SUSE-SU-2020:14570-1: moderate: Security Beta update for SUSE Manager Client Tools
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Dec 15 16:43:28 MST 2020
SUSE Security Update: Security Beta update for SUSE Manager Client Tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:14570-1
Rating: moderate
References: #1167907 #1169664 #1171281 #1172709 #1173557
#1173584 #1174405 #1174965 #1175889 #1176978
#1177928 #1178319 #1178361 #1178362
Cross-References: CVE-2020-16846 CVE-2020-17490 CVE-2020-25592
Affected Products:
SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA
SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA
______________________________________________________________________________
An update that solves three vulnerabilities and has 11
fixes is now available.
Description:
This update fixes the following issues:
cobbler:
- Fix parsing cobbler dictionary options with values containing "=", e.g.
kernel params containing "=" (bsc#1176978)
golang-github-wrouesnel-postgres_exporter:
- Enable package building for ppc64le
mgr-cfg:
- Update package version to 4.2.0
mgr-custom-info:
- Update package version to 4.2.0
mgr-daemon:
- Added quotes around %{_vendor} token for the if statements in spec file.
- Fix removal of mgr-deamon with selinux enabled (bsc#1177928)
- Updating translations from weblate
- Remove duplicate languages and update translation strings
mgr-osad:
- Python fixes
- Removal of RHEL5
- Move uyuni-base-common dependency from mgr-osad to mgr-osa-dispatcher
(bsc#1174405)
mgr-push:
- Defined __python for python2.
- Excluded RHEL8 for Python 2 build.
mgr-virtualization:
- Update package version to 4.2.0
rhnlib:
- Update package version to 4.2.0
salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt
API (bsc#1178319, bsc#1178362, bsc#1178361) (CVE-2020-25592,
CVE-2020-17490, CVE-2020-16846)
spacecmd:
- Update translations
- Fix: make spacecmd build on Debian
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
- Fix softwarechannel_listlatestpackages throwing error on empty channels
(bsc#1175889)
- Add Service Pack migration operations (bsc#1173557)
- Fix softwarechannel update for vendor channels (bsc#1172709)
- Fix escaping of package names (bsc#1171281)
spacewalk-client-tools:
- Updated RHEL Python requirements.
- Added quotes around %{_vendor}.
- Remove RH references in Python/Ruby localization and use the product
name instead
- Updating translations from weblate
- Remove duplicated languages and update translation strings
spacewalk-koan:
- Adjust ownership of some tests files to fix them
- Fix for spacewalk-koan test
spacewalk-oscap:
- Update package version to 4.2.0
spacewalk-remote-utils:
- Update package version to 4.2.0
supportutils-plugin-susemanager-client:
- Remove checks for obsolete packages
- Gather new configfiles
- Add more important informations
suseRegisterInfo:
- Adapted for RHEL build.
- Enhance RedHat product detection for CentOS and OracleLinux (bsc#1173584)
uyuni-base:
- Added RHEL8 compatibility.
uyuni-common-libs:
- Cleaning up unused Python 2 build leftovers.
- Disabled debug package build.
