SUSE-SU-2023:0592-1: critical: Security update for SUSE Manager 4.2.11

SLE-SECURITY-UPDATES null at suse.de
Tue Feb 27 08:58:50 UTC 2024



# Security update for SUSE Manager 4.2.11

Announcement ID: SUSE-SU-2023:0592-1  
Rating: critical  
References:

  * bsc#1188191
  * bsc#1195979
  * bsc#1197027
  * bsc#1198226
  * bsc#1200096
  * bsc#1200169
  * bsc#1201142
  * bsc#1201476
  * bsc#1201893
  * bsc#1202093
  * bsc#1202217
  * bsc#1203287
  * bsc#1203288
  * bsc#1203521
  * bsc#1203532
  * bsc#1203588
  * bsc#1203633
  * bsc#1203698
  * bsc#1203826
  * bsc#1203884
  * bsc#1203886
  * bsc#1204011
  * bsc#1204029
  * bsc#1204032
  * bsc#1204186
  * bsc#1204208
  * bsc#1204330
  * bsc#1204437
  * bsc#1204517
  * bsc#1204519
  * bsc#1204541
  * bsc#1204651
  * bsc#1204699
  * bsc#1204712
  * bsc#1204879
  * bsc#1205012
  * bsc#1205040
  * bsc#1205523
  * bsc#1205663
  * bsc#1205759
  * bsc#1205920
  * bsc#1205943
  * bsc#1205976
  * bsc#1206146
  * bsc#1206168
  * bsc#1206249
  * bsc#1206375
  * bsc#1206470
  * bsc#1206613
  * bsc#1206817
  * bsc#1206861
  * bsc#1206932
  * bsc#1206933
  * bsc#1206963
  * bsc#1206979
  * bsc#1206981
  * bsc#1207141
  * bsc#1208306
  * bsc#1208335
  * bsc#1208418
  * bsc#1208499

  
Cross-References:

  * CVE-2021-42740
  * CVE-2022-0860
  * CVE-2022-1415
  * CVE-2022-31129
  * CVE-2022-40152

  
CVSS scores:

  * CVE-2021-42740 ( SUSE ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-42740 ( NVD ):  9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-0860 ( SUSE ):  8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
  * CVE-2022-0860 ( NVD ):  9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2022-1415 ( SUSE ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2022-1415 ( NVD ):  6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  * CVE-2022-31129 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-31129 ( NVD ):  7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-40152 ( SUSE ):  5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-40152 ( NVD ):  6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Manager Proxy 4.2
  * SUSE Manager Proxy 4.2 Module 4.2
  * SUSE Manager Retail Branch Server 4.2
  * SUSE Manager Server 4.2
  * SUSE Manager Server 4.2 Module 4.2

  
  
An update that solves five vulnerabilities and has 56 security fixes can now be
installed.

## Security update for SUSE Manager Server 4.2

### Description:

This update fixes the following issues:

cobbler:

  * Fix improper authorization (bsc#1197027, CVE-2022-0860)
  * Prevent error when starting up logrotate.service (bsc#1188191)

drools:

  * Deserialization of Untrusted Data: unsafe data deserialization in
    DroolsStreamUtils.java (bsc#1204879, CVE-2022-1415)

grafana-formula:

  * Version 0.8.1
  * Fix Uyuni/SUMA dashboard names
  * Version 0.8.0
  * Set dashboard names depending on project
  * Update dashboards to use new JSON schema
  * Fix PostgreSQL dashboard queries
  * Migrate deprecated panels to their current replacements
  * Version 0.7.1
  * Fix default password field description (bsc#1203698)
  * Do not require default admin and password fields

inter-server-sync:

  * Version 0.2.7
  * Do not update pillars table if it does not exists like in 4.2
  * Version 0.2.6
  * Export package extra tags for complete debian repo metatdata (bsc#1206375)
  * Replace URLs in OS Images pillars when exporting and importing images
  * Version 0.2.5
  * Correct error when importing without debug log level (bsc#1204699)

mgr-osad:

  * Version 4.2.9-1
  * Updated logrotate configuration (bsc#1206470)

prometheus-formula:

  * Version 0.7.0
  * Switch from basic authentication to TLS certificate client authentication
    for Blackbox exporter
  * Fix scheme label in clients targets configration
  * Add README.md

py27-compat-salt:

