.7.0.6-2.6.1 spacewalk-doc-indexes-2.7.0.4-2.6.1 spacewalk-html-2.7.1.19-2.29.1 spacewalk-java-2.7.46.17-2.35.1 spacewalk-java-config-2.7.46.17-2.35.1 spacewalk-java-lib-2.7.46.17-2.35.1 spacewalk-java-oracle-2.7.46.17-2.35.1 spacewalk-java-postgresql-2.7.46.17-2.35.1 spacewalk-oracle-2.7.0.6-2.6.1 spacewalk-postgresql-2.7.0.6-2.6.1 spacewalk-search-2.7.3.6-2.16.1 spacewalk-taskomatic-2.7.46.17-2.35.1 spacewalk-utils-2.7.10.9-2.17.1 subscription-matcher-0.21-4.6.1 susemanager-branding-oss-3.1.2-3.3.1 susemanager-schema-3.1.20-2.33.1 susemanager-sls-3.1.19-2.30.1 susemanager-sync-data-3.1.16-2.29.1 tagsoup-1.2.1-1.3.1 tika-core-1.19.1-1.3.1
References:
https://www.suse.com/security/cve/CVE-2017-14695.html https://www.suse.com/security/cve/CVE-2017-14696.html https://bugzilla.suse.com/1034030 https://bugzilla.suse.com/1037389 https://bugzilla.suse.com/1042184 https://bugzilla.suse.com/1080474 https://bugzilla.suse.com/1090676 https://bugzilla.suse.com/1094524 https://bugzilla.suse.com/1094992 https://bugzilla.suse.com/1095220 https://bugzilla.suse.com/1095942 https://bugzilla.suse.com/1095972 https://bugzilla.suse.com/1096511 https://bugzilla.suse.com/1098970 https://bugzilla.suse.com/1099857 https://bugzilla.suse.com/1100852 https://bugzilla.suse.com/1101033 https://bugzilla.suse.com/1104120 https://bugzilla.suse.com/1104487 https://bugzilla.suse.com/1105045 https://bugzilla.suse.com/1105074 https://bugzilla.suse.com/1105720 https://bugzilla.suse.com/1105724 https://bugzilla.suse.com/1105886 https://bugzilla.suse.com/1106164 https://bugzilla.suse.com/1106875 https://bugzilla.suse.com/1107117 https://bugzilla.suse.com/1107302 https://bugzilla.suse.com/1107850 https://bugzilla.suse.com/1107869 https://bugzilla.suse.com/1109235 https://bugzilla.suse.com/1111249 https://bugzilla.suse.com/1111542 https://bugzilla.suse.com/1112163 https://bugzilla.suse.com/1113557 https://bugzilla.suse.com/1113698 https://bugzilla.suse.com/1113699
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|