drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in SUSE Manager Server 3.2
Name: |
Denial of Service in SUSE Manager Server 3.2 |
|
ID: |
SUSE-SU-2019:0341-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Manager Server 3.2, SUSE Manager Proxy 3.2 |
|
Datum: |
Mi, 13. Februar 2019, 15:44 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17197 |
|
Applikationen: |
SUSE Manager Server 3.2 |
|
Originalnachricht |
SUSE Security Update: Security update for SUSE Manager Server 3.2 ______________________________________________________________________________
Announcement ID: SUSE-SU-2019:0341-1 Rating: moderate References: #1089121 #1098826 #1099988 #1104680 #1105720 #1105791 #1110427 #1110757 #1110772 #1111191 #1111686 #1111910 #1111963 #1112121 #1114029 #1114059 #1114115 #1114268 #1114877 #1115029 #1115978 #1116365 #1116566 #1116610 #1116826 #1117759 #1118112 #1118478 #1118917 #1119233 #1119271 #1119320 #1119727 #1119807 #1121038 #1121424 #1122565 #1123902 #1123983 #1124794 #1125097 #987798 Cross-References: CVE-2018-17197 Affected Products: SUSE Manager Server 3.2 SUSE Manager Proxy 3.2 ______________________________________________________________________________
An update that solves one vulnerability and has 41 fixes is now available.
Description:
This update fixes the following issues:
branch-network-formula:
- Netconfig update requires bind directory to exists for bind forward, ensure it (bsc#1116365) - Rework network update in branch-network formula (bsc#1116365)
py26-compat-salt:
- Remove arch from name when pkg.list_pkgs is called with 'attr' (bsc#1114029)
python-susemanager-retail:
- Force one python version for SLE12 (python2) and SLE15 (python3) - Add disklabel: none to migrated RAID
saltboot-formula:
- Use FTP active mode for image download - Always deploy image when image is specified in partitioning pillar (bsc#1119807) - Call blockdev.formatted with force=True - Allow RAID images to be defined by saltboot formula - image information can be provided directly for disk - allow "none" disk label in formula and in that case hide partitioning information
smdba:
- Tuning: add cpu_tuple_cost (bsc#1105791)
spacecmd:
- Fix importing state channels using configchannel_import - Fix getting file info for latest revision (via configchannel_filedetails) - Add functions to merge errata (softwarechannel_errata_merge) and packages (softwarechannel_mergepackages) through spacecmd (bsc#987798)
spacewalk-admin:
- Use a Salt engine to process return results (bsc#1099988)
spacewalk-backend:
- Move channel update close to commit to avoid long lock (bsc#1121424) - Adapt Inter Server Sync code to new SCC sync backend - Fix issue raising exceptions 'with_traceback' on Python 2 - Hide Python traceback and show only error message (bsc#1110427) - Honor renamed postgresql10 log directory for supportconfig
spacewalk-branding:
- Better label visualization when the input is disabled. (bsc#1110772)
spacewalk-client-tools:
- Fix XML-RPC type serialization (bsc#1116610)
spacewalk-java:
- Improve salt events processing performance (bsc#1125097) - Prevent an error when onboarding a RES 6 minion (bsc#1124794) - Support products with multiple base channels - Fix ordering of base channels to prevent synchronization errors (bsc#1123902) - Support products with multiple base channels - Avoid a NullPointerException error in Taskomatic (bsc#1119271) - Reset channel assignments when base channel changes on registration (bsc#1118917) - Allow bootstrapping minions with a pending minion key being present (bsc#1119727) - Hide 'unknown virtual host manager' when virtual host manager of all hosts is known (bsc#1119320) - Disable notification types with 'java.notifications_type_disabled' in rhn.conf (bsc#1111910) - Change SCC sync backend to adapt quicker to SCC changes and improve speed of syncing metadata and checking for channel dependencies (bsc#1089121) - Read OEM Orderitems from DB instead of create always new items (bsc#1098826) - Fix mgr-sync refresh when subscription was removed (bsc#1105720) - XMLRPC API: Include init.sls in channel file list (bsc#1111191) - Fix the config channels assignment via SSM (bsc#1117759) - Install product packages during bootstrapping minions (bsc#1104680) - Fix cloning channels when managing the same errata for both vendor and private orgs (bsc#1111686) - Introduce Loggerhead-module.js to store logs from the frontend - Removed 'Manage Channels' shortcut for vendor channels (bsc#1115978) - Hide already applied errata and channel entries from the output list in audit.listSystemsByPatchStatus (bsc#1111963) - Prevent failing KickstartCommand when customPosition is null (bsc#1112121) - Automatically schedule an Action to refresh minion repos after deletion of an assigned channel (bsc#1115029) - Performance improvements in channel management functionalities (bsc#1114877) - Handle with an error message if state file fails to render (bsc#1110757) - When changing basechannel the compatible old childchannels are now selected by default. (bsc#1110772) - Add check for yast autoinstall profiles when setting kickstartTree (bsc#1114115) - Use a Salt engine to process return results (bsc#1099988) - Fix handling of CVEs including multiple patches in CVE audit (bsc#1111963) - Fix synchronizing Expanded Support Channel with missing architecture (bsc#1122565)
spacewalk-setup:
- Use a Salt engine to process return results (bsc#1099988)
spacewalk-utils:
- Exit with an error if spacewalk-common-channels does not match any channel
spacewalk-web:
- Show feedback messages after using the retry option on the notification messages page - Change SCC sync backend to adapt quicker to SCC changes and improve speed of syncing metadata and checking for channel dependencies - Fix wording for taskotop (cosmetical only)(bsc#1118112) - When changing basechannel the compatible old childchannels are now selected by default. (bsc#1110772)
subscription-matcher:
- Old style hard bundle merging fix (bsc#1114059)
susemanager:
- Add bootstrap repo definition for OES 2018 SP1 (bsc#1116826) - Rhnlib was renamed to python2-rhnlib. Change bootstrap data accordingly. - Change SCC sync backend to adapt quicker to SCC changes and improve speed of syncing metadata and checking for channel dependencies - Adapt mgr-create-bootstrap-repo for Uyuni and let it create bootstrap repos for openSUSE and CentOS - Fetch packages from correct channel when creating a bootstrap repository - Fix not found package on mgr-create-bootstrap-repo for SLE-15-s390x (bsc#1116566) - Add python3-six to bootstrap repo for SLES15 (bsc#1118478)
susemanager-docs_en:
- Update text and image files. - Enhance forms documentation (more attributes). - Proxy: for example, migration from traditional to Salt not supported. - RAM requirements for host running kiwi OS images. - Notification properties. - Update scalability documentation.
susemanager-schema:
- Change SCC sync backend to adapt quicker to SCC changes and improve speed of syncing metadata and checking for channel dependencies - Performance improvements in channel management functionalities (bsc#1114877) - Use a Salt engine to process return results (bsc#1099988)
susemanager-sls:
- Improve salt events processing performance (bsc#1125097) - Allow bootstrapping minions with a pending minion key being present (bsc#1119727) - Use a Salt engine to process return results (bsc#1099988)
susemanager-sync-data:
- Make SUSE Manager Tools channel mandatory (bsc#1123983) - Add sle-module-web-scripting for OES2018 (bsc#1119233) - Add new set of data for the new SCC sync backend - Enable SLE15 SP1 family (bsc#1114268) - Enable OES2018 SP1 (bsc#1116826)
tika-core:
- CVE-2018-17197: Fixed an infinite loop in the SQLite3Parser of Apache Tika (bsc#1121038)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 3.2:
zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2019-341=1
- SUSE Manager Proxy 3.2:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2019-341=1
Package List:
- SUSE Manager Server 3.2 (ppc64le s390x x86_64):
smdba-1.6.3-0.3.6.13 spacewalk-branding-2.8.5.13-3.13.14 susemanager-3.2.15-3.16.13 susemanager-tools-3.2.15-3.16.13
- SUSE Manager Server 3.2 (noarch):
