SUSE-SU-2023:2594-1: important: Security update for SUSE Manager Server 4.2
SLE-SECURITY-UPDATES
null at suse.de
Tue Feb 27 12:00:11 UTC 2024
# Security update for SUSE Manager Server 4.2
Announcement ID: SUSE-SU-2023:2594-1
Rating: important
References:
* bsc#1179747
* bsc#1186011
* bsc#1203599
* bsc#1205600
* bsc#1206423
* bsc#1207550
* bsc#1207814
* bsc#1207941
* bsc#1208046
* bsc#1208984
* bsc#1209220
* bsc#1209231
* bsc#1209277
* bsc#1209386
* bsc#1209434
* bsc#1209508
* bsc#1209877
* bsc#1209915
* bsc#1209926
* bsc#1210011
* bsc#1210086
* bsc#1210101
* bsc#1210107
* bsc#1210154
* bsc#1210162
* bsc#1210232
* bsc#1210311
* bsc#1210406
* bsc#1210437
* bsc#1210458
* bsc#1210659
* bsc#1210835
* bsc#1210957
* bsc#1211330
* bsc#1212096
* bsc#1212363
* bsc#1212517
* jsc#MSQA-674
Cross-References:
* CVE-2022-46146
* CVE-2023-22644
CVSS scores:
* CVE-2022-46146 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-46146 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-22644 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
* openSUSE Leap 15.3
* SUSE Manager Proxy 4.2
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Server 4.2
An update that solves two vulnerabilities, contains one feature and has 35
security fixes can now be installed.
## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.2
### Description:
This update fixes the following issues:
release-notes-susemanager-proxy:
* Update to 4.2.13
* Bugs mentioned: bsc#1179747, bsc#1207814, bsc#1209231, bsc#1210437,
bsc#1210458
## Security update for SUSE Manager Server 4.2
### Description:
This update fixes the following issues:
release-notes-susemanager:
* Update to 4.2.13
* Salt has been upgraded to 3006.0
* SUSE Linux Enterprise Server 15 SP5 Family support has been added
* openSUSE Leap 15.5 support has been added
* Automatic migration from Salt 3000 to Salt bundle
* Grafana upgraded to 9.5.1
* Node exporter upgraded to 1.5.0
* Prometheus upgraded to 2.37.6
* Postgres exporter upgraded to 0.10.1
* CVEs fixed: CVE-2023-22644, CVE-2022-46146
* Bugs mentioned: bsc#1179747, bsc#1186011, bsc#1203599, bsc#1205600,
bsc#1206423 bsc#1207550, bsc#1207814, bsc#1207941, bsc#1208984, bsc#1209220
bsc#1209231, bsc#1209277, bsc#1209386, bsc#1209434, bsc#1209508 bsc#1209877,
bsc#1209915, bsc#1209926, bsc#1210011, bsc#1210086 bsc#1210101, bsc#1210107,
bsc#1210154, bsc#1210162, bsc#1210232 bsc#1210311, bsc#1210406, bsc#1210437,
bsc#1210458, bsc#1210659 bsc#1210835, bsc#1210957, bsc#1211330, bsc#1208046,
bsc#1212517 bsc#1212096
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-2594=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2594=1
* openSUSE Leap 15.3
zypper in -t patch SUSE-2023-2594=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2594=1
## Package List:
* SUSE Manager Retail Branch Server 4.2 (noarch)
* release-notes-susemanager-proxy-4.2.13-150300.3.64.2
* SUSE Manager Server 4.2 (noarch)
* release-notes-susemanager-4.2.13-150300.3.81.1
* openSUSE Leap 15.3 (noarch)
* release-notes-susemanager-4.2.13-150300.3.81.1
* release-notes-susemanager-proxy-4.2.13-150300.3.64.2
* SUSE Manager Proxy 4.2 (noarch)
* release-notes-susemanager-proxy-4.2.13-150300.3.64.2
## References:
* https://www.suse.com/security/cve/CVE-2022-46146.html
* https://www.suse.com/security/cve/CVE-2023-22644.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179747
* https://bugzilla.suse.com/show_bug.cgi?id=1186011
* https://bugzilla.suse.com/show_bug.cgi?id=1203599
* https://bugzilla.suse.com/show_bug.cgi?id=1205600
* https://bugzilla.suse.com/show_bug.cgi?id=1206423
* https://bugzilla.suse.com/show_bug.cgi?id=1207550
* https://bugzilla.suse.com/show_bug.cgi?id=1207814
* https://bugzilla.suse.com/show_bug.cgi?id=1207941
* https://bugzilla.suse.com/show_bug.cgi?id=1208046
* https://bugzilla.suse.com/show_bug.cgi?id=1208984
* https://bugzilla.suse.com/show_bug.cgi?id=1209220
* https://bugzilla.suse.com/show_bug.cgi?id=1209231
* https://bugzilla.suse.com/show_bug.cgi?id=1209277
* https://bugzilla.suse.com/show_bug.cgi?id=1209386
* https://bugzilla.suse.com/show_bug.cgi?id=1209434
* https://bugzilla.suse.com/show_bug.cgi?id=1209508
* https://bugzilla.suse.com/show_bug.cgi?id=1209877
* https://bugzilla.suse.com/show_bug.cgi?id=1209915
* https://bugzilla.suse.com/show_bug.cgi?id=1209926
* https://bugzilla.suse.com/show_bug.cgi?id=1210011
* https://bugzilla.suse.com/show_bug.cgi?id=1210086
* https://bugzilla.suse.com/show_bug.cgi?id=1210101
* https://bugzilla.suse.com/show_bug.cgi?id=1210107
* https://bugzilla.suse.com/show_bug.cgi?id=1210154
* https://bugzilla.suse.com/show_bug.cgi?id=1210162
* https://bugzilla.suse.com/show_bug.cgi?id=1210232
* https://bugzilla.suse.com/show_bug.cgi?id=1210311
* https://bugzilla.suse.com/show_bug.cgi?id=1210406
* https://bugzilla.suse.com/show_bug.cgi?id=1210437
* https://bugzilla.suse.com/show_bug.cgi?id=1210458
* https://bugzilla.suse.com/show_bug.cgi?id=1210659
* https://bugzilla.suse.com/show_bug.cgi?id=1210835
* https://bugzilla.suse.com/show_bug.cgi?id=1210957
* https://bugzilla.suse.com/show_bug.cgi?id=1211330
* https://bugzilla.suse.com/show_bug.cgi?id=1212096
* https://bugzilla.suse.com/show_bug.cgi?id=1212363
* https://bugzilla.suse.com/show_bug.cgi?id=1212517
* https://jira.suse.com/browse/MSQA-674
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20240227/f89922f6/attachment.htm>
More information about the sle-security-updates
mailing list