  * Ignore extend declarations from excluded SLS files (bsc#1203886)
  * Enhance capture of error messages for Zypper calls in zypperpkg module

rhnlib:

  * Version 4.2.7-1
  * Don't get stuck at the end of SSL transfers (bsc#1204032)

saltboot-formula:

  * Update to version 0.1.1676908681.e90e0b1
  * Add failsafe stop file when salt-minion does not stop (bsc#1208418)
  * Support salt bundle (bsc#1208499)

salt-netapi-client:

  * Version 0.21.0
  * See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.21.0
  * Add transactional_update module
  * Improve logging when creating salt exception

smdba:

  * Version 1.7.11
  * fix config update from wal_keep_segments to wal_keep_size for newer
    postgresql versions (bsc#1204519)

spacecmd:

  * Version 4.2.21-1
  * Prevent string api parameters to be parsed as dates if not in ISO-8601
    format (bsc#1205759)
  * Add python-dateutil dependency, required to process date values in spacecmd
    api calls
  * Correctly understand 'ssm' keyword on scap scheduling
  * Fix dict_keys not supporting indexing in systems_setconfigchannelorger

spacewalk-admin:

  * Version 4.2.13-1
  * Generate uyuni_roster.conf with salt-secrets-config (bsc#1200096)

spacewalk-backend:

  * Version 4.2.26-1
  * Fix reposync error about missing "content-type" key when syncing certain
    channels
  * Compute headers as list of two-tuples to be used by url grabber
    (bsc#1205523)
  * Updated logrotate configuration (bsc#1206470)
  * Add 'octet-stream' to accepted content-types for reposync mirrorlists
  * Exclude invalid mirror urls for reposync (bsc#1203826)
  * do not fetch mirrorlist when a file url is given
  * Keep older module metadata files in database (bsc#1201893)
  * Removed the activation keys report from the debug information

spacewalk-certs-tools:

  * Version 4.2.19-1
  * some i18n functions moved to new module which needs to be loaded
    (bsc#1201142)
  * Generated bootstrap scripts installs all needed Salt 3004 dependencies for
    Ubuntu 18.04 (bsc#1204517)

spacewalk-client-tools:

  * Version 4.2.22-1
  * Update translation strings

spacewalk-java:

  * Version 4.2.47-1
  * Use uyuni roster salt module instead of flat roster files (bsc#1200096)
  * Version 4.2.46-1
  * Fix registration with proxy and tunnel SSH (bsc#1200096)
  * Version 4.2.45-1
  * Add 'none' matcher to CLM AppStream filters (bsc#1206817)
  * Improve logs when sls action chain file is missing
  * Do not forward ssh command if proxy and tunnel are present (bsc#1200096)
  * Fix not being able to delete CLM environment if there are custom child
    channels that where not built by the environment (bsc#1206932)
  * Include missing 'gpg' states to avoid issues on SSH minions.
  * Optimize the number of salt calls on minion startup (bsc#1203532)
  * Fix CVE Audit ignoring errata in parent channels if patch in successor
    product exists (bsc#1206168)
  * Fix CVE Audit incorrectly displaying predecessor product (bsc#1205663)
  * Fix modular channel check during system update via XMLRPC (bsc#1206613)
  * Trigger a package profile update when a new live-patch is installed
    (bsc#1206249)
  * prevent ISE on activation key page when selected base channel value is null
  * Only remove product catalog if PAYG ssh credentials are defined
    (bsc#1205943)
  * Updated logrotate configuration (bsc#1206470)
  * Limit changelog data in generated metadata to 20 entries
  * Fix CLM to not remove necessary packages when filtering erratas
    (bsc#1195979)
  * check for NULL in DEB package install size value
  * Allowed cancelling pending actions with a failed prerequisite (bsc#1204712)
  * disable cloned vendor channel auto selection by default (bsc#1204186)
  * adapt permissions of temporary ssh key directory
  * format results for package, errata and image build actions in system history
    similar to state apply results
  * Fix ClassCastException
  * Run only minion actions that are in the pending status (bsc#1205012)
  * Manager reboot in transactional update action chain (bsc#1201476
  * Optimize performance of config channels operations for UI and API
    (bsc#1204029)
  * Don't add the same channel twice in the System config addChannel API
    (bsc#1204029)
  * fix xmlrpc call randomly failing with translation error (bsc#1203633)
  * Optimize action chain processing on job return event (bsc#1203532)
  * Re-calculate salt event queue numbers on restart
  * Fix out of memory error when building a CLM project (bsc#1202217)
  * Process salt events in FIFO order (bsc#1203532)
  * Remove 'SSM' column text where not applicable (bsc#1203588)
  * Fix rendering of ssm/MigrateSystems page (bsc#1204651)
  * Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)
  * Deny packages from older module metadata when building CLM projects
    (bsc#1201893)
  * Refresh pillar data for the assigned systems when a CLM channel is built
    (bsc#1200169)
  * delay hardware refresh action to avoid missing channels (bsc#1204208)
  * During re-activation, recalculate grains if
  * Remove unused gson-extras.jar during build

