SUSE-SU-2026:2768-1: important: Security update 5.1.4 for Multi-Linux Manager Client Tools
SLE-UPDATES
null at suse.de
Mon Jul 6 12:36:07 UTC 2026
# Security update 5.1.4 for Multi-Linux Manager Client Tools
Announcement ID: SUSE-SU-2026:2768-1
Release Date: 2026-07-06T07:48:37Z
Rating: important
References:
* bsc#1227579
* bsc#1229105
* bsc#1232641
* bsc#1248699
* bsc#1248707
* bsc#1249400
* bsc#1249532
* bsc#1253174
* bsc#1259739
* bsc#1260806
* bsc#1260870
* bsc#1260905
* bsc#1261810
* bsc#1261902
* bsc#1262222
* bsc#1262409
* bsc#1262708
* bsc#1262760
* bsc#1262950
* bsc#1263157
* bsc#1263501
* bsc#1263823
* bsc#1263986
* bsc#1263987
* bsc#1265281
* bsc#1265282
* bsc#1265283
* bsc#1265284
* bsc#1265285
* bsc#1265286
* bsc#1265287
* bsc#1265288
* bsc#1265289
* bsc#1265290
* bsc#1266012
* bsc#1266556
* bsc#1266600
* bsc#1266608
* bsc#1267153
* jsc#MSQA-1056
* jsc#PED-14816
Cross-References:
* CVE-2022-21698
* CVE-2026-25680
* CVE-2026-25681
* CVE-2026-27136
* CVE-2026-28374
* CVE-2026-28376
* CVE-2026-28379
* CVE-2026-28380
* CVE-2026-28383
* CVE-2026-33376
* CVE-2026-33377
* CVE-2026-33378
* CVE-2026-33380
* CVE-2026-33381
* CVE-2026-34986
* CVE-2026-39821
* CVE-2026-40179
* CVE-2026-41602
* CVE-2026-42151
* CVE-2026-42154
* CVE-2026-42502
* CVE-2026-42506
CVSS scores:
* CVE-2022-21698 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-21698 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25680 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-25680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-25680 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-25681 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-25681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-25681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-27136 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-27136 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-27136 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-28374 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-28374 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-28374 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-28376 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28376 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28376 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28379 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28379 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28379 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28380 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-28380 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-28380 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2026-28383 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-28383 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-28383 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33376 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33376 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33376 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33377 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33377 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-33377 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
* CVE-2026-33378 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33378 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33378 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-33380 ( SUSE ): 7.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2026-33380 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2026-33380 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2026-33380 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-33381 ( SUSE ): 7.4
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33381 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33381 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33381 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-34986 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-39821 ( SUSE ): 9.1
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39821 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-39821 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-39821 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-40179 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-40179 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-40179 ( NVD ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-40179 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-41602 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-41602 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-41602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42151 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-42151 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-42154 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42154 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42502 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42502 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42502 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42506 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2026-42506 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2026-42506 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15
* SUSE Linux Enterprise Desktop 15 SP1
* SUSE Linux Enterprise Desktop 15 SP2
* SUSE Linux Enterprise Desktop 15 SP3
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.0
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP1
* SUSE Linux Enterprise Real Time 15 SP2
* SUSE Linux Enterprise Real Time 15 SP3
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Multi-Linux Manager Client Tools for SLE 15
* SUSE Multi-Linux Manager Client Tools for SLE Micro 5
An update that solves 22 vulnerabilities, contains two features and has 17
security fixes can now be installed.
