SUSE-SU-2022:3879-1: critical: Security update for release-notes-susemanager, release-notes-susemanager-proxy
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Nov 4 17:37:50 UTC 2022
SUSE Security Update: Security update for release-notes-susemanager, release-notes-susemanager-proxy
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3879-1
Rating: critical
References: #1195624 #1197724 #1199726 #1200596 #1201059
#1201788 #1202167 #1202729 #1202785 #1203283
#1203406 #1203422 #1203564 #1203599 #1203611
#1203898 #1204146 #1204203 #1204543 #1204716
#1204741
Cross-References: CVE-2022-31255 CVE-2022-43753 CVE-2022-43754
CVSS scores:
CVE-2022-43753 (SUSE): 5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2022-43754 (SUSE): 3 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
Affected Products:
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
______________________________________________________________________________
An update that solves three vulnerabilities and has 18
fixes is now available.
Description:
This update for release-notes-susemanager, release-notes-susemanager-proxy
fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE Manager 4.2.10
* Apache exporter has been upgraded to version 0.11.0
* CVEs fixed: CVE-2022-43753, CVE-2022-43754, CVE-2022-31255
* Bugs mentioned: bsc#1195624, bsc#1197724, bsc#1199726, bsc#1200596,
bsc#1201059 bsc#1201788, bsc#1202167, bsc#1202729, bsc#1202785,
bsc#1203283 bsc#1203406, bsc#1203422, bsc#1203564, bsc#1203599,
bsc#1203611 bsc#1203898, bsc#1204146, bsc#1204203, bsc#1195624,
bsc#1197724 bsc#1199726, bsc#1200596, bsc#1201059, bsc#1201788,
bsc#1202167 bsc#1202729, bsc#1202785, bsc#1203283, bsc#1203406,
bsc#1203422 bsc#1203564, bsc#1203599, bsc#1203611, bsc#1203898,
bsc#1204146 bsc#1204716, bsc#1204741, bsc#1204543
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.2.10
* Bugs mentioned: bsc#1201059, bsc#1201788, bsc#1203283
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2022-3879=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2022-3879=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2022-3879=1
Package List:
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
release-notes-susemanager-4.2.10-150300.3.57.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
release-notes-susemanager-proxy-4.2.10-150300.3.46.1
- SUSE Manager Proxy 4.2 (x86_64):
release-notes-susemanager-proxy-4.2.10-150300.3.46.1
References:
https://www.suse.com/security/cve/CVE-2022-31255.html
https://www.suse.com/security/cve/CVE-2022-43753.html
https://www.suse.com/security/cve/CVE-2022-43754.html
https://bugzilla.suse.com/1195624
https://bugzilla.suse.com/1197724
https://bugzilla.suse.com/1199726
https://bugzilla.suse.com/1200596
https://bugzilla.suse.com/1201059
https://bugzilla.suse.com/1201788
https://bugzilla.suse.com/1202167
https://bugzilla.suse.com/1202729
https://bugzilla.suse.com/1202785
https://bugzilla.suse.com/1203283
https://bugzilla.suse.com/1203406
https://bugzilla.suse.com/1203422
https://bugzilla.suse.com/1203564
https://bugzilla.suse.com/1203599
https://bugzilla.suse.com/1203611
https://bugzilla.suse.com/1203898
https://bugzilla.suse.com/1204146
https://bugzilla.suse.com/1204203
https://bugzilla.suse.com/1204543
https://bugzilla.suse.com/1204716
https://bugzilla.suse.com/1204741
More information about the sle-security-updates
mailing list