spacewalk-search:

  * Version 4.2.9-1
  * Updated logrotate configuration (bsc#1206470)

spacewalk-web:

  * Version 4.2.32-1
  * Add 'none' matcher to CLM AppStream filters (bsc#1206817)
  * fix frontend logging in react pages
  * Add bugzilla references to past security fixes
    * shell-quote fix CVE-2021-42740 (bsc#1203287)
    * moment fix CVE-2022-31129 (bsc#1203288)

supportutils-plugin-susemanager:

  * Version 4.2.5-1
  * Added dependency for XML Simple
  * update susemanager plugin to export the number of pending salt events

susemanager:

  * Version 4.2.40-1
  * Add mgr-salt-ssh wrapper to use with uyuni roster Salt module (bsc#1200096)
  * Version 4.2.39-1
  * fix bootstrap repo path for SLES for SAP 12 (bsc#1207141)
  * make venv-salt-minion optional for SUSE Manager Proxy 4.2 bootstrap
    repository (bsc#1206933)
  * show RHEL target for bootstrap repo creation only if it is really connected
    to the CDN (bsc#1206861)
  * add python3-extras to bootstrap repo as dependency of python3-libxml2,
    optional SLES 15 does not have it and it is only required on SP4 or greater
    (bsc#1204437)

susemanager-build-keys:

  * Version 15.3.6
  * Add rpmlintrc configuration, so "W: backup-file-in-package" for the keyring
    is ignored. We do not ship backup files, but we own them because they are
    created each time gpg is called, and we want them removed if the package is
    removed
  * uyuni-build-keys.rpmlintrc

susemanager-doc-indexes:

  * Include RHEL7 in Salt 3000 to Salt Bundle migration section of the Client
    Configuration Guide
  * Update Salt Bundle guide as Salt Bundle is now the default registration
    method
  * Re-added statement about Cobbler support in Reference Guide and Client
    Configuration Guide (bsc#1206963)
  * Added information about java.salt_event_thread_pool_size in Large
    Deployments Guide
  * Added information about GPG key usage in the Debian section of the
  * Updated default number of changelog entries in Administration Guide
  * Include migration guide from Salt 3000 to Bundle for SUSE Linux Enterprise
    12 and CentOS7 in Troubleshooting Clients
  * Removed mentions to ABRT in Reference Guide
  * Extended note about using Salt SSH with Salt Bundle in 4.2
  * Fixed Liberty Linux client tools label in Client Configuration Guide

susemanager-docs_en:

  * Include RHEL7 in Salt 3000 to Salt Bundle migration section of the Client
    Configuration Guide
  * Update Salt Bundle guide as Salt Bundle is now the default registration
    method
  * Re-added statement about Cobbler support in Reference Guide and Client
    Configuration Guide (bsc#1206963)
  * Added information about java.salt_event_thread_pool_size in Large
    Deployments Guide
  * Added information about GPG key usage in the Debian section of the
  * Updated default number of changelog entries in Administration Guide
  * Include migration guide from Salt 3000 to Bundle for SUSE Linux Enterprise
    12 and CentOS7 in Troubleshooting Clients.
  * Removed mentions to ABRT in Reference Guide
  * Extended note about using Salt SSH with Salt Bundle in 4.2
  * Fixed Liberty Linux client tools label in Client Configuration Guide

susemanager-schema:

  * Version 4.2.27-1
  * Add created and modified fields to suseMinionInfo to make uyuni roster
    module cache validation more accurate (bsc#1200096)
  * Version 4.2.26-1
  * Add 'none' matcher to CLM AppStream filters (bsc#1206817)
  * Increase cron_expr varchar length to 120 in suseRecurringAction table
    (bsc#1205040)
  * Keep older module metadata files in database (bsc#1201893)
  * Fix setting of last modified date in channel clone procedure

susemanager-sls:

  * Version 4.2.30-1
  * Flush uyuni roster cache if the config has changed
  * Implement uyuni roster module for Salt (bsc#1200096)
  * Version 4.2.30-1
  * Fix dnf plugin path calculation when using Salt Bundle (bsc#1208335)
  * Version 4.2.29-1
  * Improve _mgractionchains.conf logs
  * Prevent possible errors from "mgractionschains" module when there is no
    action chain to resume.
  * Fix mgrnet custom module to be compatible with old Python 2.6 (bsc#1206979)
    (bsc#1206981)
  * Fix custom "mgrcompat.module_run" state module to work with Salt 3005.1
  * filter out libvirt engine events (bsc#1206146)
  * Optimize the number of salt calls on minion startup (bsc#1203532)
  * Updated logrotate configuration (bsc#1206470)
  * Make libvirt-events.conf path depend on what minion is used (bsc#1205920)
  * Fix kiwi inspect regexp to allow image names with "-" (bsc#1204541)
  * Avoid installing recommended packages from assigned products (bsc#1204330)
  * Manager reboot in transactional update action chain (bsc#1201476)
  * Use the actual sudo user home directory for salt ssh clients on bootstrap
    and clean up (bsc#1202093)
  * Perform refresh with packages.pkgupdate state (bsc#1203884)

uyuni-common-libs:

  * Version 4.2.9-1
  * Fix crash due missing "context_manager" when running salt-secrets-config
    service (bsc#1200096)
  * Version 4.2.8-1
  * some i18n functions moved to new module which needs to be loaded
    (bsc#1201142)

virtual-host-gatherer:

  * Version 1.0.24-1
  * Report total memory of a libvirt hypervisor
  * Improve interoperability with other Python projects

woodstox:

  * CVE-2022-40152: Fixed stack overflow in XML serialization. (bsc#1203521)

How to apply this update:

  1. Log in as root user to the SUSE Manager Server.
  2. Stop the Spacewalk service: `spacewalk-service stop`
  3. Apply the patch using either zypper patch or YaST Online Update.
  4. Start the Spacewalk service: `spacewalk-service start`

## Security update for SUSE Manager Proxy and Retail Branch Server 4.2

### Description:

This update fixes the following issues:

mgr-osad:

  * Version 4.2.9-1
  * Updated logrotate configuration (bsc#1206470)

rhnlib:

  * Version 4.2.7-1
  * Don't get stuck at the end of SSL transfers (bsc#1204032)

spacecmd:

  * Version 4.2.21-1
  * Prevent string api parameters to be parsed as dates if not in ISO-8601
    format (bsc#1205759)
  * Add python-dateutil dependency, required to process date values in spacecmd
    api calls
  * Correctly understand 'ssm' keyword on scap scheduling
  * Fix dict_keys not supporting indexing in systems_setconfigchannelorger

spacewalk-backend:

  * Version 4.2.26-1
  * Fix reposync error about missing "content-type" key when syncing certain
    channels
  * Compute headers as list of two-tuples to be used by url grabber
    (bsc#1205523)
  * Updated logrotate configuration (bsc#1206470)
  * Add 'octet-stream' to accepted content-types for reposync mirrorlists
  * Exclude invalid mirror urls for reposync (bsc#1203826)
  * do not fetch mirrorlist when a file url is given
  * Keep older module metadata files in database (bsc#1201893)
  * Removed the activation keys report from the debug information

spacewalk-certs-tools:

  * Version 4.2.19-1
  * some i18n functions moved to new module which needs to be loaded
    (bsc#1201142)
  * Generated bootstrap scripts installs all needed Salt 3004 dependencies for
    Ubuntu 18.04 (bsc#1204517)

spacewalk-client-tools:

  * Version 4.2.22-1
  * Update translation strings

spacewalk-proxy:

  * Version 4.2.13-1
  * Updated logrotate configuration (bsc#1206470)
  * Handle tftp in rhn-proxy (bsc#1205976)

spacewalk-proxy-installer:

