<div class="container">
<h1>Security update for SUSE Manager 4.3.11 Release Notes</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2024:0513-1</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1170848">bsc#1170848</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210911">bsc#1210911</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211254">bsc#1211254</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211560">bsc#1211560</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211912">bsc#1211912</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213079">bsc#1213079</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213507">bsc#1213507</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213738">bsc#1213738</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213981">bsc#1213981</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214077">bsc#1214077</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214791">bsc#1214791</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215166">bsc#1215166</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215514">bsc#1215514</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215769">bsc#1215769</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215810">bsc#1215810</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215813">bsc#1215813</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215982">bsc#1215982</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216114">bsc#1216114</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216394">bsc#1216394</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216437">bsc#1216437</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216550">bsc#1216550</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216657">bsc#1216657</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216753">bsc#1216753</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216781">bsc#1216781</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216988">bsc#1216988</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217069">bsc#1217069</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217209">bsc#1217209</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217588">bsc#1217588</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217784">bsc#1217784</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217869">bsc#1217869</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218019">bsc#1218019</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218074">bsc#1218074</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218075">bsc#1218075</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218089">bsc#1218089</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218094">bsc#1218094</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218146">bsc#1218146</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218490">bsc#1218490</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218615">bsc#1218615</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218669">bsc#1218669</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218849">bsc#1218849</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219577">bsc#1219577</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219850">bsc#1219850</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/MSQA-719">jsc#MSQA-719</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-32189.html">CVE-2023-32189</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-22231.html">CVE-2024-22231</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-22232.html">CVE-2024-22232</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-22231</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.0</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-22232</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.7</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">openSUSE Leap 15.4</li>
<li class="list-group-item">SUSE Manager Proxy 4.3</li>
<li class="list-group-item">SUSE Manager Retail Branch Server 4.3</li>
<li class="list-group-item">SUSE Manager Server 4.3</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities, contains one feature and has 39 security fixes can now be installed.</p>
<h2>Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3</h2>
<h3>Description:</h3>
<p>This update fixes the following issues:</p>
<p>release-notes-susemanager-proxy:</p>
<ul>
<li>Update to SUSE Manager 4.3.11</li>
<li>Bugs mentioned:
bsc#1213738, bsc#1216657, bsc#1216781, bsc#1217209, bsc#1217588
bsc#1218615, bsc#1218849, bsc#1219577, bsc#1219850</li>
</ul>
<h2>Security update for SUSE Manager Server 4.3</h2>
<h3>Description:</h3>
<p>This update fixes the following issues:</p>
<p>release-notes-susemanager:</p>
<ul>
<li>Update to SUSE Manager 4.3.11</li>
<li>Migrate from RHEL and its clones to SUSE Liberty Linux</li>
<li>Reboot required indication for non-SUSE distributions</li>
<li>SSH key rotation for enhanced security</li>
<li>Configure remote command execution</li>
<li>End of Debian 10 support</li>
<li>CVEs fixed:
CVE-2023-32189, CVE-2024-22231, CVE-2024-22232</li>
<li>Bugs mentioned: <br />
bsc#1170848, bsc#1210911, bsc#1211254, bsc#1211560, bsc#1211912
bsc#1213079, bsc#1213507, bsc#1213738, bsc#1213981, bsc#1214077
bsc#1214791, bsc#1215166, bsc#1215514, bsc#1215769, bsc#1215810
bsc#1215813, bsc#1215982, bsc#1216114, bsc#1216394, bsc#1216437
bsc#1216550, bsc#1216657, bsc#1216753, bsc#1216781, bsc#1216988
bsc#1217069, bsc#1217209, bsc#1217588, bsc#1217784, bsc#1217869
bsc#1218019, bsc#1218074, bsc#1218075, bsc#1218089, bsc#1218094
bsc#1218490, bsc#1218615, bsc#1218669, bsc#1218849, bsc#1219577
bsc#1219850, bsc#1218146</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
openSUSE Leap 15.4
<br/>
<code>zypper in -t patch SUSE-2024-513=1</code>
</li>
<li class="list-group-item">
SUSE Manager Proxy 4.3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-513=1</code>
</li>
<li class="list-group-item">
