SUSE-SU-2020:3824-1: moderate: Security Beta update for SUSE Manager Client Tools

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Dec 15 16:21:47 MST 2020


   SUSE Security Update: Security Beta update for SUSE Manager Client Tools
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:3824-1
Rating:             moderate
References:         #1003449 #1013876 #1013938 #1015882 #1024406 
                    #1027426 #1044719 #1063419 #1070372 #1076578 
                    #1080290 #1081151 #1083294 #1085667 #1088070 
                    #1094190 #1103090 #1103696 #1104034 #1109023 
                    #1111542 #1125610 #1125744 #1127389 #1129243 
                    #1130077 #1135881 #1138454 #1148311 #1153090 
                    #1153277 #1154940 #1155372 #1163871 #1167907 
                    #1169664 #1171281 #1171687 #1172709 #1173557 
                    #1175889 #769106 #769108 #776615 #879904 
                    #887879 #889605 #892707 #902494 #908849 #926318 
                    #932288 #945380 #948245 #977264 #987798 
Affected Products:
                    Debian 9.0-CLIENT-TOOLS-BETA
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This update fixes the following issues:

   spacecmd:

   - Update translations
   - Fix: make spacecmd build on Debian
   - Python3 fixes for errata in spacecmd (bsc#1169664)
   - Added support for i18n of user-facing strings
   - Python3 fix for sorted usage (bsc#1167907)
   - Fix softwarechannel_listlatestpackages throwing error on empty channels
     (bsc#1175889)
   - Add Service Pack migration operations (bsc#1173557)
   - Fix softwarechannel update for vendor channels (bsc#1172709)
   - Update package version to 4.2.0
   - fix escaping of package names (bsc#1171281)
   - only report real error, not result (bsc#1171687)
   - use defined return values for spacecmd methods so scripts can check for
     failure (bsc#1171687)
   - disable globbing for api subcommand to allow wildcards in filter
     settings (bsc#1163871)
   - Bugfix: attempt to purge SSM when it is empty (bsc#1155372)
   - Bump version to 4.1.0 (bsc#1154940)
   - Prevent error when piping stdout in Python 2 (bsc#1153090)
   - Java api expects content as encoded string instead of encoded bytes like
     before (bsc#1153277)
   - Enable building and installing for Ubuntu 16.04 and Ubuntu 18.04
   - Fix building and installing on CentOS8/RES8/RHEL8
   - Check that a channel doesn't have clones before deleting it (bsc#1138454)
   - Add unit test for schedule, errata, user, utils, misc, configchannel and
     kickstart modules
   - Multiple minor bugfixes alongside the unit tests
   - Fix missing runtime dependencies that made spacecmd return old versions
     of packages in some cases, even if newer ones were available
     (bsc#1148311)
   - Bugfix: referenced variable before assignment.
   - Add unit test for report, package, org, repo and group
   - Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
   - Add unit tests for custominfo, snippet, scap, ssm, cryptokey and
     distribution
   - add unit tests for spacecmd.api, spacecmd.activationkey and
     spacecmd.filepreservation
   - add unit tests for spacecmd.shell
   - Save SSM list on system delete and update cache (bsc#1130077,
     bsc#1125744)
   - add makefile and pylint configuration
   - Add Pylint setup
   - Replace iteritems with items for python2/3 compat (bsc#1129243)
   - fix python 3 bytes issue when handling config channels
   - Add '--force', '-f' option to regenerateYumCache (bsc#1127389)
   - Prevent spacecmd crashing when piping the output in Python 3
     (bsc#1125610)
   - Fix compatibility with Python 3
   - Fix importing state channels using configchannel_import
   - Fix getting file info for latest revision (via configchannel_filedetails)
   - Add function to merge errata and packages through spacecmd (bsc#987798)
   - show group id on group_details (bsc#1111542)
   - State channels handling: Existing commands configchannel_create and
     configchannel_import were updated while
     system_scheduleapplyconfigchannels and configchannel_updateinitsls were
     added.
   - add summary to softwarechannel.clone when calling older API versions
     (bsc#1109023)
   - New function/Update old functions to handle state channels as well
   - Bump version to 4.0.0 (bsc#1104034)
   - Fix copyright for the package specfile (bsc#1103696)
   - Suggest not to use password option for spacecmd (bsc#1103090)
   - add option to set cleanup type for system_delete (bsc#1094190)
   - Sync with upstream (bsc#1083294)
   - Sync with upstream (bsc#1083294)
   - 1539878 - add save_cache to do_ssm_intersect
   - Fix softwarechannel_listsyncschedule
   - Disable pylint for python2 and RES < 8 (bsc#1088070)
   - Sync with upstream (bsc#1083294)
   - Connect to API using FQDN instead of hostname to avoid SSL validation
     problems (bsc#1085667)
   - 1536484 - Command spacecmd supports utf8 name of systems
   - 1484056 - updatefile and addfile are basically same calls
   - 1484056 - make configchannel_addfile fully non-interactive
   - 1445725 - display all checksum types, not just MD5
   - remove clean section from spec (bsc#1083294)
   - Added function to update software channel. Moreover, some refactoring
     has been done (bsc#1076578)
   - add more python3 compatibility changes
   - Compatibility with Python 3
   - Fix typo (bsc#1081151)
   - Configure gpg_flag via spacecmd creating a channel (bsc#1080290)
   - Allow scheduling the change of software channels as an action. The
     previous channels remain accessible to the registered system until the
     action is executed. to the registered system until the action is
     executed.
   - support multiple FQDNs per system (bsc#1063419)
   - Fix bsc number for change 'configchannel export binary flag to json'
   - add --config option to spacecmd
   - Added custom JSON encoder in order to parse date fields correctly
     (bsc#1070372)
   - pylint - fix intendation
   - fix build with python 3
   - show list of arches for channel
   - allow softwarechannel_setsyncschedule to disable schedule
   - add softwarechannel_setsyncschedule --latest
   - in case of system named by id, let id take precedence
   - Make spacecmd prompt for password when overriding config file user
   - show less output of common packages in selected channels
   - adding softwarechannel_listmanageablechannels
   - Switched logging from warning to debug
   - configchannel export binary flag to json (bsc#1044719)
   - spacecmd report_outofdatesystems: avoid one XMLRPC call per system
     (bsc#1015882)
   - Remove debug logging from softwarechannel_sync function
   - Remove get_certificateexpiration support in spacecmd (bsc#1013876)