branch-network-formula-0.1.1545038754.c983fa6-3.6.13 netty-4.1.8.Final-2.7.4 py26-compat-salt-2016.11.10-6.18.14 python-susemanager-retail-1.0.1544459934.07229ad-2.9.13 python2-spacewalk-client-tools-2.8.22.4-3.3.13 saltboot-formula-0.1.1546527519.591e925-3.9.13 spacecmd-2.8.25.8-3.12.13 spacewalk-admin-2.8.4.3-3.3.13 spacewalk-backend-2.8.57.8-3.10.14 spacewalk-backend-app-2.8.57.8-3.10.14 spacewalk-backend-applet-2.8.57.8-3.10.14 spacewalk-backend-config-files-2.8.57.8-3.10.14 spacewalk-backend-config-files-common-2.8.57.8-3.10.14 spacewalk-backend-config-files-tool-2.8.57.8-3.10.14 spacewalk-backend-iss-2.8.57.8-3.10.14 spacewalk-backend-iss-export-2.8.57.8-3.10.14 spacewalk-backend-libs-2.8.57.8-3.10.14 spacewalk-backend-package-push-server-2.8.57.8-3.10.14 spacewalk-backend-server-2.8.57.8-3.10.14 spacewalk-backend-sql-2.8.57.8-3.10.14 spacewalk-backend-sql-oracle-2.8.57.8-3.10.14 spacewalk-backend-sql-postgresql-2.8.57.8-3.10.14 spacewalk-backend-tools-2.8.57.8-3.10.14 spacewalk-backend-xml-export-libs-2.8.57.8-3.10.14 spacewalk-backend-xmlrpc-2.8.57.8-3.10.14 spacewalk-base-2.8.7.12-3.16.12 spacewalk-base-minimal-2.8.7.12-3.16.12 spacewalk-base-minimal-config-2.8.7.12-3.16.12 spacewalk-client-tools-2.8.22.4-3.3.13 spacewalk-html-2.8.7.12-3.16.12 spacewalk-java-2.8.78.18-3.21.1 spacewalk-java-config-2.8.78.18-3.21.1 spacewalk-java-lib-2.8.78.18-3.21.1 spacewalk-java-oracle-2.8.78.18-3.21.1 spacewalk-java-postgresql-2.8.78.18-3.21.1 spacewalk-setup-2.8.7.6-3.13.13 spacewalk-taskomatic-2.8.78.18-3.21.1 spacewalk-utils-2.8.18.4-3.6.13 subscription-matcher-0.22-4.9.13 susemanager-advanced-topics_en-pdf-3.2-11.15.12 susemanager-best-practices_en-pdf-3.2-11.15.12 susemanager-docs_en-3.2-11.15.12 susemanager-getting-started_en-pdf-3.2-11.15.12 susemanager-jsp_en-3.2-11.15.12 susemanager-reference_en-pdf-3.2-11.15.12 susemanager-retail-tools-1.0.1544459934.07229ad-2.9.13 susemanager-schema-3.2.16-3.16.13 susemanager-sls-3.2.20-3.18.1 susemanager-sync-data-3.2.12-3.14.2 susemanager-web-libs-2.8.7.12-3.16.12 tika-core-1.20-3.6.13
- SUSE Manager Proxy 3.2 (noarch):
python2-spacewalk-check-2.8.22.4-3.3.13 python2-spacewalk-client-setup-2.8.22.4-3.3.13 python2-spacewalk-client-tools-2.8.22.4-3.3.13 spacewalk-backend-2.8.57.8-3.10.14 spacewalk-backend-libs-2.8.57.8-3.10.14 spacewalk-base-minimal-2.8.7.12-3.16.12 spacewalk-base-minimal-config-2.8.7.12-3.16.12 spacewalk-check-2.8.22.4-3.3.13 spacewalk-client-setup-2.8.22.4-3.3.13 spacewalk-client-tools-2.8.22.4-3.3.13 spacewalk-proxy-installer-2.8.6.4-3.6.13 susemanager-web-libs-2.8.7.12-3.16.12
References:
https://www.suse.com/security/cve/CVE-2018-17197.html https://bugzilla.suse.com/1089121 https://bugzilla.suse.com/1098826 https://bugzilla.suse.com/1099988 https://bugzilla.suse.com/1104680 https://bugzilla.suse.com/1105720 https://bugzilla.suse.com/1105791 https://bugzilla.suse.com/1110427 https://bugzilla.suse.com/1110757 https://bugzilla.suse.com/1110772 https://bugzilla.suse.com/1111191 https://bugzilla.suse.com/1111686 https://bugzilla.suse.com/1111910 https://bugzilla.suse.com/1111963 https://bugzilla.suse.com/1112121 https://bugzilla.suse.com/1114029 https://bugzilla.suse.com/1114059 https://bugzilla.suse.com/1114115 https://bugzilla.suse.com/1114268 https://bugzilla.suse.com/1114877 https://bugzilla.suse.com/1115029 https://bugzilla.suse.com/1115978 https://bugzilla.suse.com/1116365 https://bugzilla.suse.com/1116566 https://bugzilla.suse.com/1116610 https://bugzilla.suse.com/1116826 https://bugzilla.suse.com/1117759 https://bugzilla.suse.com/1118112 https://bugzilla.suse.com/1118478 https://bugzilla.suse.com/1118917 https://bugzilla.suse.com/1119233 https://bugzilla.suse.com/1119271 https://bugzilla.suse.com/1119320 https://bugzilla.suse.com/1119727 https://bugzilla.suse.com/1119807 https://bugzilla.suse.com/1121038 https://bugzilla.suse.com/1121424 https://bugzilla.suse.com/1122565 https://bugzilla.suse.com/1123902 https://bugzilla.suse.com/1123983 https://bugzilla.suse.com/1124794 https://bugzilla.suse.com/1125097 https://bugzilla.suse.com/987798
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|