SUSE-SU-2021:0906-1: moderate: Security update for SUSE Manager Proxy 4.1

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Mar 19 20:55:59 UTC 2021


   SUSE Security Update: Security update for SUSE Manager Proxy 4.1
______________________________________________________________________________

Announcement ID:    SUSE-SU-2021:0906-1
Rating:             moderate
References:         #1173893 #1177508 #1180558 #1181807 #1182006 
                    #1182685 
Cross-References:   CVE-2020-28477
CVSS scores:
                    CVE-2020-28477 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
______________________________________________________________________________

   An update that solves one vulnerability and has 5 fixes is
   now available.

Description:

   This update fixes the following issues:

   mgr-osad:

   - Adapt to new SSL implementation of rhnlib (bsc#1181807)

   rhnlib:

   - Change SSL implementation to python ssl for better SAN and hostname
     matching support (bsc#1181807)

   spacewalk-backend:

   - Open repomd files as binary (bsc#1173893)
   - Fix requesting Release file in debian repos (bsc#1182006)
   - Reposync: Fixed Kickstart functionality.
   - Reposync: Fixed URLGrabber error handling.
   - Reposync: Fix modular data handling for cloned channels (bsc#1177508)

   spacewalk-client-tools:

   - Adapt to new SSL implementation of rhnlib (bsc#1181807)

   spacewalk-proxy:

   - Adapt to new SSL implementation of rhnlib (bsc#1181807)

   spacewalk-proxy-installer:

   - Adapt to new SSL implementation of rhnlib (bsc#1181807)

   spacewalk-web:

   - Replace CRLF in ssh priv key when bootstrapping (bsc#1182685)
   - Upgrade immer to fix CVE-2020-28477
   - Default to preferred items per page in content lifecycle lists
     (bsc#1180558)
   - Fix sorting in content lifecycle projects and cluster tables
     (bsc#1180558)

   How to apply this update: 1. Log in as root user to the SUSE Manager
   proxy. 2. Stop the proxy service: spacewalk-proxy stop 3. Apply the patch
   using either zypper patch or YaST Online Update. 4. Start the Spacewalk
   service: spacewalk-proxy start


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1:

      zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2021-906=1



Package List:

   - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (noarch):

      mgr-osad-4.1.5-2.9.4
      python3-mgr-osa-common-4.1.5-2.9.4
      python3-mgr-osad-4.1.5-2.9.4
      python3-rhnlib-4.1.3-4.3.2
      python3-spacewalk-check-4.1.9-4.12.4
      python3-spacewalk-client-setup-4.1.9-4.12.4
      python3-spacewalk-client-tools-4.1.9-4.12.4
      spacewalk-backend-4.1.21-4.22.7
      spacewalk-base-minimal-4.1.23-3.18.6
      spacewalk-base-minimal-config-4.1.23-3.18.6
      spacewalk-check-4.1.9-4.12.4
      spacewalk-client-setup-4.1.9-4.12.4
      spacewalk-client-tools-4.1.9-4.12.4
      spacewalk-proxy-broker-4.1.4-3.9.4
      spacewalk-proxy-common-4.1.4-3.9.4
      spacewalk-proxy-installer-4.1.6-3.3.2
      spacewalk-proxy-management-4.1.4-3.9.4
      spacewalk-proxy-package-manager-4.1.4-3.9.4
      spacewalk-proxy-redirect-4.1.4-3.9.4
      spacewalk-proxy-salt-4.1.4-3.9.4


References:

   https://www.suse.com/security/cve/CVE-2020-28477.html
   https://bugzilla.suse.com/1173893
   https://bugzilla.suse.com/1177508
   https://bugzilla.suse.com/1180558
   https://bugzilla.suse.com/1181807
   https://bugzilla.suse.com/1182006
   https://bugzilla.suse.com/1182685



More information about the sle-updates mailing list