  * Version 4.2.11-1
  * Detect salt bundle when fetching certificate using salt event (bsc#1208306)
  * Version 4.2.10-1
  * Correctly detect salt-bundle (bsc#1208306)
  * Version 4.2.9-1
  * Prefer salt-bundle minion config if available (bsc#1198226, bsc#1208306)
  * Version 4.2.8-1
  * Increase maximum object size to 500MB (bsc#1204011)

spacewalk-web:

  * Version 4.2.32-1
  * Add 'none' matcher to CLM AppStream filters (bsc#1206817)
  * fix frontend logging in react pages
  * Add bugzilla references to past security fixes
    * shell-quote fix CVE-2021-42740 (bsc#1203287)
    * moment fix CVE-2022-31129 (bsc#1203288)

susemanager-build-keys:

  * Version 15.3.6
  * Add rpmlintrc configuration, so "W: backup-file-in-package" for the keyring
    is ignored. We do not ship backup files, but we own them because they are
    created each time gpg is called, and we want them removed if the package is
    removed
  * uyuni-build-keys.rpmlintrc

uyuni-common-libs:

  * Version 4.2.9-1
  * Fix crash due missing "context_manager" when running salt-secrets-config
    service (bsc#1200096)
  * Version 4.2.8-1
  * some i18n functions moved to new module which needs to be loaded
    (bsc#1201142)

How to apply this update:

  1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server.
  2. Stop the proxy service: `spacewalk-proxy stop`
  3. Apply the patch using either zypper patch or YaST Online Update.
  4. Start the Spacewalk service: `spacewalk-proxy start`

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Proxy 4.2 Module 4.2  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-592=1

  * SUSE Manager Server 4.2 Module 4.2  
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2023-592=1

