SUSE-SU-2018:0285-1: moderate: Security update for SUSE Manager Server 3.0

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Jan 30 07:12:03 MST 2018


   SUSE Security Update: Security update for SUSE Manager Server 3.0
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:0285-1
Rating:             moderate
References:         #1015956 #1041993 #1045141 #1052283 #1055296 
                    #1058110 #1060182 #1061273 #1061574 #1062936 
                    #1063419 #1063588 #1063759 #1063891 #1063940 
                    #1064393 #1065259 #1065676 #1065844 #1066404 
                    #1066663 #1066819 #1066923 #1068032 #1068057 
                    #1069615 #1069943 #1070372 #1070597 #1071314 
                    #1071367 #1071553 #1073713 #1073739 #1074508 
                    #1075044 #1076622 #970630 #979633 
Cross-References:   CVE-2017-5715 CVE-2017-5753 CVE-2017-5754
                   
Affected Products:
                    SUSE Manager Server 3.0
______________________________________________________________________________

   An update that solves three vulnerabilities and has 36
   fixes is now available.

Description:


   This update fixes the following issues:

   !!!NOTE: For PostgreSQL, schema migrations could take a long time (hours),
   depending on the number of synced  !!! !!!packages and number of rows
   which requires cleanup. Please refer to the release notes for more
   information.!!!

   nutch:

   - Fix log hadoop into proper directory. (bsc#1061574)

   osad:

   - Fixed TypeError for force flag in setup_config that could happen when
     jabberd restart was needed. (bsc#1064393)

   pxe-default-image:

   - Spectre and Meltdown mitigation. (CVE-2017-5753, CVE-2017-5715,
     CVE-2017-5754, bsc#1068032)

   spacecmd:

   - Added custom JSON encoder in order to parse date fields correctly.
     (bsc#1070372)

   spacewalk-backend:

   - Fix restore hostname and ip*addr in templated documents. (bsc#1075044)
   - Fix directory name in spacewalk-data-fsck.
   - RhnServerNetwork refactoring. (bsc#1063419)

   spacewalk-branding:

   - Fix message about package profile synchronization. (bsc#1073739)
   - Fix naming of the Tools channel. (bsc#979633)

   spacewalk-client-tools:

   - Fix package sources.

   spacewalk-java:

   - Fix message about package profile synchronization. (bsc#1073739)
   - Add VM state as info gathered from VMware. (bsc#1063759)
   - Improve performance of token checking, when RPMs or metadata are
     downloaded from minions. (bsc#1061273)
   - Fix action names and date formatting in system event history.
     (bsc#1073713)
   - Fix incorrect 'os-release' report after SP migration. (bsc#1071553)
   - Fix failed package installation when in RES 32 and 64 bit packages are
     installed together. (bsc#1071314)
   - Add user preferences in order to change items-per-page. (bsc#1055296)
   - Display messages about wrong input more end-user friendly. (bsc#1015956)
   - Fix content refresh when product keys change. (bsc#1069943)
   - Allow 'Package List Refresh' when package architecture has changed.
     (bsc#1065259)
   - Support Open Enterprise Server 2018. (bsc#1060182)
   - Do not remove virtual instances for registered systems. (bsc#1063759)
   - Process right configfile on 'scheduleFileComparisons' API calls.
     (bsc#1066663)
   - Fix reported UUIDs for guests instances within a virtual host.
     (bsc#1063759)
   - Generate Order Items for OEM subscriptions. (bsc#1045141)
   - Enable 'Power Management' features on Salt minions.
   - Fail gracefully when GPG files are requested. (bsc#1065676)
   - Improve messaging for "Compare Packages". (bsc#1065844)
   - RhnServerNetwork refactoring. (bsc#1063419)
   - Add Adelaide timezone to selectable timezones. (bsc#1063891)

   spacewalk-reports:

   - More rhnServerNetwork refactoring. (bsc#1063419)

   spacewalk-search:

