SUSE-RU-2024:0198-1: moderate: Recommended Beta update for SUSE Manager Client Tools

Tue Jan 23 16:30:09 UTC 2024

# Recommended Beta update for SUSE Manager Client Tools

Announcement ID: SUSE-RU-2024:0198-1  
Rating: moderate  
References:

  * bsc#1197507
  * bsc#1198903
  * bsc#1200122
  * bsc#1200149
  * bsc#1200163
  * bsc#1200591
  * bsc#1201003
  * bsc#1203283
  * bsc#1204126
  * bsc#1205207
  * bsc#1205759
  * bsc#1207352
  * bsc#1207830
  * bsc#1208612
  * bsc#1208719
  * bsc#1210458
  * bsc#1213691
  * bsc#1217832
  * jsc#ECO-3319
  * jsc#MSQA-718

Affected Products:

  * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004

An update that contains two features and has 18 fixes can now be installed.

## Description:

This update fixes the following issues:

scap-security-guide:

  * Switch buggy journald plugindir remediation to write into journald.conf.
    (bsc#1217832)
  * Updated to 0.1.70 (jsc#ECO-3319)
  * Add openembedded distro support (#10793)
  * Remove DRAFT wording for OpenShift STIG (#11100)
  * Remove test-function-check_playbook_file_removed_and_added test (#10982)
  * scap-security-guide: Add Poky support (#11046)
  * Updated to 0.1.69 (jsc#ECO-3319)
  * Introduce a JSON build manifest (#10761)
  * Introduce a script to compare ComplianceAsCode versions (#10768)
  * Introduce CCN profiles for RHEL9 (#10860)
  * Map rules to components (#10609)
  * products/anolis23: supports Anolis OS 23 (#10548)
  * Render components to HTML (#10709)
  * Store rendered control files (#10656)
  * Test and use rules to components mapping (#10693)
  * Use distributed product properties (#10554) revert patch that breaks the SLE
    hardening (bsc#1213691)
  * Updated to 0.1.68 (jsc#ECO-3319)
  * Bump OL8 STIG version to V1R6
  * Introduce a Product class, make the project work with it
  * Introduce Fedora and Firefox CaC profiles for common workstation users
  * OL7 DISA STIG v2r11 update
  * Publish rendered policy artifacts
  * Update ANSSI BP-028 to version 2.0
  * Updated to 0.1.67 (jsc#ECO-3319)
  * Add utils/controlrefcheck.py
  * RHEL 9 STIG Update Q1 2023
  * Include warning for NetworkManager keyfiles in RHEL9
  * OL7 stig v2r10 update
  * Bump version of OL8 STIG to V1R5
  * Various enhancements to SLE profiles
  * Updated to 0.1.66 (jsc#ECO-3319)
  * Ubuntu 22.04 CIS
  * OL7 stig v2r9 update
  * Bump OL8 STIG version to V1R4
  * Update RHEL7 STIG to V3R10
  * Update RHEL8 STIG to V1R9
  * Introduce CIS RHEL9 profiles
  * Also various SUSE profile fixes were done
  * Updated to 0.1.65 (jsc#ECO-3319)
  * Introduce cui profile for OL9
  * Remove Support for OVAL 5.10
  * Rename account_passwords_pam_faillock_audit
  * CI ansible hardening and rename of existing Bash hardening
  * Update contributors list for v0.1.65 release
  * various SUSE profile specific fixes
  * Require sudo, as remediations touch sudo config or use sudo.
  * Enable ubuntu 2204 build
  * Updated to 0.1.64 (jsc#ECO-3319)
  * Introduce ol9 stig profile
  * Introduce Ol9 anssi profiles
  * Update RHEL8 STIG to V1R7
  * Introduce e8 profile for OL9
  * Update RHEL7 STIG to V3R8
  * some SUSE profile fixes
  * Added several RPM requires that are needed by the SUSE remediation scripts.
    (e.g. awk is not necessary installed)
  * Updated to 0.1.63 (jsc#ECO-3319)
  * multiple bugfixes in SUSE profiles
  * Expand project guidelines
  * Add Draft OCP4 STIG profile
  * Add anssi_bp28_intermediary profile
  * add products/uos20 to support UnionTech OS Server 20
  * products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
  * Remove WRLinux Products
  * Update CIS RHEL8 Benchmark for v2.0.0
  * Fixed: stig: /etc/shadow group owner should not be root but shadow
    (bsc#1200149)
  * Fixed: sles15_script-stig.sh: remediation_functions: No such file or
    directory (bsc#1200163)
  * Fixed: SLES-15-010130 - The SUSE operating system must initiate a session
    lock after a 15-minute period of inactivity (bsc#1200122)
  * Fix the build for RHEL 7 and clones (python-setuptools is used)
  * Fix the build for RHEL 9 and clones
  * Convert one bash emitter to new jinja method. (bsc#1200163)
  * Add python3-setuptools for all builds (so it is also used on debian and
    centos flavors)
  * Updated to 0.1.62 (jsc#ECO-3319)
  * Update rhel8 stig to v1r6
  * OL7 STIG v2r7 update
  * Initial definition of ANSSI BP28 minmal profile for SLE
  * Updated to 0.1.61 (jsc#ECO-3319)
  * Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
  * Introduce OL9 product
  * Implement handling of logical expressions in platform definitions
  * Bump disk size constraints to 7gb to avoid occasional disk fulls failures.

