SUSE-RU-2022:2145-1: moderate: Recommended update for SUSE Manager Proxy 4.1

Tue Jun 21 10:24:06 UTC 2022

   SUSE Recommended Update: Recommended update for SUSE Manager Proxy 4.1
______________________________________________________________________________

Announcement ID:    SUSE-RU-2022:2145-1
Rating:             moderate
References:         #1190535 #1193238 #1194447 #1194594 #1194909 
                    #1196338 #1196704 #1199142 #1199528 SLE-24238 
                    SLE-24239 
Affected Products:
                    SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1
                    SUSE Manager Proxy 4.1
______________________________________________________________________________

   An update that solves one vulnerability, contains two
   features and has 8 fixes is now available.

Description:

   This update fixes the following issues:

   golang-github-QubitProducts-exporter_exporter:

   - Adapted to build on Enterprise Linux.
   - Fix build for Red Hat 7
   - Require Go >= 1.14 also for CentOS
   - Add support for CentOS
   - Replace %{?systemd_requires} with %{?systemd_ordering}

   golang-github-lusitaniae-apache_exporter:

   - Require building with Go 1.15
   - Add %license macro for LICENSE file

   golang-github-prometheus-node_exporter:

   - CVE-2022-21698: Update vendor tarball with prometheus/client_golang
     1.11.1 (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)
   - Update to 1.3.0
     * [CHANGE] Add path label to rapl collector #2146
     * [CHANGE] Exclude filesystems under /run/credentials #2157
     * [CHANGE] Add TCPTimeouts to netstat default filter #2189
     * [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771
     * [FEATURE] Add darwin powersupply collector #1777
     * [FEATURE] Add support for monitoring GPUs on Linux #1998
     * [FEATURE] Add Darwin thermal collector #2032
     * [FEATURE] Add os release collector #2094
     * [FEATURE] Add netdev.address-info collector #2105
     * [FEATURE] Add clocksource metrics to time collector #2197
     * [ENHANCEMENT] Support glob textfile collector directories #1985
     * [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080
     * [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165
     * [ENHANCEMENT] Add flag to disable guest CPU metrics #2123
     * [ENHANCEMENT] Add DMI collector #2131
     * [ENHANCEMENT] Add threads metrics to processes collector #2164
     * [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector
       #2169
     * [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189
     * [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208
     * [BUGFIX] ethtool: Sanitize metric names #2093
     * [BUGFIX] Fix ethtool collector for multiple interfaces #2126
     * [BUGFIX] Fix possible panic on macOS #2133
     * [BUGFIX] Collect flag_info and bug_info only for one core #2156
     * [BUGFIX] Prevent duplicate ethtool metric names #2187
   - Update to 1.2.2
     * Bug fixes Fix processes collector long int parsing #2112
   - Update to 1.2.1
     * Removed Remove obsolete capture permission denied error patch already
       included upstream Fix zoneinfo parsing prometheus/procfs#386 Fix nvme
       collector log noise #2091 Fix rapl collector log noise #2092
   - Update to 1.2.0
     * Changes Rename filesystem collector flags to match other collectors
       #2012 Make node_exporter print usage to STDOUT #203
     * Features Add conntrack statistics metrics #1155 Add ethtool stats
       collector #1832 Add flag to ignore network speed if it is unknown
       #1989 Add tapestats collector for Linux #2044 Add nvme collector #2062
     * Enhancements Add ErrorLog plumbing to promhttp #1887 Add more
       Infiniband counters #2019 netclass: retrieve interface names and
       filter before parsing #2033 Add time zone offset metric #2060 Handle
       errors from disabled PSI subsystem #1983 Fix panic when using
       backwards compatible flags #2000 Fix wrong value for OpenBSD memory
       buffer cache #2015 Only initiate collectors once #2048 Handle small
       backwards jumps in CPU idle #2067
   - Apply patch to capture permission denied error for "energy_uj" file
     (bsc#1190535) from https://github.com/prometheus/node_exporter/pull/2092

   patterns-suse-manager:

   - Golang-github-wrouesnel-postgres_exporter was renamed to
     prometheus-postgres_exporter

   spacecmd:

   - Version 4.1.18-1
     * implement system.bootstrap (bsc#1194909)

   spacewalk-backend:

   - Version 4.1.31-1
     * Fix traceback on calling spacewalk-repo-sync --show-packages
       (bsc#1193238)
     * Fix virt_notify SQL syntax error (bsc#1199528)
     * Do not raise error on file:// based DEB repo when looking for
       alternative Release files (bsc#1199142)
     * Improve parsing deb packages dependencies (bsc#1194594)
     * Fix reposync update notice formatting and date parsing (bsc#1194447)
     * implement more decompression algorithms for reposync (bsc#1196704)

   spacewalk-web:

   - Version 4.1.33-1
     * Added support for end of life notifications

   How to apply this update:

   1. Log in as root user to the SUSE Manager proxy. 2. Stop the proxy
   service: spacewalk-proxy stop 3. Apply the patch using either zypper patch
   or YaST Online Update. 4. Start the Spacewalk service: spacewalk-proxy
   start

Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1:

      zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-2145=1

Package List:

   - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (noarch):

      spacecmd-4.1.18-150200.4.39.3
      spacewalk-backend-4.1.31-150200.4.50.4
      spacewalk-base-minimal-4.1.34-150200.3.47.6
      spacewalk-base-minimal-config-4.1.34-150200.3.47.6

   - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (x86_64):

      golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2
      golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2
      golang-github-lusitaniae-apache_exporter-debuginfo-0.7.0-150200.2.6.2
      golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3
      patterns-suma_proxy-4.1-150200.6.12.2

References:

   https://www.suse.com/security/cve/CVE-2022-21698.html
   https://bugzilla.suse.com/1190535
   https://bugzilla.suse.com/1193238
   https://bugzilla.suse.com/1194447
   https://bugzilla.suse.com/1194594
   https://bugzilla.suse.com/1194909
   https://bugzilla.suse.com/1196338
   https://bugzilla.suse.com/1196704
   https://bugzilla.suse.com/1199142
   https://bugzilla.suse.com/1199528