SUSE-RU-2021:3162-1: Recommended update for SUSE Manager 4.2.2 Release Notes
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Mon Sep 20 19:52:41 UTC 2021
SUSE Recommended Update: Recommended update for SUSE Manager 4.2.2 Release Notes
______________________________________________________________________________
Announcement ID: SUSE-RU-2021:3162-1
Rating: low
References: #1171483 #1173143 #1181223 #1186026 #1186281
#1186339 #1187335 #1187549 #1188032 #1188042
#1188136 #1188163 #1188193 #1188260 #1188393
#1188400 #1188503 #1188505 #1188551 #1188641
#1188647 #1188656 #1188853 #1188855 #1189011
#1189040 #1189167 #1189263 #1189419 #1189458
Affected Products:
SUSE Manager Server 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Proxy 4.2
______________________________________________________________________________
An update that solves three vulnerabilities and has 27
fixes is now available.
Description:
This update for SUSE Manager 4.2.2 Release Notes provides the following
additions:
Release notes for SUSE Manager:
- Update to 4.2.2
* SUSE Manager is now able to manage Rocky Linux 8 clients
* Tech Preview: Inter-Server Sync V2
* Bugs mentioned bsc#1171483, bsc#1173143, bsc#1181223, bsc#1186281,
bsc#1186339, bsc#1187335, bsc#1187549, bsc#1188032, bsc#1188042,
bsc#1188136, bsc#1188163, bsc#1188193, bsc#1188260, bsc#1188393,
bsc#1188400, bsc#1188503, bsc#1188505, bsc#1188551, bsc#1188641,
bsc#1188647, bsc#1188656, bsc#1188853, bsc#1188855, bsc#1189011,
bsc#1189040, bsc#1189167, bsc#1189419, bsc#1189458,
- CVE-2021-40323: Fixed an arbitrary file disclosure/Template
Injection (bsc#1189458)
- CVE-2021-40324: Fixed an arbitrary file write (bsc#1189458)
- CVE-2021-40325: Fixed a problem with the token validation
(bsc#1189458)
- Please note that with these changes, a valid log data from Anamon
(Red Hat Autoinstallation Process) uploaded to cobbler may be rejected.
Release notes for SUSE Manager proxy:
- Update to 4.2.2
* Bugs mentioned bsc#1181223, bsc#1186026, bsc#1188042, bsc#1189011,
bsc#1189263
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2021-3162=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2021-3162=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2021-3162=1
Package List:
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
release-notes-susemanager-4.2.2-3.12.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
release-notes-susemanager-proxy-4.2.2-3.12.1
- SUSE Manager Proxy 4.2 (x86_64):
release-notes-susemanager-proxy-4.2.2-3.12.1
References:
https://www.suse.com/security/cve/CVE-2021-40323.html
https://www.suse.com/security/cve/CVE-2021-40324.html
https://www.suse.com/security/cve/CVE-2021-40325.html
https://bugzilla.suse.com/1171483
https://bugzilla.suse.com/1173143
https://bugzilla.suse.com/1181223
https://bugzilla.suse.com/1186026
https://bugzilla.suse.com/1186281
https://bugzilla.suse.com/1186339
https://bugzilla.suse.com/1187335
https://bugzilla.suse.com/1187549
https://bugzilla.suse.com/1188032
https://bugzilla.suse.com/1188042
https://bugzilla.suse.com/1188136
https://bugzilla.suse.com/1188163
https://bugzilla.suse.com/1188193
https://bugzilla.suse.com/1188260
https://bugzilla.suse.com/1188393
https://bugzilla.suse.com/1188400
https://bugzilla.suse.com/1188503
https://bugzilla.suse.com/1188505
https://bugzilla.suse.com/1188551
https://bugzilla.suse.com/1188641
https://bugzilla.suse.com/1188647
https://bugzilla.suse.com/1188656
https://bugzilla.suse.com/1188853
https://bugzilla.suse.com/1188855
https://bugzilla.suse.com/1189011
https://bugzilla.suse.com/1189040
https://bugzilla.suse.com/1189167
https://bugzilla.suse.com/1189263
https://bugzilla.suse.com/1189419
https://bugzilla.suse.com/1189458
More information about the sle-updates
mailing list