   - RhnServerNetwork refactoring. (bsc#1063419)

   spacewalk-web:

   - Add user preferences in order to change items-per-page. (bsc#1055296)

   susemanager:

   - Support Open Enterprise Server 2018. (bsc#1060182)
   - Fixed bootstrap repository path for SLES4SAP version 12 and 12.1.
     (bsc#1062936)
   - Fix error message for database upgrade failure.
   - Check for sufficient diskspace in /var/lib/pgsql.
   - Notify admin that database backups need reconfiguration after db upgrade.

   susemanager-docs_en:

   - Update text and image files:
     - List Open Enterprise Server 2015, 2015 SP1, 2018 as supported clients.

   susemanager-schema:

   - Fix hostname schema upgrade. (bsc#1076622)
   - Fix duplicate entries in channel listings.
   - Handle nevra not found case while fixing duplicate evr ids. (bsc#1074508)
   - Enable 'Power Management' features on Salt minions.
   - Fix unique index for evr and capability and remove duplicates during
     migration. (bsc#1058110)
   - RhnServerNetwork refactoring. (bsc#1063419)
   - Add Adelaide timezone to selectable timezones. (bsc#1063891)

   susemanager-sls:

   - Python3 compatibility fixes in modules and states.
   - Fix failing certs state for Tumbleweed. (bsc#970630)
   - Fix deprecated SLS files to avoid deprecation warnings during highstate.
     (bsc#1041993)

   susemanager-sync-data:

   - Support Open Enterprise Server 2018. (bsc#1060182)
   - Fix description for HA channel. (bsc#1063588)
   - Add support for CAASP. (bsc#1052283)
   - Add IBM DLPAR channels to SLES for SAP SPx ppc64le. (bsc#1068057)
   - Remove Certification Module 12 from SP2 and SP3. (bsc#1066819)
   - Add SUSE Manager Server 3.0 and 3.1 channels for mirroring.
   - Support SLE-RT 12 SP3. (bsc#1063940)
   - Add SLE12 LTSS as extension to SLES for SAP 12. (bsc#1069615)
   - Remove OES2018 Debuginfo channels. (bsc#1071367)

   virtual-host-gatherer:

   - Add VM state as info gathered from VMware. (bsc#1063759)
   - Explore the entire tree of nodes from VMware. (bsc#1070597)
   - Skip safely VMs which have no config attribute on VMware. (bsc#1066923)

   How to apply this update: 1. Log in as root user to the SUSE Manager
   server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the
   patch using either zypper patch or YaST Online Update. 4. Upgrade the
   database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service:
   spacewalk-service start


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 3.0:

      zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2018-204=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Manager Server 3.0 (s390x x86_64):

      spacewalk-branding-2.5.2.16-16.9.1
      susemanager-3.0.25-25.9.1
      susemanager-tools-3.0.25-25.9.1

   - SUSE Manager Server 3.0 (noarch):