## Description:
This update fixes the following issues:
dracut-saltboot updated to version 1.2.1:
* Key Update Highlights (v1.2.1)
* Added wait check for minion start (default 10s), configurable using
rd.saltboot.salt_start_timeout option (bsc#1260870)
* Decouple salt key wait check to use separate configurable option
rd.saltboot.salt_key_timeout, with default 60s
* Introduce rd.saltboot namespace for all options, mark old as deprecated
golang-github-QubitProducts-exporter_exporter:
* Security issues fixed:
* CVE-2022-21698: Fixed prometheus/client_golang possible denial of service
using InstrumentHandlerCounter (bsc#1248699)
golang-github-boynux-squid_exporter:
* Non customer facing changes
golang-github-lusitaniae-apache_exporter:
* Non customer facing changes
golang-github-prometheus-alertmanager:
* Non customer facing changes
golang-github-prometheus-node_exporter updated to version 1.10.2:
* Key Update Highlights (v1.10.0 to v1.10.2):
* New Collectors: Added new collectors for PCIe devices and swaps.
* New Metrics: Introduced metrics for Zswap/Zswapped, Systemd Virtualization,
and WiFi packets (received/transmitted)
* Bug Fixes: Resolved a duplicate collection bug in filesystem mount points,
fixed a Zswap metric typo, and patched a logging race condition in systemd.
* Changes: Switched mdadm to use sysfs for RAID metrics, and added erofs to
the default excluded filesystems list.
* Internal Refactoring: filesystem mountinfo parsing refactor (bsc#1261810)
golang-github-prometheus-prometheus updated to version 3.5.3:
* Security issues fixed:
* CVE-2026-42151: AzureAD remote write: Fixed OAuth client_secret being
exposed in plaintext via /-/config endpoint (v3.5.3) (bsc#1263986)
* CVE-2026-42154: Remote-read: Reject snappy-compressed requests whose
declared decoded length exceeds the limit (v3.5.3) (bsc#1263987)
* CVE-2026-40179: UI: Fixed stored XSS via unescaped le label values in old UI
heatmap chart tick labels (v3.5.2) (bsc#1262222).
* CVE-2026-39821: Fixed validation bypass and privilege escalation by updating
golang.org/x/net to version 0.55.0 (backported patch) (bsc#1266608)
* Other changes:
* Remote-Write: Reject snappy-compressed requests whose declared decoded
length exceeds the decode limit (v3.5.3)
* Use systemd tmpfiles.d to create /var/lib/prometheus hierarchy
(jsc#PED-14816)
* Internal update with non customer facing changes (v3.5.1)
grafana updated to version 11.6.14+security-04:
* Security issues fixed in v11.6.14+security-04:
* CVE-2026-28374: Fixed insecure direct object reference in Annotations API
(bsc#1265290)
* CVE-2026-28376: Fixed unbounded memory allocation in Grafana Live push
endpoint (bsc#1265289)
* CVE-2026-28383: Fixed unbounded memory allocation in Grafana plugin
resources (bsc#1265286)
* CVE-2026-28380: Fixed broken access control in Snapshot API (bsc#1265287)
* CVE-2026-33376: Fixed Auth Proxy IPv6 whitelist bypass (bsc#1265285)
* CVE-2026-28379: Fixed viewer-triggered race condition in Grafana Live
(bsc#1265288)
* CVE-2026-33377: Fixed dashboard Editor Privilege Escalation (bsc#1265284)
* CVE-2026-33378: Fixed OOM exception in Grafana Data Source Plugin
(bsc#1265283)
* CVE-2026-33381: Prevent users from generating Service Account tokens after
permissions removal (bsc#1265281)
* CVE-2026-33380: Fixed vulnerability in SQL Expressions allowing an
