drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in SUSE Manager Server 4.1
Name: |
Mehrere Probleme in SUSE Manager Server 4.1 |
|
ID: |
SUSE-SU-2020:2832-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Linux Enterprise Module for SUSE Manager Server 4.1 |
|
Datum: |
Sa, 3. Oktober 2020, 11:06 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14900 |
|
Applikationen: |
SUSE Manager Server 4.1 |
|
Originalnachricht |
--===============5712820593367337864== Content-Type: text/plain
SUSE Security Update: Security update for SUSE Manager Server 4.1 ______________________________________________________________________________
Announcement ID: SUSE-SU-2020:2832-1 Rating: moderate References: #1151557 #1165287 #1165829 #1171836 #1172079 #1172263 #1173073 #1173520 #1173603 #1173621 #1174025 #1174254 #1174357 #1174423 #1174636 #1175103 #1175512 #1175529 #1175545 #1175556 #1175889 #1176500 #1176503 #1176844 #1176862 #1176913 Cross-References: CVE-2019-14900 Affected Products: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 ______________________________________________________________________________
An update that solves one vulnerability and has 25 fixes is now available.
Description:
This update fixes the following issues:
golang-github-QubitProducts-exporter_exporter:
- Pin Golang version to 1.14
golang-github-prometheus-node_exporter:
- Update to 1.0.1 * Changes to build specification + Modify spec: update golang version to 1.14 + Remove update tarball script + Add _service file to allow for updates via `osc service disabledrun` * Bug fixes + [BUGFIX] filesystem_freebsd: Fix label values #1728 + [BUGFIX] Update prometheus/procfs to fix log noise #1735 + [BUGFIX] Fix build tags for collectors #1745 + [BUGFIX] Handle no data from powersupplyclass #1747, #1749 - Update to 1.0.0 * Bug fixes + [BUGFIX] Read /proc/net files with a single read syscall #1380 + [BUGFIX] Renamed label state to name on node_systemd_service_restart_total. #1393 + [BUGFIX] Fix netdev nil reference on Darwin #1414 + [BUGFIX] Strip path.rootfs from mountpoint labels #1421 + [BUGFIX] Fix seconds reported by schedstat #1426 + [BUGFIX] Fix empty string in path.rootfs #1464 + [BUGFIX] Fix typo in cpufreq metric names #1510 + [BUGFIX] Read /proc/stat in one syscall #1538 + [BUGFIX] Fix OpenBSD cache memory information #1542 + [BUGFIX] Refactor textfile collector to avoid looping defer #1549 + [BUGFIX] Fix network speed math #1580 + [BUGFIX] collector/systemd: use regexp to extract systemd version #1647 + [BUGFIX] Fix initialization in perf collector when using multiple CPUs #1665 + [BUGFIX] Fix accidentally empty lines in meminfo_linux #1671 * Several enhancements + See https://github.com/prometheus/node_exporter/releases/tag/v1.0.0 - Update to 1.0.0-rc.0 * The netdev collector CLI argument --collector.netdev.ignored-devices was renamed to --collector.netdev.device-blacklist in order to conform with the systemd collector. #1279 * The label named state on node_systemd_service_restart_total metrics was changed to name to better describe the metric. #1393 * Refactoring of the mdadm collector changes several metrics node_md_disks_active is removed node_md_disks now has a state label for "fail", "spare", "active" disks. node_md_is_active is replaced by node_md_state with a state set of "active", "inactive", "recovering", "resync". * Additional label mountaddr added to NFS device metrics to distinguish mounts from the same URL, but different IP addresses. #1417 * Metrics node_cpu_scaling_frequency_min_hrts and node_cpu_scaling_frequency_max_hrts of the cpufreq collector were renamed to node_cpu_scaling_frequency_min_hertz and node_cpu_scaling_frequency_max_hertz. #1510 * Collectors that are enabled, but are unable to find data to collect, now return 0 for node_scrape_collector_success. - Add missing sysconfig file in rpm bsc#1151557