SUSE Manager Retail Branch Server 4.3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2024-513=1</code>
</li>
<li class="list-group-item">
SUSE Manager Server 4.3
<br/>
<code>zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-513=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
openSUSE Leap 15.4 (noarch)
<ul>
<li>release-notes-susemanager-proxy-4.3.11-150400.3.79.1</li>
<li>release-notes-susemanager-4.3.11-150400.3.100.1</li>
</ul>
</li>
<li>
SUSE Manager Proxy 4.3 (noarch)
<ul>
<li>release-notes-susemanager-proxy-4.3.11-150400.3.79.1</li>
</ul>
</li>
<li>
SUSE Manager Retail Branch Server 4.3 (noarch)
<ul>
<li>release-notes-susemanager-proxy-4.3.11-150400.3.79.1</li>
</ul>
</li>
<li>
SUSE Manager Server 4.3 (noarch)
<ul>
<li>release-notes-susemanager-4.3.11-150400.3.100.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-32189.html">https://www.suse.com/security/cve/CVE-2023-32189.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-22231.html">https://www.suse.com/security/cve/CVE-2024-22231.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-22232.html">https://www.suse.com/security/cve/CVE-2024-22232.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1170848">https://bugzilla.suse.com/show_bug.cgi?id=1170848</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1210911">https://bugzilla.suse.com/show_bug.cgi?id=1210911</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211254">https://bugzilla.suse.com/show_bug.cgi?id=1211254</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211560">https://bugzilla.suse.com/show_bug.cgi?id=1211560</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211912">https://bugzilla.suse.com/show_bug.cgi?id=1211912</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213079">https://bugzilla.suse.com/show_bug.cgi?id=1213079</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213507">https://bugzilla.suse.com/show_bug.cgi?id=1213507</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213738">https://bugzilla.suse.com/show_bug.cgi?id=1213738</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1213981">https://bugzilla.suse.com/show_bug.cgi?id=1213981</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214077">https://bugzilla.suse.com/show_bug.cgi?id=1214077</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1214791">https://bugzilla.suse.com/show_bug.cgi?id=1214791</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215166">https://bugzilla.suse.com/show_bug.cgi?id=1215166</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215514">https://bugzilla.suse.com/show_bug.cgi?id=1215514</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215769">https://bugzilla.suse.com/show_bug.cgi?id=1215769</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215810">https://bugzilla.suse.com/show_bug.cgi?id=1215810</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215813">https://bugzilla.suse.com/show_bug.cgi?id=1215813</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1215982">https://bugzilla.suse.com/show_bug.cgi?id=1215982</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216114">https://bugzilla.suse.com/show_bug.cgi?id=1216114</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216394">https://bugzilla.suse.com/show_bug.cgi?id=1216394</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216437">https://bugzilla.suse.com/show_bug.cgi?id=1216437</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216550">https://bugzilla.suse.com/show_bug.cgi?id=1216550</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216657">https://bugzilla.suse.com/show_bug.cgi?id=1216657</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216753">https://bugzilla.suse.com/show_bug.cgi?id=1216753</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216781">https://bugzilla.suse.com/show_bug.cgi?id=1216781</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216988">https://bugzilla.suse.com/show_bug.cgi?id=1216988</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217069">https://bugzilla.suse.com/show_bug.cgi?id=1217069</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217209">https://bugzilla.suse.com/show_bug.cgi?id=1217209</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217588">https://bugzilla.suse.com/show_bug.cgi?id=1217588</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217784">https://bugzilla.suse.com/show_bug.cgi?id=1217784</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217869">https://bugzilla.suse.com/show_bug.cgi?id=1217869</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218019">https://bugzilla.suse.com/show_bug.cgi?id=1218019</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218074">https://bugzilla.suse.com/show_bug.cgi?id=1218074</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218075">https://bugzilla.suse.com/show_bug.cgi?id=1218075</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218089">https://bugzilla.suse.com/show_bug.cgi?id=1218089</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218094">https://bugzilla.suse.com/show_bug.cgi?id=1218094</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218146">https://bugzilla.suse.com/show_bug.cgi?id=1218146</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218490">https://bugzilla.suse.com/show_bug.cgi?id=1218490</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218615">https://bugzilla.suse.com/show_bug.cgi?id=1218615</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218669">https://bugzilla.suse.com/show_bug.cgi?id=1218669</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218849">https://bugzilla.suse.com/show_bug.cgi?id=1218849</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219577">https://bugzilla.suse.com/show_bug.cgi?id=1219577</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219850">https://bugzilla.suse.com/show_bug.cgi?id=1219850</a>
</li>
<li>
<a href="https://jira.suse.com/browse/MSQA-719">https://jira.suse.com/browse/MSQA-719</a>
</li>
</ul>
</div>