authenticated attacker to read arbitrary files from the Grafana server’s
filesystem (bsc#1265282)
* Security issues fixed through backported patches:
* CVE-2026-39821: Fixed validation bypass and privilege escalation by updating
golang.org/x/net to version 0.55.0 (bsc#1266600)
* CVE-2026-34986: Fixed panic in JWE decryption (bsc#1262950)
* CVE-2026-41602: Fixed Integer Overflow or Wraparound vulnerability in Apache
Thrift (bsc#1263501)
* CVE-2026-25680, CVE-2026-42502, CVE-2026-27136, CVE-2026-25681,
CVE-2026-42506: Fixed multiple issues when parsing HTML files (bsc#1267153)
mgr-push updated to version 5.2.4:
* Internal updates with no customer facing changes across versions (v5.2.1-0
to v5.2.4-0)
prometheus-blackbox_exporter:
* Security issues fixed:
* CVE-2026-39821: Fixed validation bypass and privilege escalation by updating
golang.org/x/net to version 0.55.0 (bsc#1266556)
prometheus-postgres_exporter:
* Security issues fixed:
* CVE-2022-21698: Fixed prometheus/client_golang possible denial of service
using InstrumentHandlerCounter (bsc#1248699)
rhnlib updated to version 5.2.5:
* Internal updates with non customer facing changes across versions (v5.2.1-0
to v5.2.5-0)
spacecmd updated to version 5.2.8:
* Key Update Highlights (v5.2.3-0):
* Fixed typo in spacecmd help ca-cert flag (bsc#1253174)
* Add subcommand to check if reboot is needed after applying all available
patches
* Key Update Highlights (v5.2.1-0):
* Use JSON instead of pickle for spacecmd cache (bsc#1227579)
* Fixed methods in api namespace in spacecmd (bsc#1249532)
* Other changes (v5.2.2-0 to 5.2.8-0):
* Translation strings updates
* Internal updates with non customer facing changes
spacewalk-client-tools updated to version 5.2.6:
* Internal updates with non customer facing changes across versions (v5.2.1-0
to v5.2.6-0)
supportutils-plugin-salt:
* Non customer facing changes
supportutils-plugin-susemanager-client updated to version 5.2.3:
* Internal updates with non customer facing changes across versions (v5.2.1-0
to v5.2.3-0)
uyuni-tools updated to version 5.2.12:
* Key Update Highlights (v5.2.11-0)
* Improved pod readiness checks (bsc#1266012)
* Key Update Highlights (v5.2.10-0)
* Preserve hub replicas during upgrade (bsc#1262708)
* Added mgrctl "ssh" and "ssh remove_known_host" commands
* Fixed startup checks for main server container (bsc#1263157)
* Fixed service dependencies (bsc#1263823)
* Updated default tag to 5.1.3.1 (bsc#1262760)
* Fixed missing registry for db image (bsc#1259739)
* Internal SANs for db and reportdb are no longer required
* Generate the same certificate for server and reportdb
* Fixed Report DB CA certificate (bsc#1260806)
* Removed waitForTraefik function (bsc#1261902)
* Key Update Highlights (v5.2.8-0)
* Generate service template only after secrets are created
* Key Update Highlights (v5.2.7-0)
* Admin secrets no longer required on upgrades (bsc#1262409)
* Key Update Highlights (v5.2.6-0):
* Use podman secrets for SSL on proxy
* Fixed database online backup
* mgrctl copy command now infers target name automatically
* Restored TFTP port to proxy (bsc#1260905)
* TFTP disabled by default on server
* Fixed incorrect package dependencies declaration (bsc#1229105)
* Prevent cobbler port from being exposed
* Bumped zerolog to 1.34
* Ignore spacewalk-service stop return code.
