SUSE-SU-2024:0513-1: important: Security update for SUSE Manager 4.3.11 Release Notes
SLE-SECURITY-UPDATES
null at suse.de
Thu Feb 15 16:30:54 UTC 2024
# Security update for SUSE Manager 4.3.11 Release Notes
Announcement ID: SUSE-SU-2024:0513-1
Rating: important
References:
* bsc#1170848
* bsc#1210911
* bsc#1211254
* bsc#1211560
* bsc#1211912
* bsc#1213079
* bsc#1213507
* bsc#1213738
* bsc#1213981
* bsc#1214077
* bsc#1214791
* bsc#1215166
* bsc#1215514
* bsc#1215769
* bsc#1215810
* bsc#1215813
* bsc#1215982
* bsc#1216114
* bsc#1216394
* bsc#1216437
* bsc#1216550
* bsc#1216657
* bsc#1216753
* bsc#1216781
* bsc#1216988
* bsc#1217069
* bsc#1217209
* bsc#1217588
* bsc#1217784
* bsc#1217869
* bsc#1218019
* bsc#1218074
* bsc#1218075
* bsc#1218089
* bsc#1218094
* bsc#1218146
* bsc#1218490
* bsc#1218615
* bsc#1218669
* bsc#1218849
* bsc#1219577
* bsc#1219850
* jsc#MSQA-719
Cross-References:
* CVE-2023-32189
* CVE-2024-22231
* CVE-2024-22232
CVSS scores:
* CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
* CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products:
* openSUSE Leap 15.4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves three vulnerabilities, contains one feature and has 39
security fixes can now be installed.
## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3
### Description:
This update fixes the following issues:
release-notes-susemanager-proxy:
* Update to SUSE Manager 4.3.11
* Bugs mentioned: bsc#1213738, bsc#1216657, bsc#1216781, bsc#1217209,
bsc#1217588 bsc#1218615, bsc#1218849, bsc#1219577, bsc#1219850
## Security update for SUSE Manager Server 4.3
### Description:
This update fixes the following issues:
release-notes-susemanager:
* Update to SUSE Manager 4.3.11
* Migrate from RHEL and its clones to SUSE Liberty Linux
* Reboot required indication for non-SUSE distributions
* SSH key rotation for enhanced security
* Configure remote command execution
* End of Debian 10 support
* CVEs fixed: CVE-2023-32189, CVE-2024-22231, CVE-2024-22232
* Bugs mentioned:
bsc#1170848, bsc#1210911, bsc#1211254, bsc#1211560, bsc#1211912 bsc#1213079,
bsc#1213507, bsc#1213738, bsc#1213981, bsc#1214077 bsc#1214791, bsc#1215166,
bsc#1215514, bsc#1215769, bsc#1215810 bsc#1215813, bsc#1215982, bsc#1216114,
bsc#1216394, bsc#1216437 bsc#1216550, bsc#1216657, bsc#1216753, bsc#1216781,
bsc#1216988 bsc#1217069, bsc#1217209, bsc#1217588, bsc#1217784, bsc#1217869
bsc#1218019, bsc#1218074, bsc#1218075, bsc#1218089, bsc#1218094 bsc#1218490,
bsc#1218615, bsc#1218669, bsc#1218849, bsc#1219577 bsc#1219850, bsc#1218146
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-513=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-513=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-513=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-513=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* release-notes-susemanager-proxy-4.3.11-150400.3.79.1
* release-notes-susemanager-4.3.11-150400.3.100.1
* SUSE Manager Proxy 4.3 (noarch)
* release-notes-susemanager-proxy-4.3.11-150400.3.79.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* release-notes-susemanager-proxy-4.3.11-150400.3.79.1
* SUSE Manager Server 4.3 (noarch)
* release-notes-susemanager-4.3.11-150400.3.100.1
## References:
* https://www.suse.com/security/cve/CVE-2023-32189.html
* https://www.suse.com/security/cve/CVE-2024-22231.html
* https://www.suse.com/security/cve/CVE-2024-22232.html
* https://bugzilla.suse.com/show_bug.cgi?id=1170848
* https://bugzilla.suse.com/show_bug.cgi?id=1210911
* https://bugzilla.suse.com/show_bug.cgi?id=1211254
* https://bugzilla.suse.com/show_bug.cgi?id=1211560
* https://bugzilla.suse.com/show_bug.cgi?id=1211912
* https://bugzilla.suse.com/show_bug.cgi?id=1213079
* https://bugzilla.suse.com/show_bug.cgi?id=1213507
* https://bugzilla.suse.com/show_bug.cgi?id=1213738
* https://bugzilla.suse.com/show_bug.cgi?id=1213981
* https://bugzilla.suse.com/show_bug.cgi?id=1214077
* https://bugzilla.suse.com/show_bug.cgi?id=1214791
* https://bugzilla.suse.com/show_bug.cgi?id=1215166
* https://bugzilla.suse.com/show_bug.cgi?id=1215514
* https://bugzilla.suse.com/show_bug.cgi?id=1215769
* https://bugzilla.suse.com/show_bug.cgi?id=1215810
* https://bugzilla.suse.com/show_bug.cgi?id=1215813
* https://bugzilla.suse.com/show_bug.cgi?id=1215982
* https://bugzilla.suse.com/show_bug.cgi?id=1216114
* https://bugzilla.suse.com/show_bug.cgi?id=1216394
* https://bugzilla.suse.com/show_bug.cgi?id=1216437
* https://bugzilla.suse.com/show_bug.cgi?id=1216550
* https://bugzilla.suse.com/show_bug.cgi?id=1216657
* https://bugzilla.suse.com/show_bug.cgi?id=1216753
* https://bugzilla.suse.com/show_bug.cgi?id=1216781
* https://bugzilla.suse.com/show_bug.cgi?id=1216988
* https://bugzilla.suse.com/show_bug.cgi?id=1217069
* https://bugzilla.suse.com/show_bug.cgi?id=1217209
* https://bugzilla.suse.com/show_bug.cgi?id=1217588
* https://bugzilla.suse.com/show_bug.cgi?id=1217784
* https://bugzilla.suse.com/show_bug.cgi?id=1217869
* https://bugzilla.suse.com/show_bug.cgi?id=1218019
* https://bugzilla.suse.com/show_bug.cgi?id=1218074
* https://bugzilla.suse.com/show_bug.cgi?id=1218075
* https://bugzilla.suse.com/show_bug.cgi?id=1218089
* https://bugzilla.suse.com/show_bug.cgi?id=1218094
* https://bugzilla.suse.com/show_bug.cgi?id=1218146
* https://bugzilla.suse.com/show_bug.cgi?id=1218490
* https://bugzilla.suse.com/show_bug.cgi?id=1218615
* https://bugzilla.suse.com/show_bug.cgi?id=1218669
* https://bugzilla.suse.com/show_bug.cgi?id=1218849
* https://bugzilla.suse.com/show_bug.cgi?id=1219577
* https://bugzilla.suse.com/show_bug.cgi?id=1219850
* https://jira.suse.com/browse/MSQA-719
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20240215/b848c82d/attachment.htm>
More information about the sle-security-updates
mailing list