SUSE-SU-2017:2964-1: moderate: Security update for SUSE Manager Server 3.0
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Nov 10 01:10:07 MST 2017
SUSE Security Update: Security update for SUSE Manager Server 3.0
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:2964-1
Rating: moderate
References: #1019097 #1021432 #1032065 #1032122 #1038862
#1040420 #1041489 #1042265 #1043880 #1044719
#1045152 #1048294 #1048295 #1049139 #1053038
#1054044 #1054902 #1055292 #1055467 #1056358
#1056678 #1057126 #1057599 #1059201 #1059319
#1059388 #1059524 #1059568 #1061548 #1061574
#1061576 #1062094 #1062476 #1063590 #1065085
#729910 #971785 #971916 #989991
Cross-References: CVE-2017-7514
Affected Products:
SUSE Manager Server 3.0
______________________________________________________________________________
An update that solves one vulnerability and has 38 fixes is
now available.
Description:
This update fixes the following issues:
nutch:
- Log Hadoop into proper log dir (bsc#1061574):
change-default-log-location.patch
salt-netapi-client:
See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.13.0
spacecmd:
- Configchannel export binary flag to json (bsc#1044719)
spacewalk:
- Support postgresql 9.6 (bsc#1045152)
spacewalk-backend:
- Add hostname to duplicate machine_id email (bsc#1055292)
- Fix link to manual and described procedure
- Fix SP migration for traditional clients which were registered by a
currently disabled user (bsc#1057126)
spacewalk-branding:
- Disallow entering multiple identical mirror credentials (bsc#971785)
- Fix ISE error with invalid custom key id (bsc#1048294)
spacewalk-certs-tools:
- Do not use registration keys from last autoinstallation (bsc#1057599)
spacewalk-java:
- Disallow entering multiple identical mirror credentials (bsc#971785)
- Fix ISE error with invalid custom key id (bsc#1048294)
- Skip the server if no channel can be guessed (bsc#1040420)
- Keep the GPG Check value if validation fails (bsc#1061548)
- Make systems in system group list selectable by the group admins
(bsc#1021432)
- Hide non-relevant typed systems in SystemCurrency (bsc#1019097)
- Exclude salt systems from the list of target systems for traditional
configuration stack installation
- Start registration for accepted minions only on the minion start event,
not automatically on any event (bsc#1054044)
- Extract proxy version from named installed product (bsc#1055467)
- Install update stack erratas as a package list (bsc#1049139)
- Schedule one action for all selected patches on RHEL (bsc#1038862)
- Improve duplicate hostname and transaction handling in minion
registration
- Display GUI message after successfully deleting custom key (bsc#1048295)
- Harmonize presentation of patch information (bsc#1032065)
- Fix links on schedule pages (bsc#1059201)
- Fix duplicate machine id in event history on minion restart (bsc#1059388)
- Show link in message when rescheduling actions (bsc#1032122)
- Prevent ISE when distribution does not exist (bsc#1059524)
- Do not store registration-keys during autoinstallation (bsc#1057599)
- Fix cloning Kickstart Profiles with Custom Options (bsc#1061576)
- Checkin the foreign host if a s390 minion finished a job (bsc#971916)
- Increase max length of hardware address to 32 bytes (bsc#989991)
- Adapt Salt runner and wheel calls to the new error handling introduced
in salt-netapi-client-0.12.0
- Change log level and event history for duplicate machine id
(bsc#1041489)
- Trim spaces around the target expression in the Salt remote command page
(bsc#1056678)
- Fix a ConstraintViolationException when refreshing hardware with changed
network interfaces or IP addresses
- Check entitlement usage based on grains when onboarding a minion
(bsc#1043880)
- Escape failure-text of failed-actions (CVE-2017-7514, bsc#1042265)
- Fix minor UI issues on overview page (bsc#1063590)
spacewalk-reports:
- Add machine_id and minion_id to system-profiles and inventory report
(bsc#1054902)
spacewalk-web:
- Disallow entering multiple identical mirror credentials (bsc#971785)
supportutils-plugin-susemanager:
- Use correct function validate_rpm for supportconfig (bsc#1062094)
susemanager:
- Add 'yum-plugin-security' package to RES6 bootstrap rep (bsc#1059319)
- Ensure postgres db template uses unicode (bsc#1062476)
susemanager-docs_en:
- Update text and image files.