* Stop automatically unhealthy container
* Use container based server setup instead tools bundled one
* Key Update Highlights (v5.2.5-0)
* Removed migrate command
* Removed hub register command
* Split TFTP server into separate container
* Removed Kubernetes install/upgrade from mgrpxy
* Key Update Highlights (v5.2.1-0)
* Fixed --dbupgrade-tag parameter (bsc#1249400)
* Added --registry-host, --registry-user, --registry-password options
* Deprecated --registry option
* Added SUSE Linux Enterprise 15 SP7 support
* Migrated custom SSL CA certificates (bsc#1232641)
* Other changes (v5.2.1-0 to v5.2.12-0):
* Translation strings updates
* Internal updates with version bump but without customer facing changes
uyuni-common-libs updated to version 5.2.5:
* Key Update Highlights (v5.2.5-0):
* Cleaned up the checksum module by removing legacy MD5/SHA1 fallback imports
in favor of using standard hashlib directly
* Other changes:
* Internal updates with non customer facing changes across versions (v5.2.1-0
to v5.2.5-0)
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Multi-Linux Manager Client Tools for SLE Micro 5
zypper in -t patch SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-2768=1
* SUSE Multi-Linux Manager Client Tools for SLE 15
zypper in -t patch SUSE-MultiLinuxManagerTools-SLE-15-2026-2768=1
## Package List:
* SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (aarch64 ppc64le s390x
x86_64)
* mgrctl-5.2.12-150002.3.17.1
* golang-github-prometheus-node_exporter-1.10.2-150002.3.6.2
* golang-github-prometheus-node_exporter-debuginfo-1.10.2-150002.3.6.2
* mgrctl-debuginfo-5.2.12-150002.3.17.1
* SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (noarch)
* mgrctl-zsh-completion-5.2.12-150002.3.17.1
* mgrctl-lang-5.2.12-150002.3.17.1
* dracut-saltboot-1.2.1-150002.3.9.1
* mgrctl-bash-completion-5.2.12-150002.3.17.1
* SUSE Multi-Linux Manager Client Tools for SLE 15 (aarch64 ppc64le s390x
x86_64)
* golang-github-prometheus-node_exporter-1.10.2-150002.3.6.2
* prometheus-blackbox_exporter-0.26.0-150002.3.11.1
* grafana-debuginfo-11.6.14+security04-150002.4.21.1
* golang-github-prometheus-prometheus-debuginfo-3.5.3-150002.3.13.1
* grafana-11.6.14+security04-150002.4.21.1
* golang-github-prometheus-alertmanager-0.28.1-150002.4.11.1
* golang-github-lusitaniae-apache_exporter-debuginfo-1.0.10-150002.3.9.2
* golang-github-prometheus-prometheus-3.5.3-150002.3.13.1
* golang-github-prometheus-node_exporter-debuginfo-1.10.2-150002.3.6.2
* golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.6.2
* prometheus-postgres_exporter-0.10.1-150002.3.3.2
* golang-github-prometheus-alertmanager-debuginfo-0.28.1-150002.4.11.1
* prometheus-postgres_exporter-debuginfo-0.10.1-150002.3.3.2
* mgrctl-debuginfo-5.2.12-150002.3.17.1
* golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.9.2
* golang-github-boynux-squid_exporter-1.13.0-150002.3.6.2
* firewalld-prometheus-config-0.1-150002.3.13.1
* golang-github-boynux-squid_exporter-debuginfo-1.13.0-150002.3.6.2
* mgrctl-5.2.12-150002.3.17.1
* SUSE Multi-Linux Manager Client Tools for SLE 15 (noarch)
* python3-mgr-push-5.2.4-150002.3.9.1
* python3-spacewalk-client-tools-5.2.6-150002.3.9.1
* mgrctl-zsh-completion-5.2.12-150002.3.17.1
* python3-defusedxml-0.7.1-150002.1.3.1
* spacecmd-5.2.8-150002.3.12.1
* supportutils-plugin-susemanager-client-5.2.3-150002.3.9.1
* dracut-saltboot-1.2.1-150002.3.9.1
* python3-uyuni-common-libs-5.2.5-150002.3.6.1
* mgr-push-5.2.4-150002.3.9.1
* mgrctl-bash-completion-5.2.12-150002.3.17.1
* mgrctl-lang-5.2.12-150002.3.17.1
* spacewalk-client-tools-5.2.6-150002.3.9.1