hibernate5:
- Address CVE-2019-14900 (bsc#1172079) - Add patch:
hub-xmlrpc-api:
- One configuration flag was renamed for clarity - Added USE_SSL flag to https insted of plain http - Updated docs - Bugfixes - Changed configuration to plain variables - Bugfixes
patterns-suse-manager:
- Change PostgreSQL requirements to require at least PostgreSQL 12
prometheus-exporters-formula:
- Bugfix: More robust handling of NoneType arguments (bsc#1176844) - Bugfix: Handle <NoneType> arguments (bsc#1176844)
salt-netapi-client:
- Fix text resource usage
spacecmd:
- Fix softwarechannel_listlatestpackages throwing error on empty channels (bsc#1175889)
spacewalk-backend:
- Fix strings (mentions of Satellite, replace SUSE Manager with PRODUCT_NAME, etc) - Only regenerate bootstrap repositories when linking new packages (bsc#1174636) - Support installer_updates flag in ISS - Remove duplicate languages and update translation strings
spacewalk-branding:
- Re-enable language picker for user creation
spacewalk-certs-tools:
- Add option --nostricthostkeychecking to spacewalk-ssh-push-init - Fix the fallback to RES bootstrap repo for Centos (bsc#1174423)
spacewalk-client-tools:
- Remove duplicated languages and update translation strings
spacewalk-java:
- Force disable SPA for non-navigation links (bsc#1175512) - Fix strings (mentions of Satellite, replace SUSE Manager with PRODUCT_NAME, etc) - Pass the log level parameter to matcher - Add language picker to user preferences and user creation - Detect client organization from connected proxy (bsc#1175545) - Fix EntityExistsException on migration from traditional to salt minion via proxy (bsc#1175556) - Fix: use quiet API method when using spacewalk-common-channels (bsc#1175529) - Add java.allow_adding_patches_via_api to allow adding errata to vendor channels - Fix alignment on icon on entitlement page - Support installer update channels during autoinstallation - Filter machines not in maintenance mode for remote commands - Reset the server path on minion registration (bsc#1174254) - Data null means the sync never ran yet (bsc#1174357)
spacewalk-utils:
- Avoid exceptions on the logs when looking for channels that do not exist (bsc#1175529)
spacewalk-web:
- Fix the jQuery selector in SP Migration page (bsc#1176500) - Fix JavaScript error caused by SPA navigation event with empty event field (bsc#1176503) - Force disable SPA for non-navigation links (bsc#1175512) - Add translation support for react t() function - Fix striping on react tables - Update translation strings
subscription-matcher:
- Allow matching any guest products for Unlimited Virtualization subscriptions (bsc#1165287) - Only report confirmed matches in the output.json - Expose the log level setting to the command line - In the subscriptions CSV output, print the active subscriptions first
susemanager:
- Add missing packages to SLE12 >= SP1 bootstrap data to fix JeOS bootstrap problems (bsc#1176913) - Fix strings (mentions of Satellite, replace SUSE Manager with PRODUCT_NAME, etc) - Support installer update channels during autoinstallation
susemanager-build-keys:
- Trust PackageHub key (bsc#1175103)
susemanager-doc-indexes:
- Fix contrast problem for visited links (bsc#1176862) - Remove old certs before renaming in Administration Guide (bsc#1171836) - Reference example scripts for SP Mass Migration in Upgrade Guide - Move PoS Terminal Requirements to the Requirements sections in the Retail Guide - Updated SP Mass Migration section in Upgrade Guide for clarity - Documented Proxy Y Upgrade (SP Migration) in Upgrade Guide - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for versioning. - Align SUSE Manager and Uyuni Proxy installation in the Installation Guide - New section Upgrade Uyuni Proxy in Upgrade Guide - New section Upgrade Uyuni Server in Upgrade Guide - Add GPG information about Oracle clients to SUMA (bsc#1173520) - Add hostname admonition to public cloud sections (bsc#1173621) - Add error wording to Taskomatic troubleshooting (bsc#1172263) - Add required URLs to Installation Guide - Replaces removed instructions for adding channels on older Ubuntu clients using the CLI in SUMA (bsc#1174025) - Added more concepts to Client Cfg - Documented maintenance windows feature in Admin Guide - Some reorganization of Client Cfg & Admin Guides - Updates storage device requirements in Install Guide - Adds new section for SUMA formulas in the Salt Guide - Updates storage device requirements in Install Guide - Added reverse proxy information to Monitoring in Admin Guide - Add note about accessibility to index - Add note about CentOS upstream repository (bsc#1173603) - Add firewall troubleshooting to Admin Guide - Fix Azure command in Install Guide (thanks Rahul-CTS) - Fix broken links in Auto-Install Proxy in Client Cfg (thanks shirocco88) - Adds Ubuntu 20.04 supported features for Uyuni in Client Cfg - Adds Uyuni Config Modules to the Salt Guide as tech preview
susemanager-docs_en:
- Fix contrast problem for visited links (bsc#1176862) - Remove old certs before renaming in Administration Guide (bsc#1171836) - Reference example scripts for SP Mass Migration in Upgrade Guide - Move PoS Terminal Requirements to the Requirements sections in the Retail Guide - Updated SP Mass Migration section in Upgrade Guide for clarity - Documented Proxy Y Upgrade (SP Migration) in Upgrade Guide - In the Upgrade Guide, use Major, Minor, and Patch Level terminology for versioning. - Align SUSE Manager and Uyuni Proxy installation in the Installation Guide - New section Upgrade Uyuni Proxy in Upgrade Guide - New section Upgrade Uyuni Server in Upgrade Guide - Add GPG information about Oracle clients to SUMA (bsc#1173520) - Add hostname admonition to public cloud sections (bsc#1173621) - Add error wording to Taskomatic troubleshooting (bsc#1172263) - Add required URLs to Installation Guide - Replaces removed instructions for adding channels on older Ubuntu clients using the CLI in SUMA (bsc#1174025) - Added more concepts to Client Cfg - Documented maintenance windows feature in Admin Guide - Some reorganization of Client Cfg & Admin Guides - Updates storage device requirements in Install Guide - Adds new section for SUMA formulas in the Salt Guide - Updates storage device requirements in Install Guide - Added reverse proxy information to Monitoring in Admin Guide - Add note about accessibility to index - Add note about CentOS upstream repository (bsc#1173603) - Add firewall troubleshooting to Admin Guide - Fix Azure command in Install Guide (thanks Rahul-CTS) - Fix broken links in Auto-Install Proxy in Client Cfg (thanks shirocco88) - Adds Ubuntu 20.04 supported features for Uyuni in Client Cfg - Adds Uyuni Config Modules to the Salt Guide as tech preview
susemanager-schema:
- Support installer update channels during autoinstallation - Prevent a deadlock error involving delete_server and update_needed_cache (bsc#1173073)
susemanager-sls:
- Add uyuni-config-modules subpackage with Salt modules to configure Servers - Fix reporting of missing products in product.all_installed (bsc#1165829)
How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2832=1
Package List:
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (ppc64le s390x x86_64):
golang-github-QubitProducts-exporter_exporter-0.4.0-6.9.4 golang-github-prometheus-node_exporter-1.0.1-3.3.4 hub-xmlrpc-api-0.7-3.3.3 hub-xmlrpc-api-debuginfo-0.7-3.3.3 patterns-suma_retail-4.1-6.6.3 patterns-suma_server-4.1-6.6.3 spacewalk-branding-4.1.10-3.6.3 susemanager-4.1.20-3.8.3 susemanager-tools-4.1.20-3.8.3
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (noarch):
hibernate5-5.3.7-3.3.4 prometheus-exporters-formula-0.7.3-3.10.1 python3-spacewalk-certs-tools-4.1.13-3.6.3 python3-spacewalk-client-tools-4.1.6-4.3.3 salt-netapi-client-0.17.0-15.4.3 spacecmd-4.1.7-4.6.3 spacewalk-backend-4.1.15-4.8.4 spacewalk-backend-app-4.1.15-4.8.4 spacewalk-backend-applet-4.1.15-4.8.4 spacewalk-backend-config-files-4.1.15-4.8.4 spacewalk-backend-config-files-common-4.1.15-4.8.4 spacewalk-backend-config-files-tool-4.1.15-4.8.4 spacewalk-backend-iss-4.1.15-4.8.4 spacewalk-backend-iss-export-4.1.15-4.8.4 spacewalk-backend-package-push-server-4.1.15-4.8.4 spacewalk-backend-server-4.1.15-4.8.4 spacewalk-backend-sql-4.1.15-4.8.4 spacewalk-backend-sql-postgresql-4.1.15-4.8.4 spacewalk-backend-tools-4.1.15-4.8.4 spacewalk-backend-xml-export-libs-4.1.15-4.8.4 spacewalk-backend-xmlrpc-4.1.15-4.8.4 spacewalk-base-4.1.18-3.6.3 spacewalk-base-minimal-4.1.18-3.6.3 spacewalk-base-minimal-config-4.1.18-3.6.3 spacewalk-certs-tools-4.1.13-3.6.3 spacewalk-client-tools-4.1.6-4.3.3 spacewalk-html-4.1.18-3.6.3 spacewalk-java-4.1.20-3.11.8 spacewalk-java-config-4.1.20-3.11.8 spacewalk-java-lib-4.1.20-3.11.8 spacewalk-java-postgresql-4.1.20-3.11.8 spacewalk-taskomatic-4.1.20-3.11.8 spacewalk-utils-4.1.12-3.6.3 spacewalk-utils-extras-4.1.12-3.6.3 subscription-matcher-0.26-3.3.3 susemanager-build-keys-15.2.1-3.3.2 susemanager-build-keys-web-15.2.1-3.3.2 susemanager-doc-indexes-4.1-11.12.2 susemanager-docs_en-4.1-11.12.2 susemanager-docs_en-pdf-4.1-11.12.2 susemanager-schema-4.1.13-3.6.3 susemanager-sls-4.1.15-3.8.4 susemanager-web-libs-4.1.18-3.6.3 uyuni-config-formula-0.1-6.3.3 uyuni-config-modules-4.1.15-3.8.4
References:
https://www.suse.com/security/cve/CVE-2019-14900.html https://bugzilla.suse.com/1151557 https://bugzilla.suse.com/1165287 https://bugzilla.suse.com/1165829 https://bugzilla.suse.com/1171836 https://bugzilla.suse.com/1172079 https://bugzilla.suse.com/1172263 https://bugzilla.suse.com/1173073 https://bugzilla.suse.com/1173520 https://bugzilla.suse.com/1173603 https://bugzilla.suse.com/1173621 https://bugzilla.suse.com/1174025 https://bugzilla.suse.com/1174254 https://bugzilla.suse.com/1174357 https://bugzilla.suse.com/1174423 https://bugzilla.suse.com/1174636 https://bugzilla.suse.com/1175103 https://bugzilla.suse.com/1175512 https://bugzilla.suse.com/1175529 https://bugzilla.suse.com/1175545 https://bugzilla.suse.com/1175556 https://bugzilla.suse.com/1175889 https://bugzilla.suse.com/1176500 https://bugzilla.suse.com/1176503 https://bugzilla.suse.com/1176844 https://bugzilla.suse.com/1176862 https://bugzilla.suse.com/1176913
--===============5712820593367337864== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates --===============5712820593367337864==--
|
|
|
|