SUSE-SU-2026:1035-1: important: Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
SLE-SECURITY-UPDATES
null at suse.de
Wed Mar 25 16:32:13 UTC 2026
# Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Announcement ID: SUSE-SU-2026:1035-1
Release Date: 2026-03-25T10:21:20Z
Rating: important
References:
* bsc#1213308
* bsc#1214568
* bsc#1214569
* bsc#1216711
* bsc#1217755
* bsc#1220899
* bsc#1221950
* bsc#1223368
* bsc#1227577
* bsc#1227579
* bsc#1228577
* bsc#1230876
* bsc#1232125
* bsc#1233496
* bsc#1236066
* bsc#1236799
* bsc#1237536
* bsc#1238481
* bsc#1239636
* bsc#1240565
* bsc#1241013
* bsc#1243241
* bsc#1243679
* bsc#1243768
* bsc#1243808
* bsc#1243876
* bsc#1243881
* bsc#1244177
* bsc#1244542
* bsc#1244648
* bsc#1244724
* bsc#1245241
* bsc#1245307
* bsc#1245405
* bsc#1245766
* bsc#1246421
* bsc#1246981
* bsc#1247038
* bsc#1248741
* bsc#1248804
* bsc#1249502
* bsc#1251864
* bsc#1251995
* bsc#1252937
* bsc#1253024
* bsc#1253068
* bsc#1253158
* bsc#1253322
* bsc#1253501
* bsc#1253773
* bsc#1255298
* jsc#MSQA-1046
Cross-References:
* CVE-2024-29371
* CVE-2025-12816
* CVE-2025-13465
* CVE-2025-61140
* CVE-2026-1615
* CVE-2026-25547
* CVE-2026-27727
* CVE-2026-27830
CVSS scores:
* CVE-2024-29371 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-29371 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-29371 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-12816 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
* CVE-2025-12816 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
* CVE-2025-13465 ( SUSE ): 8.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-13465 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-13465 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2025-61140 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-61140 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-61140 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-1615 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-1615 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-1615 ( NVD ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-1615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-25547 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25547 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25547 ( NVD ): 9.2
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-27727 ( SUSE ): 9.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-27727 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-27727 ( NVD ): 8.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-27727 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-27830 ( SUSE ): 8.9
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2026-27830 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-27830 ( NVD ): 8.9
CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:
* openSUSE Leap 15.4
An update that solves eight vulnerabilities, contains one feature and has 43
security fixes can now be installed.
## Security update 4.3.17 for Multi-Linux Manager Proxy and Retail Branch Server
LTS
### Description:
This update fixes the following issues:
release-notes-susemanager-proxy:
* Update to SUSE Manager 4.3.17
* CVEs Fixed: CVE-2024-29371, CVE-2026-27727, CVE-2026-27830
* Bugs mentioned: bsc#1227577, bsc#1227579, bsc#1236799, bsc#1243241,
bsc#1244724 bsc#1248741, bsc#1251995, bsc#1253068, bsc#1253773
## Security update 4.3.17 for Multi-Linux Manager Server LTS
### Description:
This update fixes the following issues:
release-notes-susemanager:
* Update to SUSE Manager 4.3.17
* Monitoring: Prometheus upgraded to 3.5.0
* CVEs Fixed: CVE-2024-29371, CVE-2026-27727, CVE-2026-27830, CVE-2025-12816
CVE-2025-13465, CVE-2025-61140, CVE-2026-1615, CVE-2026-25547
* Bugs mentioned: bsc#1213308, bsc#1214568, bsc#1214569, bsc#1216711,
bsc#1217755 bsc#1220899, bsc#1221950, bsc#1223368, bsc#1227577, bsc#1227579
bsc#1228577, bsc#1230876, bsc#1232125, bsc#1233496, bsc#1236066 bsc#1236799,