   - Adding softwarechannel_listmanageablechannels
   - fix syntax error
   - make sure to know if we get into default function and exit accordingly
   - exit with 1 with incorrect command, wrong server, etc.
   - Updated links to github in spec files
   - print also systemdid with system name
   - improve output on error for listrepo (bsc#1027426)
   - print profile_name instead of string we're searching for
   - Fix: reword spacecmd removal msg (bsc#1024406)
   - Fix interactive mode
   - Add a type parameter to repo_create
   - Removed obsolete code (bsc#1013938)
   - Make exception class more generic and code fixup (bsc#1003449)
   - Handle exceptions raised by listChannels (bsc#1003449)
   - Alert if a non-unique package ID is detected
   - make spacecmd createRepo compatible with SUSE Manager 2.1 API
     (bsc#977264)
   - mimetype detection to set the binary flag requires 'file' tool
   - Text description missing for remote command by Spacecmd
   - spacecmd: repo_details show 'None' if repository doesn't have SSL
     Certtificate
   - spacecmd: Added functions to add/edit SSL certificates for repositories
   - build spacecmd noarch only on new systems
   - mimetype detection to set the binary flag requires 'file' tool
   - fix export/cloning: always base64
   - Always base64 encode to avoid trim() bugs in the XML-RPC library.
   - set binary mode on uploaded files based on content (bsc#948245)
   - drop monitoring
   - replace upstream subscription counting with new subscription matching
     (FATE#311619)
   - Revert "1207606 - do not return one package multiple times" (bsc#945380)
   - check for existence of device description in spacecmd
     system_listhardware (bsc#932288)
   - do not escape spacecmd command arguments
   - do not return one package multiple times
   - add system_setcontactmethod (FATE#314858)
   - add activationkey_setcontactmethod (FATE#314858)
   - show contact method with activationkey_details and system_details
   - clone config files without loosing trailing new lines (bsc#926318)
   - sanitize data from export
   - fix configchannel export - do not create 'contents' key for directories
     (bsc#908849)
   - fix patch summary printing
   - code cleanup
   - add new function kickstart_getsoftwaredetails
   - Added feature to get installed packageversion of a system or systems
     managed by ssm to spacecmd
   - call listAutoinstallableChannels() for listing distributions (bsc#887879)
   - Fix spacecmd schedule listing (bsc#902494)
   - Teach spacecmd report_errata to process all-errata in the absence of
     further args
   - fix call of setCustomOptions() during kickstart_importjson (bsc#879904)
   - spacecmd: fix listupgrades (bsc#892707)
   - make print_result a static method of SpacewalkShell (bsc#889605)
   - Added option to force deployment of a config channel to all subscribed
     systems
   - Added last boot message in system_details command
   - Updated kickstart_import documentation
   - Added kickstart_import_raw command
   - set output encoding when stdout is not a tty
   - make file_needs_b64_enc work for both str and unicode inputs
   - Updating the copyright years info
   - fix spacecmd, so it does not expect package id within the
     system.listPackages API call
   - fix binary file detection
   - added function package_listdependencies
   - don't attempt to write out 'None'
   - fix system listing when identified by system id
   - fixing spacecmd ssm 'list' has no attribute 'keys' error
   - spacecmd errors out when trying to add script to kickstart
   - Make spacecmd able to specify config channel label
   - fix directory export in configchannel_export
   - use 755 as default permissions for directories in configfile_getinfo
   - fix directory creation in configchannel_addfile
   - print the list of systems in system_runscript
   - print the list of systems in system_reboot
   - return a unique set from expand_systems
   - print a clearer error message when duplicate system names are found
   - standardize the behavior for when a system ID is not returned
   - add a delay before regenerating the system cache after a delete
   - handle binary files correctly in configfile_getinfo
   - print the name in the confirmation message of snippet_create
   - don't reuse variable names in parse_arguments
   - print the function's help message when -h in the argument list
   - print file path in package_details
   - fixing broken export of configchannels with symlinks
   - prevent outputting escape sequences to non-terminals
   - Fixed small typo in spacecmd/src/lib/kickstart.py
   - do not quote argument of the help command (bsc#776615)
   - Fix kickstart_export with old API versions
   - command line parameter for "distribution path" was documented wrong in
     help text (bsc#769106)
   - "suse" was missing in the helptext of the CLI for distributions
     (bsc#769108)
   - enhancement add configchannel_sync
   - enhancement add softwarechannel_sync
   - fixing chroot option for addscript
   - kickstart_getcontents fix character encoding error
   - activationkey_import don't add empty package/group lists
   - fix activationkey_import when no base-channel specified
   - Fix reference to non-existent variable
   - improve configchannel_export operation on old API versions
   - *diff functions allow python 2.4 compatibility
   - changed get_string_diff_dicts to better fitting replacement method
   - remove reference to stage function
   - add do_SPACEWALKCOMPONENT_diff functions
   - system_comparewithchannel filter system packagelist
   - argument validation needed for configchannel_addfile
   - configchannel_addfile don't display b64 file contents
   - enhancement add system_addconfigfile
   - Fix usage for configchannel_addfile
   - enhancement Add system_listconfigfiles
   - add option to allow templating for spacecmd kickstarting
   - softwarechannel_clone avoid ISE on duplicate name
   - softwarechannel_adderrata mergeErrata should be cloneErrataAsOriginal
   - Add globbing support to distribution_details
   - Add globbing support to distribution_delete
   - Cleanup some typos in comments
   - custominfo_details add support for globbing key names
   - custominfo_deletekey add support for globbing key names
   - Add cryptokey_details globbing support
   - cryptokey_delete add support for globbing
   - Workaround missing date key in recent spacewalk listErrata
   - Add validation to softwarechannel_adderrata channel args
   - softwarechannel_adderrata add --skip mode
   - Add --quick mode to softwarechannel_adderrata
   - Allow config-channel export of b64 encoded files
   - Update the spacecmd copyright years