* python3-rhnlib-5.2.5-150002.3.9.1
* supportutils-plugin-salt-1.2.3-150002.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2022-21698.html
* https://www.suse.com/security/cve/CVE-2026-25680.html
* https://www.suse.com/security/cve/CVE-2026-25681.html
* https://www.suse.com/security/cve/CVE-2026-27136.html
* https://www.suse.com/security/cve/CVE-2026-28374.html
* https://www.suse.com/security/cve/CVE-2026-28376.html
* https://www.suse.com/security/cve/CVE-2026-28379.html
* https://www.suse.com/security/cve/CVE-2026-28380.html
* https://www.suse.com/security/cve/CVE-2026-28383.html
* https://www.suse.com/security/cve/CVE-2026-33376.html
* https://www.suse.com/security/cve/CVE-2026-33377.html
* https://www.suse.com/security/cve/CVE-2026-33378.html
* https://www.suse.com/security/cve/CVE-2026-33380.html
* https://www.suse.com/security/cve/CVE-2026-33381.html
* https://www.suse.com/security/cve/CVE-2026-34986.html
* https://www.suse.com/security/cve/CVE-2026-39821.html
* https://www.suse.com/security/cve/CVE-2026-40179.html
* https://www.suse.com/security/cve/CVE-2026-41602.html
* https://www.suse.com/security/cve/CVE-2026-42151.html
* https://www.suse.com/security/cve/CVE-2026-42154.html
* https://www.suse.com/security/cve/CVE-2026-42502.html
* https://www.suse.com/security/cve/CVE-2026-42506.html
* https://bugzilla.suse.com/show_bug.cgi?id=1227579
* https://bugzilla.suse.com/show_bug.cgi?id=1229105
* https://bugzilla.suse.com/show_bug.cgi?id=1232641
* https://bugzilla.suse.com/show_bug.cgi?id=1248699
* https://bugzilla.suse.com/show_bug.cgi?id=1248707
* https://bugzilla.suse.com/show_bug.cgi?id=1249400
* https://bugzilla.suse.com/show_bug.cgi?id=1249532
* https://bugzilla.suse.com/show_bug.cgi?id=1253174
* https://bugzilla.suse.com/show_bug.cgi?id=1259739
* https://bugzilla.suse.com/show_bug.cgi?id=1260806
* https://bugzilla.suse.com/show_bug.cgi?id=1260870
* https://bugzilla.suse.com/show_bug.cgi?id=1260905
* https://bugzilla.suse.com/show_bug.cgi?id=1261810
* https://bugzilla.suse.com/show_bug.cgi?id=1261902
* https://bugzilla.suse.com/show_bug.cgi?id=1262222
* https://bugzilla.suse.com/show_bug.cgi?id=1262409
* https://bugzilla.suse.com/show_bug.cgi?id=1262708
* https://bugzilla.suse.com/show_bug.cgi?id=1262760
* https://bugzilla.suse.com/show_bug.cgi?id=1262950
* https://bugzilla.suse.com/show_bug.cgi?id=1263157
* https://bugzilla.suse.com/show_bug.cgi?id=1263501
* https://bugzilla.suse.com/show_bug.cgi?id=1263823
* https://bugzilla.suse.com/show_bug.cgi?id=1263986
* https://bugzilla.suse.com/show_bug.cgi?id=1263987
* https://bugzilla.suse.com/show_bug.cgi?id=1265281
* https://bugzilla.suse.com/show_bug.cgi?id=1265282
* https://bugzilla.suse.com/show_bug.cgi?id=1265283
* https://bugzilla.suse.com/show_bug.cgi?id=1265284
* https://bugzilla.suse.com/show_bug.cgi?id=1265285
* https://bugzilla.suse.com/show_bug.cgi?id=1265286
* https://bugzilla.suse.com/show_bug.cgi?id=1265287
* https://bugzilla.suse.com/show_bug.cgi?id=1265288
* https://bugzilla.suse.com/show_bug.cgi?id=1265289
* https://bugzilla.suse.com/show_bug.cgi?id=1265290
* https://bugzilla.suse.com/show_bug.cgi?id=1266012
* https://bugzilla.suse.com/show_bug.cgi?id=1266556
* https://bugzilla.suse.com/show_bug.cgi?id=1266600
* https://bugzilla.suse.com/show_bug.cgi?id=1266608
* https://bugzilla.suse.com/show_bug.cgi?id=1267153
* https://jira.suse.com/browse/MSQA-1056
* https://jira.suse.com/browse/PED-14816
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20260706/45265321/attachment.htm>
More information about the sle-updates
mailing list