bsc#1237536, bsc#1238481, bsc#1239636, bsc#1240565 bsc#1241013, bsc#1243241,
bsc#1243679, bsc#1243768, bsc#1243808 bsc#1243876, bsc#1243881, bsc#1244177,
bsc#1244542, bsc#1244648 bsc#1244724, bsc#1245241, bsc#1245307, bsc#1245405,
bsc#1245766 bsc#1246421, bsc#1246981, bsc#1247038, bsc#1248741, bsc#1248804
bsc#1249502, bsc#1251864, bsc#1251995, bsc#1252937, bsc#1253024 bsc#1253068,
bsc#1253158, bsc#1253322, bsc#1253501, bsc#1255298
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1035=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* release-notes-susemanager-4.3.17-150400.3.151.1
* release-notes-susemanager-proxy-4.3.17-150400.3.107.1
## References:
* https://www.suse.com/security/cve/CVE-2024-29371.html
* https://www.suse.com/security/cve/CVE-2025-12816.html
* https://www.suse.com/security/cve/CVE-2025-13465.html
* https://www.suse.com/security/cve/CVE-2025-61140.html
* https://www.suse.com/security/cve/CVE-2026-1615.html
* https://www.suse.com/security/cve/CVE-2026-25547.html
* https://www.suse.com/security/cve/CVE-2026-27727.html
* https://www.suse.com/security/cve/CVE-2026-27830.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213308
* https://bugzilla.suse.com/show_bug.cgi?id=1214568
* https://bugzilla.suse.com/show_bug.cgi?id=1214569
* https://bugzilla.suse.com/show_bug.cgi?id=1216711
* https://bugzilla.suse.com/show_bug.cgi?id=1217755
* https://bugzilla.suse.com/show_bug.cgi?id=1220899
* https://bugzilla.suse.com/show_bug.cgi?id=1221950
* https://bugzilla.suse.com/show_bug.cgi?id=1223368
* https://bugzilla.suse.com/show_bug.cgi?id=1227577
* https://bugzilla.suse.com/show_bug.cgi?id=1227579
* https://bugzilla.suse.com/show_bug.cgi?id=1228577
* https://bugzilla.suse.com/show_bug.cgi?id=1230876
* https://bugzilla.suse.com/show_bug.cgi?id=1232125
* https://bugzilla.suse.com/show_bug.cgi?id=1233496
* https://bugzilla.suse.com/show_bug.cgi?id=1236066
* https://bugzilla.suse.com/show_bug.cgi?id=1236799
* https://bugzilla.suse.com/show_bug.cgi?id=1237536
* https://bugzilla.suse.com/show_bug.cgi?id=1238481
* https://bugzilla.suse.com/show_bug.cgi?id=1239636
* https://bugzilla.suse.com/show_bug.cgi?id=1240565
* https://bugzilla.suse.com/show_bug.cgi?id=1241013
* https://bugzilla.suse.com/show_bug.cgi?id=1243241
* https://bugzilla.suse.com/show_bug.cgi?id=1243679
* https://bugzilla.suse.com/show_bug.cgi?id=1243768
* https://bugzilla.suse.com/show_bug.cgi?id=1243808
* https://bugzilla.suse.com/show_bug.cgi?id=1243876
* https://bugzilla.suse.com/show_bug.cgi?id=1243881
* https://bugzilla.suse.com/show_bug.cgi?id=1244177
* https://bugzilla.suse.com/show_bug.cgi?id=1244542
* https://bugzilla.suse.com/show_bug.cgi?id=1244648
* https://bugzilla.suse.com/show_bug.cgi?id=1244724
* https://bugzilla.suse.com/show_bug.cgi?id=1245241
* https://bugzilla.suse.com/show_bug.cgi?id=1245307
* https://bugzilla.suse.com/show_bug.cgi?id=1245405
* https://bugzilla.suse.com/show_bug.cgi?id=1245766
* https://bugzilla.suse.com/show_bug.cgi?id=1246421
* https://bugzilla.suse.com/show_bug.cgi?id=1246981
* https://bugzilla.suse.com/show_bug.cgi?id=1247038
* https://bugzilla.suse.com/show_bug.cgi?id=1248741
* https://bugzilla.suse.com/show_bug.cgi?id=1248804
* https://bugzilla.suse.com/show_bug.cgi?id=1249502
* https://bugzilla.suse.com/show_bug.cgi?id=1251864
* https://bugzilla.suse.com/show_bug.cgi?id=1251995
* https://bugzilla.suse.com/show_bug.cgi?id=1252937
* https://bugzilla.suse.com/show_bug.cgi?id=1253024
* https://bugzilla.suse.com/show_bug.cgi?id=1253068
* https://bugzilla.suse.com/show_bug.cgi?id=1253158
* https://bugzilla.suse.com/show_bug.cgi?id=1253322
* https://bugzilla.suse.com/show_bug.cgi?id=1253501
* https://bugzilla.suse.com/show_bug.cgi?id=1253773
* https://bugzilla.suse.com/show_bug.cgi?id=1255298
* https://jira.suse.com/browse/MSQA-1046
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-security-updates/attachments/20260325/55901a73/attachment.htm>
More information about the sle-security-updates
mailing list