- Fix some version strings (bsc#1065085)
release-notes-susemanager:
- Enable SUSE Linux Enterprise 12 SP3 as base OS
susemanager-schema:
- Re-create unique index on minion_id (bsc#1059568, bsc#1056358)
- Increase max length of hardware address to 32 bytes (bsc#989991)
susemanager-sls:
- Targeting patches instead of packages for non Zypper patch installation
(bsc#1038862)
- Support xccdf 1.2 namespace in openscap result file (bsc#1059319)
- Fix create empty top.sls with no-op (bsc#1053038)
- Enabling certificate deployment for Leap 42.3 clients which is needed
for bootstrapping
How to apply this update: 1. Log in as root user to the SUSE Manager
server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the
patch using either zypper patch or YaST Online Update. 4. Upgrade the
database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service:
spacewalk-service start
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager Server 3.0:
zypper in -t patch SUSE-SUSE-Manager-Server-3.0-2017-1840=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager Server 3.0 (s390x x86_64):
release-notes-susemanager-3.0.9-0.53.9.2
spacewalk-branding-2.5.2.15-16.6.4
susemanager-3.0.24-25.6.4
susemanager-tools-3.0.24-25.6.4
- SUSE Manager Server 3.0 (noarch):
nutch-1.0-0.9.5.4
salt-netapi-client-0.13.0-16.6.4
spacecmd-2.5.5.9-16.9.4
spacewalk-backend-2.5.24.14-26.11.4
spacewalk-backend-app-2.5.24.14-26.11.4
spacewalk-backend-applet-2.5.24.14-26.11.4
spacewalk-backend-config-files-2.5.24.14-26.11.4
spacewalk-backend-config-files-common-2.5.24.14-26.11.4
spacewalk-backend-config-files-tool-2.5.24.14-26.11.4
spacewalk-backend-iss-2.5.24.14-26.11.4
spacewalk-backend-iss-export-2.5.24.14-26.11.4
spacewalk-backend-libs-2.5.24.14-26.11.4
spacewalk-backend-package-push-server-2.5.24.14-26.11.4
spacewalk-backend-server-2.5.24.14-26.11.4
spacewalk-backend-sql-2.5.24.14-26.11.4
spacewalk-backend-sql-oracle-2.5.24.14-26.11.4
spacewalk-backend-sql-postgresql-2.5.24.14-26.11.4
spacewalk-backend-tools-2.5.24.14-26.11.4
spacewalk-backend-xml-export-libs-2.5.24.14-26.11.4
spacewalk-backend-xmlrpc-2.5.24.14-26.11.4
spacewalk-base-2.5.7.19-25.9.4
spacewalk-base-minimal-2.5.7.19-25.9.4
spacewalk-base-minimal-config-2.5.7.19-25.9.4
spacewalk-certs-tools-2.5.1.11-21.6.4
spacewalk-common-2.5.0.7-4.6.4
spacewalk-html-2.5.7.19-25.9.4
spacewalk-java-2.5.59.18-27.9.4
spacewalk-java-config-2.5.59.18-27.9.4
spacewalk-java-lib-2.5.59.18-27.9.4
spacewalk-java-oracle-2.5.59.18-27.9.4
spacewalk-java-postgresql-2.5.59.18-27.9.4
spacewalk-oracle-2.5.0.7-4.6.4
spacewalk-postgresql-2.5.0.7-4.6.4
spacewalk-reports-2.5.1.3-4.3.4
spacewalk-taskomatic-2.5.59.18-27.9.4
supportutils-plugin-susemanager-3.0.5-2.3.4
susemanager-advanced-topics_en-pdf-3-25.8.2
susemanager-best-practices_en-pdf-3-25.8.2
susemanager-docs_en-3-25.8.2
susemanager-getting-started_en-pdf-3-25.8.2
susemanager-jsp_en-3-25.8.2
susemanager-reference_en-pdf-3-25.8.2
susemanager-schema-3.0.22-25.6.4
susemanager-sls-0.1.24-27.9.4
References:
https://www.suse.com/security/cve/CVE-2017-7514.html
https://bugzilla.suse.com/1019097
https://bugzilla.suse.com/1021432
https://bugzilla.suse.com/1032065
https://bugzilla.suse.com/1032122
https://bugzilla.suse.com/1038862
https://bugzilla.suse.com/1040420
https://bugzilla.suse.com/1041489
https://bugzilla.suse.com/1042265
https://bugzilla.suse.com/1043880
https://bugzilla.suse.com/1044719
https://bugzilla.suse.com/1045152
https://bugzilla.suse.com/1048294
https://bugzilla.suse.com/1048295
https://bugzilla.suse.com/1049139
https://bugzilla.suse.com/1053038
https://bugzilla.suse.com/1054044
https://bugzilla.suse.com/1054902
https://bugzilla.suse.com/1055292
https://bugzilla.suse.com/1055467
https://bugzilla.suse.com/1056358
https://bugzilla.suse.com/1056678
https://bugzilla.suse.com/1057126
https://bugzilla.suse.com/1057599
https://bugzilla.suse.com/1059201
https://bugzilla.suse.com/1059319
https://bugzilla.suse.com/1059388
https://bugzilla.suse.com/1059524
https://bugzilla.suse.com/1059568
https://bugzilla.suse.com/1061548
https://bugzilla.suse.com/1061574
https://bugzilla.suse.com/1061576
https://bugzilla.suse.com/1062094
https://bugzilla.suse.com/1062476
https://bugzilla.suse.com/1063590
https://bugzilla.suse.com/1065085
https://bugzilla.suse.com/729910
https://bugzilla.suse.com/971785
https://bugzilla.suse.com/971916
https://bugzilla.suse.com/989991
More information about the sle-security-updates
mailing list