      nutch-1.0-0.9.8.1
      osa-common-5.11.64.4-4.3.1
      osa-dispatcher-5.11.64.4-4.3.1
      pxe-default-image-3.0-0.14.3.6
      pxe-default-image-debugsource-3.0-0.14.3.6
      spacecmd-2.5.5.10-16.12.1
      spacewalk-backend-2.5.24.15-26.14.1
      spacewalk-backend-app-2.5.24.15-26.14.1
      spacewalk-backend-applet-2.5.24.15-26.14.1
      spacewalk-backend-config-files-2.5.24.15-26.14.1
      spacewalk-backend-config-files-common-2.5.24.15-26.14.1
      spacewalk-backend-config-files-tool-2.5.24.15-26.14.1
      spacewalk-backend-iss-2.5.24.15-26.14.1
      spacewalk-backend-iss-export-2.5.24.15-26.14.1
      spacewalk-backend-libs-2.5.24.15-26.14.1
      spacewalk-backend-package-push-server-2.5.24.15-26.14.1
      spacewalk-backend-server-2.5.24.15-26.14.1
      spacewalk-backend-sql-2.5.24.15-26.14.1
      spacewalk-backend-sql-oracle-2.5.24.15-26.14.1
      spacewalk-backend-sql-postgresql-2.5.24.15-26.14.1
      spacewalk-backend-tools-2.5.24.15-26.14.1
      spacewalk-backend-xml-export-libs-2.5.24.15-26.14.1
      spacewalk-backend-xmlrpc-2.5.24.15-26.14.1
      spacewalk-base-2.5.7.20-25.12.1
      spacewalk-base-minimal-2.5.7.20-25.12.1
      spacewalk-base-minimal-config-2.5.7.20-25.12.1
      spacewalk-client-tools-2.5.13.9-18.3.3
      spacewalk-html-2.5.7.20-25.12.1
      spacewalk-java-2.5.59.19-27.12.3
      spacewalk-java-config-2.5.59.19-27.12.3
      spacewalk-java-lib-2.5.59.19-27.12.3
      spacewalk-java-oracle-2.5.59.19-27.12.3
      spacewalk-java-postgresql-2.5.59.19-27.12.3
      spacewalk-reports-2.5.1.4-4.6.1
      spacewalk-search-2.5.2.4-4.6.1
      spacewalk-taskomatic-2.5.59.19-27.12.3
      susemanager-advanced-topics_en-pdf-3-25.11.3
      susemanager-best-practices_en-pdf-3-25.11.3
      susemanager-docs_en-3-25.11.3
      susemanager-getting-started_en-pdf-3-25.11.3
      susemanager-jsp_en-3-25.11.3
      susemanager-reference_en-pdf-3-25.11.3
      susemanager-schema-3.0.24-25.11.1
      susemanager-sls-0.1.25-27.12.1
      susemanager-sync-data-3.0.19-28.6.1
      virtual-host-gatherer-1.0.16-7.6.1
      virtual-host-gatherer-VMware-1.0.16-7.6.1


References:

   https://www.suse.com/security/cve/CVE-2017-5715.html
   https://www.suse.com/security/cve/CVE-2017-5753.html
   https://www.suse.com/security/cve/CVE-2017-5754.html
   https://bugzilla.suse.com/1015956
   https://bugzilla.suse.com/1041993
   https://bugzilla.suse.com/1045141
   https://bugzilla.suse.com/1052283
   https://bugzilla.suse.com/1055296
   https://bugzilla.suse.com/1058110
   https://bugzilla.suse.com/1060182
   https://bugzilla.suse.com/1061273
   https://bugzilla.suse.com/1061574
   https://bugzilla.suse.com/1062936
   https://bugzilla.suse.com/1063419
   https://bugzilla.suse.com/1063588
   https://bugzilla.suse.com/1063759
   https://bugzilla.suse.com/1063891
   https://bugzilla.suse.com/1063940
   https://bugzilla.suse.com/1064393
   https://bugzilla.suse.com/1065259
   https://bugzilla.suse.com/1065676
   https://bugzilla.suse.com/1065844
   https://bugzilla.suse.com/1066404
   https://bugzilla.suse.com/1066663
   https://bugzilla.suse.com/1066819
   https://bugzilla.suse.com/1066923
   https://bugzilla.suse.com/1068032
   https://bugzilla.suse.com/1068057
   https://bugzilla.suse.com/1069615
   https://bugzilla.suse.com/1069943
   https://bugzilla.suse.com/1070372
   https://bugzilla.suse.com/1070597
   https://bugzilla.suse.com/1071314
   https://bugzilla.suse.com/1071367
   https://bugzilla.suse.com/1071553
   https://bugzilla.suse.com/1073713
   https://bugzilla.suse.com/1073739
   https://bugzilla.suse.com/1074508
   https://bugzilla.suse.com/1075044
   https://bugzilla.suse.com/1076622
   https://bugzilla.suse.com/970630
   https://bugzilla.suse.com/979633



More information about the sle-security-updates mailing list