## Package List:

  * SUSE Manager Proxy 4.2 Module 4.2 (noarch)
    * spacewalk-base-minimal-config-4.2.32-150300.3.36.4
    * python3-spacewalk-client-tools-4.2.22-150300.4.30.2
    * spacewalk-proxy-salt-4.2.13-150300.3.24.2
    * python3-rhnlib-4.2.7-150300.4.12.2
    * mgr-osad-4.2.9-150300.2.12.2
    * spacewalk-certs-tools-4.2.19-150300.3.27.4
    * spacewalk-proxy-broker-4.2.13-150300.3.24.2
    * spacewalk-proxy-redirect-4.2.13-150300.3.24.2
    * spacewalk-proxy-installer-4.2.11-150300.3.14.2
    * spacewalk-proxy-management-4.2.13-150300.3.24.2
    * python3-mgr-osa-common-4.2.9-150300.2.12.2
    * spacewalk-check-4.2.22-150300.4.30.2
    * spacecmd-4.2.21-150300.4.33.2
    * spacewalk-client-tools-4.2.22-150300.4.30.2
    * spacewalk-proxy-common-4.2.13-150300.3.24.2
    * python3-mgr-osad-4.2.9-150300.2.12.2
    * python3-spacewalk-certs-tools-4.2.19-150300.3.27.4
    * spacewalk-base-minimal-4.2.32-150300.3.36.4
    * susemanager-build-keys-15.3.6-150300.3.6.2
    * spacewalk-backend-4.2.26-150300.4.35.6
    * python3-spacewalk-client-setup-4.2.22-150300.4.30.2
    * spacewalk-client-setup-4.2.22-150300.4.30.2
    * spacewalk-proxy-package-manager-4.2.13-150300.3.24.2
    * python3-spacewalk-check-4.2.22-150300.4.30.2
    * susemanager-build-keys-web-15.3.6-150300.3.6.2
  * SUSE Manager Proxy 4.2 Module 4.2 (x86_64)
    * python3-uyuni-common-libs-4.2.9-150300.3.14.1
  * SUSE Manager Server 4.2 Module 4.2 (noarch)
    * spacewalk-base-minimal-config-4.2.32-150300.3.36.4
    * python3-spacewalk-client-tools-4.2.22-150300.4.30.2
    * spacewalk-java-lib-4.2.47-150300.3.58.1
    * spacewalk-search-4.2.9-150300.3.15.2
    * susemanager-docs_en-pdf-4.2-150300.12.39.2
    * python3-rhnlib-4.2.7-150300.4.12.2
    * prometheus-formula-0.7.0-150300.3.17.2
    * spacewalk-certs-tools-4.2.19-150300.3.27.4
    * spacewalk-admin-4.2.13-150300.3.18.1
    * cobbler-3.1.2-150300.5.19.1
    * grafana-formula-0.8.1-150300.3.9.2
    * spacewalk-backend-config-files-common-4.2.26-150300.4.35.6
    * spacewalk-backend-server-4.2.26-150300.4.35.6
    * uyuni-config-modules-4.2.31-150300.3.43.1
    * virtual-host-gatherer-VMware-1.0.24-150300.3.9.2
    * spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6
    * spacewalk-backend-iss-4.2.26-150300.4.35.6
    * spacewalk-java-config-4.2.47-150300.3.58.1
    * python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2
    * spacewalk-java-4.2.47-150300.3.58.1
    * python3-mgr-osa-common-4.2.9-150300.2.12.2
    * spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6
    * virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2
    * susemanager-doc-indexes-4.2-150300.12.39.4
    * saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1
    * spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6
    * drools-7.17.0-150300.4.9.2
    * spacewalk-backend-sql-4.2.26-150300.4.35.6
    * spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6
    * spacewalk-backend-config-files-4.2.26-150300.4.35.6
    * spacecmd-4.2.21-150300.4.33.2
    * spacewalk-html-4.2.32-150300.3.36.4
    * spacewalk-backend-package-push-server-4.2.26-150300.4.35.6
    * spacewalk-client-tools-4.2.22-150300.4.30.2
    * woodstox-4.4.2-150300.3.6.2
    * susemanager-schema-4.2.27-150300.3.35.1
    * python3-spacewalk-certs-tools-4.2.19-150300.3.27.4
    * spacewalk-base-minimal-4.2.32-150300.3.36.4
    * spacewalk-backend-app-4.2.26-150300.4.35.6
    * virtual-host-gatherer-1.0.24-150300.3.9.2
    * virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2
    * susemanager-build-keys-15.3.6-150300.3.6.2
    * susemanager-docs_en-4.2-150300.12.39.2
    * py27-compat-salt-3000.3-150300.7.7.29.2
    * susemanager-sls-4.2.31-150300.3.43.1
    * mgr-osa-dispatcher-4.2.9-150300.2.12.2
    * spacewalk-backend-applet-4.2.26-150300.4.35.6
    * spacewalk-backend-4.2.26-150300.4.35.6
    * spacewalk-java-postgresql-4.2.47-150300.3.58.1
    * supportutils-plugin-susemanager-4.2.5-150300.3.9.2
    * spacewalk-base-4.2.32-150300.3.36.4
    * virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2
    * spacewalk-backend-tools-4.2.26-150300.4.35.6
    * salt-netapi-client-0.21.0-150300.3.12.4
    * spacewalk-taskomatic-4.2.47-150300.3.58.1
    * susemanager-build-keys-web-15.3.6-150300.3.6.2
    * spacewalk-backend-iss-export-4.2.26-150300.4.35.6
  * SUSE Manager Server 4.2 Module 4.2 (ppc64le s390x x86_64)
    * susemanager-4.2.40-150300.3.49.1
    * smdba-1.7.11-0.150300.3.12.2
    * susemanager-tools-4.2.40-150300.3.49.1
    * python3-uyuni-common-libs-4.2.9-150300.3.14.1
    * inter-server-sync-debuginfo-0.2.7-150300.8.28.2
    * inter-server-sync-0.2.7-150300.8.28.2