- Fix issues importing RPM packages with long RPM headers (bsc#1174965)
zypp-plugin-spacewalk:
- Support "allow vendor change" for dist upgrades
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA:
zypper in -t patch slesctsp4-client-tools-beta-202012-14570=1
- SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA:
zypper in -t patch slesctsp3-client-tools-beta-202012-14570=1
Package List:
- SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA (i586 ia64 ppc64 s390x x86_64):
koan-2.2.2-0.72.9.3
libyaml-0-2-0.1.3-0.10.28.3.2
libzmq3-4.0.4-6.3.2
mgr-cfg-4.2.1-8.9.2
mgr-cfg-actions-4.2.1-8.9.2
mgr-cfg-client-4.2.1-8.9.2
mgr-cfg-management-4.2.1-8.9.2
mgr-custom-info-4.2.1-8.6.2
mgr-daemon-4.2.4-8.6.2
mgr-osad-4.2.2-8.9.3
mgr-push-4.2.2-8.6.2
mgr-virtualization-host-4.2.1-8.6.3
python-Jinja2-2.6-2.23.3.2
python-MarkupSafe-0.18-0.12.3.2
python-backports.ssl_match_hostname-3.4.0.2-7.3.2
python-certifi-2015.9.6.2-7.3.2
python-futures-2.1.3-0.10.3.2
python-jabberpy-0.5-0.17.3.2
python-msgpack-python-0.4.6-6.3.2
python-psutil-1.2.1-0.10.3.2
python-pycrypto-2.6.1-9.3.2
python-pyinotify-0.9.6-6.3.2
python-pyzmq-14.0.0-6.3.2
python-requests-2.0.1-0.18.3.2
python-simplejson-2.1.1-1.16.3.2
python-tornado-4.2.1-9.3.2
python-yaml-3.09-0.12.3.2
python2-mgr-cfg-4.2.1-8.9.2
python2-mgr-cfg-actions-4.2.1-8.9.2
python2-mgr-cfg-client-4.2.1-8.9.2
python2-mgr-cfg-management-4.2.1-8.9.2
python2-mgr-osa-common-4.2.2-8.9.3
python2-mgr-osad-4.2.2-8.9.3
python2-mgr-push-4.2.2-8.6.2
python2-mgr-virtualization-common-4.2.1-8.6.3
python2-mgr-virtualization-host-4.2.1-8.6.3
python2-rhnlib-4.2.1-15.9.2
python2-spacewalk-check-4.2.4-30.18.2
python2-spacewalk-client-setup-4.2.4-30.18.2
python2-spacewalk-client-tools-4.2.4-30.18.2
python2-spacewalk-koan-4.2.3-12.6.2
python2-spacewalk-oscap-4.2.1-9.6.3
python2-suseRegisterInfo-4.2.2-9.9.2
python2-uyuni-common-libs-4.2.2-7.15.2
python2-zypp-plugin-spacewalk-1.0.8-30.9.2
salt-2016.11.10-46.12.3
salt-doc-2016.11.10-46.12.3
salt-minion-2016.11.10-46.12.3
spacecmd-4.2.3-21.12.2
spacewalk-backend-libs-4.0.31-31.3.2
spacewalk-check-4.2.4-30.18.2
spacewalk-client-setup-4.2.4-30.18.2
spacewalk-client-tools-4.2.4-30.18.2
spacewalk-koan-4.2.3-12.6.2
spacewalk-oscap-4.2.1-9.6.3
spacewalk-usix-4.0.9-6.3.2
suseRegisterInfo-4.2.2-9.9.2
uyuni-base-common-4.2.2-7.6.2
zypp-plugin-spacewalk-1.0.8-30.9.2
- SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA (i586 x86_64):
golang-github-prometheus-node_exporter-0.18.1-8.6.2
golang-github-wrouesnel-postgres_exporter-0.4.7-8.6.2
- SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS-BETA (noarch):
kiwi-desc-saltboot-0.1.1585064259.12b97ef-8.9.2
spacewalk-remote-utils-4.2.1-9.6.2
supportutils-plugin-salt-1.1.4-9.3.2
supportutils-plugin-susemanager-client-4.2.2-12.9.2
- SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA (i586 ia64 ppc64 s390x x86_64):
koan-2.2.2-0.72.9.3
libyaml-0-2-0.1.3-0.10.28.3.2
libzmq3-4.0.4-6.3.2