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - Debian 9.0-CLIENT-TOOLS-BETA:

      zypper in -t patch SUSE-Debian-9.0-CLIENT-TOOLS-BETA-x86_64-2020-3824=1



Package List:

   - Debian 9.0-CLIENT-TOOLS-BETA (all):

      salt-common-3000+ds-1+2.3.1
      salt-minion-3000+ds-1+2.3.1
      spacecmd-4.2.3-2.3.1


References:

   https://bugzilla.suse.com/1003449
   https://bugzilla.suse.com/1013876
   https://bugzilla.suse.com/1013938
   https://bugzilla.suse.com/1015882
   https://bugzilla.suse.com/1024406
   https://bugzilla.suse.com/1027426
   https://bugzilla.suse.com/1044719
   https://bugzilla.suse.com/1063419
   https://bugzilla.suse.com/1070372
   https://bugzilla.suse.com/1076578
   https://bugzilla.suse.com/1080290
   https://bugzilla.suse.com/1081151
   https://bugzilla.suse.com/1083294
   https://bugzilla.suse.com/1085667
   https://bugzilla.suse.com/1088070
   https://bugzilla.suse.com/1094190
   https://bugzilla.suse.com/1103090
   https://bugzilla.suse.com/1103696
   https://bugzilla.suse.com/1104034
   https://bugzilla.suse.com/1109023
   https://bugzilla.suse.com/1111542
   https://bugzilla.suse.com/1125610
   https://bugzilla.suse.com/1125744
   https://bugzilla.suse.com/1127389
   https://bugzilla.suse.com/1129243
   https://bugzilla.suse.com/1130077
   https://bugzilla.suse.com/1135881
   https://bugzilla.suse.com/1138454
   https://bugzilla.suse.com/1148311
   https://bugzilla.suse.com/1153090
   https://bugzilla.suse.com/1153277
   https://bugzilla.suse.com/1154940
   https://bugzilla.suse.com/1155372
   https://bugzilla.suse.com/1163871
   https://bugzilla.suse.com/1167907
   https://bugzilla.suse.com/1169664
   https://bugzilla.suse.com/1171281
   https://bugzilla.suse.com/1171687
   https://bugzilla.suse.com/1172709
   https://bugzilla.suse.com/1173557
   https://bugzilla.suse.com/1175889
   https://bugzilla.suse.com/769106
   https://bugzilla.suse.com/769108
   https://bugzilla.suse.com/776615
   https://bugzilla.suse.com/879904
   https://bugzilla.suse.com/887879
   https://bugzilla.suse.com/889605
   https://bugzilla.suse.com/892707
   https://bugzilla.suse.com/902494
   https://bugzilla.suse.com/908849
   https://bugzilla.suse.com/926318
   https://bugzilla.suse.com/932288
   https://bugzilla.suse.com/945380
   https://bugzilla.suse.com/948245
   https://bugzilla.suse.com/977264
   https://bugzilla.suse.com/987798



More information about the sle-security-updates mailing list