## References:

  * https://www.suse.com/security/cve/CVE-2021-42740.html
  * https://www.suse.com/security/cve/CVE-2022-0860.html
  * https://www.suse.com/security/cve/CVE-2022-1415.html
  * https://www.suse.com/security/cve/CVE-2022-31129.html
  * https://www.suse.com/security/cve/CVE-2022-40152.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1188191
  * https://bugzilla.suse.com/show_bug.cgi?id=1195979
  * https://bugzilla.suse.com/show_bug.cgi?id=1197027
  * https://bugzilla.suse.com/show_bug.cgi?id=1198226
  * https://bugzilla.suse.com/show_bug.cgi?id=1200096
  * https://bugzilla.suse.com/show_bug.cgi?id=1200169
  * https://bugzilla.suse.com/show_bug.cgi?id=1201142
  * https://bugzilla.suse.com/show_bug.cgi?id=1201476
  * https://bugzilla.suse.com/show_bug.cgi?id=1201893
  * https://bugzilla.suse.com/show_bug.cgi?id=1202093
  * https://bugzilla.suse.com/show_bug.cgi?id=1202217
  * https://bugzilla.suse.com/show_bug.cgi?id=1203287
  * https://bugzilla.suse.com/show_bug.cgi?id=1203288
  * https://bugzilla.suse.com/show_bug.cgi?id=1203521
  * https://bugzilla.suse.com/show_bug.cgi?id=1203532
  * https://bugzilla.suse.com/show_bug.cgi?id=1203588
  * https://bugzilla.suse.com/show_bug.cgi?id=1203633
  * https://bugzilla.suse.com/show_bug.cgi?id=1203698
  * https://bugzilla.suse.com/show_bug.cgi?id=1203826
  * https://bugzilla.suse.com/show_bug.cgi?id=1203884
  * https://bugzilla.suse.com/show_bug.cgi?id=1203886
  * https://bugzilla.suse.com/show_bug.cgi?id=1204011
  * https://bugzilla.suse.com/show_bug.cgi?id=1204029
  * https://bugzilla.suse.com/show_bug.cgi?id=1204032
  * https://bugzilla.suse.com/show_bug.cgi?id=1204186
  * https://bugzilla.suse.com/show_bug.cgi?id=1204208
  * https://bugzilla.suse.com/show_bug.cgi?id=1204330
  * https://bugzilla.suse.com/show_bug.cgi?id=1204437
  * https://bugzilla.suse.com/show_bug.cgi?id=1204517
  * https://bugzilla.suse.com/show_bug.cgi?id=1204519
  * https://bugzilla.suse.com/show_bug.cgi?id=1204541
  * https://bugzilla.suse.com/show_bug.cgi?id=1204651
  * https://bugzilla.suse.com/show_bug.cgi?id=1204699
  * https://bugzilla.suse.com/show_bug.cgi?id=1204712
  * https://bugzilla.suse.com/show_bug.cgi?id=1204879
  * https://bugzilla.suse.com/show_bug.cgi?id=1205012
  * https://bugzilla.suse.com/show_bug.cgi?id=1205040
  * https://bugzilla.suse.com/show_bug.cgi?id=1205523
  * https://bugzilla.suse.com/show_bug.cgi?id=1205663
  * https://bugzilla.suse.com/show_bug.cgi?id=1205759
  * https://bugzilla.suse.com/show_bug.cgi?id=1205920
  * https://bugzilla.suse.com/show_bug.cgi?id=1205943
  * https://bugzilla.suse.com/show_bug.cgi?id=1205976
  * https://bugzilla.suse.com/show_bug.cgi?id=1206146
  * https://bugzilla.suse.com/show_bug.cgi?id=1206168
  * https://bugzilla.suse.com/show_bug.cgi?id=1206249
  * https://bugzilla.suse.com/show_bug.cgi?id=1206375
  * https://bugzilla.suse.com/show_bug.cgi?id=1206470
  * https://bugzilla.suse.com/show_bug.cgi?id=1206613
  * https://bugzilla.suse.com/show_bug.cgi?id=1206817
  * https://bugzilla.suse.com/show_bug.cgi?id=1206861
  * https://bugzilla.suse.com/show_bug.cgi?id=1206932
  * https://bugzilla.suse.com/show_bug.cgi?id=1206933
  * https://bugzilla.suse.com/show_bug.cgi?id=1206963
  * https://bugzilla.suse.com/show_bug.cgi?id=1206979
  * https://bugzilla.suse.com/show_bug.cgi?id=1206981
  * https://bugzilla.suse.com/show_bug.cgi?id=1207141
  * https://bugzilla.suse.com/show_bug.cgi?id=1208306
  * https://bugzilla.suse.com/show_bug.cgi?id=1208335
  * https://bugzilla.suse.com/show_bug.cgi?id=1208418
  * https://bugzilla.suse.com/show_bug.cgi?id=1208499

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20240227/fa315d39/attachment.htm>


More information about the sle-security-updates mailing list