mgr-cfg-4.2.1-8.9.2
mgr-cfg-actions-4.2.1-8.9.2
mgr-cfg-client-4.2.1-8.9.2
mgr-cfg-management-4.2.1-8.9.2
mgr-custom-info-4.2.1-8.6.2
mgr-daemon-4.2.4-8.6.2
mgr-osad-4.2.2-8.9.3
mgr-push-4.2.2-8.6.2
mgr-virtualization-host-4.2.1-8.6.3
python-Jinja2-2.6-2.23.3.2
python-MarkupSafe-0.18-0.12.3.2
python-backports.ssl_match_hostname-3.4.0.2-7.3.2
python-certifi-2015.9.6.2-7.3.2
python-futures-2.1.3-0.10.3.2
python-jabberpy-0.5-0.17.3.2
python-msgpack-python-0.4.6-6.3.2
python-psutil-1.2.1-0.10.3.2
python-pycrypto-2.6.1-9.3.2
python-pyinotify-0.9.6-6.3.2
python-pyzmq-14.0.0-6.3.2
python-requests-2.0.1-0.18.3.2
python-simplejson-2.1.1-1.16.3.2
python-tornado-4.2.1-9.3.2
python-yaml-3.09-0.12.3.2
python2-mgr-cfg-4.2.1-8.9.2
python2-mgr-cfg-actions-4.2.1-8.9.2
python2-mgr-cfg-client-4.2.1-8.9.2
python2-mgr-cfg-management-4.2.1-8.9.2
python2-mgr-osa-common-4.2.2-8.9.3
python2-mgr-osad-4.2.2-8.9.3
python2-mgr-push-4.2.2-8.6.2
python2-mgr-virtualization-common-4.2.1-8.6.3
python2-mgr-virtualization-host-4.2.1-8.6.3
python2-rhnlib-4.2.1-15.9.2
python2-spacewalk-check-4.2.4-30.18.2
python2-spacewalk-client-setup-4.2.4-30.18.2
python2-spacewalk-client-tools-4.2.4-30.18.2
python2-spacewalk-koan-4.2.3-12.6.2
python2-spacewalk-oscap-4.2.1-9.6.3
python2-suseRegisterInfo-4.2.2-9.9.2
python2-uyuni-common-libs-4.2.2-7.15.2
python2-zypp-plugin-spacewalk-1.0.8-30.9.2
salt-2016.11.10-46.12.3
salt-doc-2016.11.10-46.12.3
salt-minion-2016.11.10-46.12.3
spacecmd-4.2.3-21.12.2
spacewalk-backend-libs-4.0.31-31.3.2
spacewalk-check-4.2.4-30.18.2
spacewalk-client-setup-4.2.4-30.18.2
spacewalk-client-tools-4.2.4-30.18.2
spacewalk-koan-4.2.3-12.6.2
spacewalk-oscap-4.2.1-9.6.3
spacewalk-usix-4.0.9-6.3.2
suseRegisterInfo-4.2.2-9.9.2
uyuni-base-common-4.2.2-7.6.2
zypp-plugin-spacewalk-1.0.8-30.9.2
- SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA (i586 x86_64):
golang-github-prometheus-node_exporter-0.18.1-8.6.2
golang-github-wrouesnel-postgres_exporter-0.4.7-8.6.2
- SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS-BETA (noarch):
kiwi-desc-saltboot-0.1.1585064259.12b97ef-8.9.2
spacewalk-remote-utils-4.2.1-9.6.2
supportutils-plugin-salt-1.1.4-9.3.2
supportutils-plugin-susemanager-client-4.2.2-12.9.2
References:
https://www.suse.com/security/cve/CVE-2020-16846.html
https://www.suse.com/security/cve/CVE-2020-17490.html
https://www.suse.com/security/cve/CVE-2020-25592.html
https://bugzilla.suse.com/1167907
https://bugzilla.suse.com/1169664
https://bugzilla.suse.com/1171281
https://bugzilla.suse.com/1172709
https://bugzilla.suse.com/1173557
https://bugzilla.suse.com/1173584
https://bugzilla.suse.com/1174405
https://bugzilla.suse.com/1174965
https://bugzilla.suse.com/1175889
https://bugzilla.suse.com/1176978
https://bugzilla.suse.com/1177928
https://bugzilla.suse.com/1178319
https://bugzilla.suse.com/1178361
https://bugzilla.suse.com/1178362
More information about the sle-security-updates
mailing list