<div class="container">
    <h1>Security update for SUSE Manager Client Tools</h1>

    <table class="table table-striped table-bordered">
        <tbody>
        <tr>
            <th>Announcement ID:</th>
            <td>SUSE-SU-202501:15287-1</td>
        </tr>
        <tr>
            <th>Release Date:</th>
            <td>2025-02-14T07:19:35Z</td>
        </tr>
        
        <tr>
            <th>Rating:</th>
            <td>moderate</td>
        </tr>
        <tr>
            <th>References:</th>
            <td>
                <ul>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1229079">bsc#1229079</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1229104">bsc#1229104</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1230361">bsc#1230361</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231497">bsc#1231497</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231568">bsc#1231568</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231759">bsc#1231759</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232575">bsc#1232575</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232769">bsc#1232769</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232817">bsc#1232817</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233202">bsc#1233202</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233279">bsc#1233279</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233630">bsc#1233630</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233660">bsc#1233660</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://bugzilla.suse.com/show_bug.cgi?id=1234123">bsc#1234123</a>
                        </li>
                    
                    
                        <li style="display: inline;">
                            <a href="https://jira.suse.com/browse/ECO-3319">jsc#ECO-3319</a>
                        </li>
                    
                        <li style="display: inline;">
                            <a href="https://jira.suse.com/browse/MSQA-914">jsc#MSQA-914</a>
                        </li>
                    
                </ul>
            </td>
        </tr>
        
            <tr>
                <th>
                    Cross-References:
                </th>
                <td>
                    <ul>
                    
                        <li style="display: inline;">
                            <a href="https://www.suse.com/security/cve/CVE-2024-22037.html">CVE-2024-22037</a>
                        </li>
                    
                    </ul>
                </td>
            </tr>
            <tr>
                <th>CVSS scores:</th>
                <td>
                    <ul class="list-group">
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-22037</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.7</span>
                                <span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-22037</span>
                                <span class="cvss-source">
                                    (
                                    
                                        SUSE
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-22037</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.7</span>
                                <span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
                            </li>
                        
                            <li class="list-group-item">
                                <span class="cvss-reference">CVE-2024-22037</span>
                                <span class="cvss-source">
                                    (
                                    
                                        NVD
                                    
                                    ):
                                </span>
                                <span class="cvss-score">5.5</span>
                                <span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N</span>
                            </li>
                        
                    </ul>
                </td>
            </tr>
        
        <tr>
            <th>Affected Products:</th>
            <td>
                <ul class="list-group">
                    
                        <li class="list-group-item">SUSE Manager Client Tools for Ubuntu 22.04 2204</li>
                    
                </ul>
            </td>
        </tr>
        </tbody>
    </table>

    <p>An update that solves one vulnerability, contains two features and has 13 security fixes can now be installed.</p>

    


    
        <h2>Description:</h2>
    
    <p>This update fixes the following issues:</p>
<p>scap-security-guide was updated to version 0.1.75 (jsc#ECO-3319):</p>
<ul>
<li>Added Ism profile for OL8, OL9</li>
<li>Added new product kylinserver10 </li>
<li>Created OL10 product </li>
<li>Release SLMicro5 product</li>
<li>Replaced two date injections by SOURCE_DATE_EPOCH to make reproducible (bsc#1230361)</li>
<li>Updated PCI-DSS control file for version 4.0.1</li>
</ul>
<p>spacecmd was updated to version 5.0.11-0:</p>
<ul>
<li>Updated translation strings</li>
</ul>
<p>uyuni-tools was updated from version 0.1.23-0 to 0.1.27-0:</p>
<ul>
<li>Security issues fixed:</li>
<li>CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497)</li>
<li>Other changes and bugs fixed:</li>
<li>Version 0.1.27-0<ul>
<li>Bump the default image tag to 5.0.3</li>
<li>IsInstalled function fix</li>
<li>Run systemctl daemon-reload after changing the container image config (bsc#1233279)</li>
<li>Coco-replicas-upgrade</li>
<li>Persist search server indexes (bsc#1231759)</li>
<li>Sync deletes files during migration (bsc#1233660)</li>
<li>Ignore coco and hub images when applying PTF if they are not ailable (bsc#1229079)</li>
<li>Add --registry back to mgrpxy (bsc#1233202)</li>
<li>Only add java.hostname on migrated server if not present</li>
<li>Consider the configuration file to detect the coco or hub api images should be pulled (bsc#1229104)</li>
<li>Only raise an error if cloudguestregistryauth fails for PAYG (bsc#1233630)</li>
<li>Add registry.suse.com login to mgradm upgrade podman list (bsc#1234123)</li>
</ul>
</li>
<li>Version 0.1.26-0<ul>
<li>Ignore all zypper caches during migration (bsc#1232769)</li>
<li>Use the uyuni network for all podman containers (bsc#1232817)</li>
</ul>
</li>
<li>Version 0.1.25-0<ul>
<li>Don&#x27;t migrate enabled systemd services, recreate them (bsc#1232575)</li>
</ul>
</li>
<li>Version 0.1.24-0<ul>
<li>Redact JSESSIONID and pxt-session-cookie values from logs and
  console output (bsc#1231568)</li>
</ul>
</li>
</ul>