spacecmd:

  * Version 5.0.1-1
  * Use localhost without ssl when running on the server
  * Version 4.4.10-1
  * Update translation strings
  * Version 4.4.9-1
  * Version 4.4.8-1
  * Add spacecmd function: cryptokey_update
  * Bypass traditional systems check on older SUMA instances (bsc#1208612)
  * fix argument parsing of distribution_update (bsc#1210458)
  * Version 4.4.7-1
  * remove pylint check at build time
  * Display activation key details after executing the corresponding command
    (bsc#1208719)
  * Show targetted packages before actually removing them (bsc#1207830)
  * Version 4.4.6-1
  * Fix spacecmd not showing any output for softwarechannel_diff and
    softwarechannel_errata_diff (bsc#1207352)
  * Version 4.4.5-1
  * Prevent string api parameters to be parsed as dates if not in ISO-8601
    format (bsc#1205759)
  * Add python-dateutil dependency, required to process date values in spacecmd
    api calls
  * Remove python3-simplejson dependency
  * Version 4.4.4-1
  * Correctly understand 'ssm' keyword on scap scheduling
  * Add vendor_advisory information to errata_details call (bsc#1205207)
  * Change default port of "Containerized Proxy configuration" 8022
  * Version 4.4.3-1
  * Added two missing options to schedule product migration: allow-vendor-change
    and remove-products-without-successor (bsc#1204126)
  * Changed schedule product migration to use the correct API method
  * Fix dict_keys not supporting indexing in systems_setconfigchannelorger
  * Added a warning message for traditional stack deprecation
  * Remove "Undefined return code" from debug messages (bsc#1203283)
  * Version 4.4.2-1
  * Stop always showing help for valid proxy_container_config calls
  * Version 4.4.1-1
  * Process date values in spacecmd api calls (bsc#1198903)
  * Improve Proxy FQDN hint message
  * Version 4.3.14-1
  * Fix missing argument on system_listmigrationtargets (bsc#1201003)
  * Show correct help on calling kickstart_importjson with no arguments
  * Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
  * Change proxy container config default filename to end with tar.gz
  * Version 4.3.13-1
  * Update translation strings
  * Version 4.3.12-1
  * Update translation strings
  * Version 4.3.11-1
  * on full system update call schedulePackageUpdate API (bsc#1197507)

## Special Instructions and Notes:

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004  
    zypper in -t patch SUSE-Ubuntu-20.04-CLIENT-TOOLS-BETA-2024-198=1

## Package List:

  * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 (all)
    * spacecmd-5.0.1-2.36.1
    * scap-security-guide-ubuntu-0.1.70-2.15.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1197507
  * https://bugzilla.suse.com/show_bug.cgi?id=1198903
  * https://bugzilla.suse.com/show_bug.cgi?id=1200122
  * https://bugzilla.suse.com/show_bug.cgi?id=1200149
  * https://bugzilla.suse.com/show_bug.cgi?id=1200163
  * https://bugzilla.suse.com/show_bug.cgi?id=1200591
  * https://bugzilla.suse.com/show_bug.cgi?id=1201003
  * https://bugzilla.suse.com/show_bug.cgi?id=1203283
  * https://bugzilla.suse.com/show_bug.cgi?id=1204126
  * https://bugzilla.suse.com/show_bug.cgi?id=1205207
  * https://bugzilla.suse.com/show_bug.cgi?id=1205759
  * https://bugzilla.suse.com/show_bug.cgi?id=1207352
  * https://bugzilla.suse.com/show_bug.cgi?id=1207830
  * https://bugzilla.suse.com/show_bug.cgi?id=1208612
  * https://bugzilla.suse.com/show_bug.cgi?id=1208719
  * https://bugzilla.suse.com/show_bug.cgi?id=1210458
  * https://bugzilla.suse.com/show_bug.cgi?id=1213691
  * https://bugzilla.suse.com/show_bug.cgi?id=1217832
  * https://jira.suse.com/browse/ECO-3319
  * https://jira.suse.com/browse/MSQA-718

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240123/7ead7d3c/attachment.htm>