    
        <h2>Special Instructions and Notes:</h2>
        <ul>
            
            
            
        </ul>
    

    <h2>Patch Instructions:</h2>
    <p>
        To install this SUSE  update use the SUSE recommended
        installation methods like YaST online_update or "zypper patch".<br/>

        Alternatively you can run the command listed for your product:
    </p>
    <ul class="list-group">
        
            <li class="list-group-item">
                SUSE Manager Client Tools for Ubuntu 22.04 2204
                
                    
                        <br/>
                        <code>zypper in -t patch suse-ubu224ct-client-tools-202501-15287=1</code>
                    
                    
                
            </li>
        
    </ul>

    <h2>Package List:</h2>
    <ul>
        
            
                <li>
                    SUSE Manager Client Tools for Ubuntu 22.04 2204 (all)
                    <ul>
                        
                            <li>mgrctl-fish-completion-0.1.28-2.16.2</li>
                        
                            <li>mgrctl-bash-completion-0.1.28-2.16.2</li>
                        
                            <li>spacecmd-5.0.11-2.50.2</li>
                        
                            <li>scap-security-guide-ubuntu-0.1.75-2.34.2</li>
                        
                            <li>mgrctl-zsh-completion-0.1.28-2.16.2</li>
                        
                    </ul>
                </li>
            
                <li>
                    SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64)
                    <ul>
                        
                            <li>mgrctl-0.1.28-2.16.2</li>
                        
                    </ul>
                </li>
            
        
    </ul>

    
        <h2>References:</h2>
        <ul>
            
                
                    <li>
                        <a href="https://www.suse.com/security/cve/CVE-2024-22037.html">https://www.suse.com/security/cve/CVE-2024-22037.html</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1229079">https://bugzilla.suse.com/show_bug.cgi?id=1229079</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1229104">https://bugzilla.suse.com/show_bug.cgi?id=1229104</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1230361">https://bugzilla.suse.com/show_bug.cgi?id=1230361</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231497">https://bugzilla.suse.com/show_bug.cgi?id=1231497</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231568">https://bugzilla.suse.com/show_bug.cgi?id=1231568</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1231759">https://bugzilla.suse.com/show_bug.cgi?id=1231759</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232575">https://bugzilla.suse.com/show_bug.cgi?id=1232575</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232769">https://bugzilla.suse.com/show_bug.cgi?id=1232769</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1232817">https://bugzilla.suse.com/show_bug.cgi?id=1232817</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233202">https://bugzilla.suse.com/show_bug.cgi?id=1233202</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233279">https://bugzilla.suse.com/show_bug.cgi?id=1233279</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233630">https://bugzilla.suse.com/show_bug.cgi?id=1233630</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1233660">https://bugzilla.suse.com/show_bug.cgi?id=1233660</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://bugzilla.suse.com/show_bug.cgi?id=1234123">https://bugzilla.suse.com/show_bug.cgi?id=1234123</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/ECO-3319">https://jira.suse.com/browse/ECO-3319</a>
                    </li>
                
            
                
                    <li>
                        <a href="https://jira.suse.com/browse/MSQA-914">https://jira.suse.com/browse/MSQA-914</a>
                    </li>
                
            
        </ul>
    
</div>