<div class="container">
<h1>Security update 5.0.8 for Multi-Linux Manager Client Tools</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2026:2254-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2026-06-03T14:18:10Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>important</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236516">bsc#1236516</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1238686">bsc#1238686</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248699">bsc#1248699</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248707">bsc#1248707</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1252964">bsc#1252964</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1254619">bsc#1254619</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1257941">bsc#1257941</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1258927">bsc#1258927</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1259208">bsc#1259208</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1261810">bsc#1261810</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/ECO-3319">jsc#ECO-3319</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/MSQA-1052">jsc#MSQA-1052</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-12485">jsc#PED-12485</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-7893">jsc#PED-7893</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/PED-7928">jsc#PED-7928</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2022-21698.html">CVE-2022-21698</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-45288.html">CVE-2023-45288</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-22870.html">CVE-2025-22870</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-21698</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2022-21698</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-45288</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">6.9</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-45288</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">5.3</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-45288</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-22870</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.8</span>
<span class="cvss-vector">CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-22870</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.4</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2025-22870</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">4.4</span>
<span class="cvss-vector">CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Liberty Linux 9.6 EMS</li>
<li class="list-group-item">SUSE Manager Client Tools for RHEL, Liberty and Clones 9</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities, contains five features and has seven security fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update fixes the following issues:</p>
<p>golang-github-QubitProducts-exporter_exporter:</p>
<ul>
<li>
<p>Security Fixes:</p>
</li>
<li>
<p>CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248707)</p>
</li>
</ul>
<p>golang-github-prometheus-node_exporter was updated from version 1.5.0 to 1.10.2:</p>
<ul>
<li>
<p>Security Fixes:</p>
</li>
<li>
<p>Version 1.9.1:</p>
<ul>
<li>CVE-2025-22870: Fixed potential proxy bypass using IPv6 zone IDs (bsc#1238686)</li>
</ul>
</li>
<li>
<p>Version 1.9.0:</p>
<ul>
<li>CVE-2023-45288: Close connections when receiving too many headers (bsc#1236516)</li>
</ul>
</li>
<li>
<p>Highlights of other changes and bug fixes:</p>
</li>
<li>
<p>Backward Compatibility and packaging changes:</p>
<ul>
<li>Added compatibility for Go 1.22/1.23 needed in older RHEL toolchains</li>
<li>Pinned golang.org/x/net to v0.37.0 for Go 1.22 compatibility</li>
</ul>
</li>
<li>
<p>Version 1.10.2:</p>
<ul>
<li>Fixed typo in Zswap metric name (meminfo)</li>
</ul>
</li>
<li>
<p>Version 1.10.1:</p>
<ul>
<li>Fixed mount points being collected multiple times (filesystem)</li>
<li>Refactored mountinfo parsing (bsc#1261810)</li>
<li>Added Zswap/Zswapped metrics (meminfo)</li>
</ul>
</li>
<li>
<p>Version 1.10.0:</p>
<ul>
<li>New collectors: PCIe devices, swaps</li>
<li>Added systemd virtualization metrics, AIX metrics</li>
<li>WiFi packet metrics, additional PCIe and TLB metrics</li>
<li>Changed mdadm to use sysfs, added erofs to excluded filesystems</li>
<li>Fixed bugs: cpufreq collector, ethtool metrics</li>
</ul>
</li>
<li>
<p>Version 1.9.1:</p>
<ul>
<li>Fixed missing IRQ on older kernels (pressure)</li>
</ul>
</li>
<li>
<p>Version 1.9.0 (jsc#PED-12485):</p>
<ul>
<li>Switched to Go log/slog for logging</li>
<li>Converted meminfo to use procfs library</li>
<li>New features: filesystem mount info, Btrfs commit stats, interrupt filtering, slabinfo filters, IRQ PSI metrics,
hwmon filtering, network interface alias labels, GPU clock frequencies, AIX support,</li>
<li>Enhancements: TCP receive queue drop, block device rotational status, CPU online status, performance
optimizations</li>
<li>Fixed: ZFS integer underflow, CPU pressure on limited systems, dataset name parsing</li>
</ul>
</li>
<li>
<p>Version 1.8.x:</p>
<ul>
<li>Fixed CPU pressure metric collection, CPU seconds on Solaris, pressure collector nil reference</li>
</ul>
</li>
<li>
<p>Version 1.8.0:</p>
<ul>
<li>New collectors: xfrm (IPsec), watchdog</li>
<li>Added CPU vulnerability mitigation labels, TCP out-of-order queue metrics, filesystem device error surfacing</li>
<li>Removed caching of os-release file modtime/filename</li>
<li>Fixed: hwmon nil pointer, ethtool metric sanitization, NetClass data race</li>
</ul>
</li>
<li>
<p>Version 1.7.0 (jsc#PED-7893, jsc#PED-7928):</p>
<ul>
<li>New: CPU vulnerabilities reporting from sysfs</li>
<li>Enhancements: parallelized filesystem stat calls, missing link speeds in ethtool, CPU MHz values,
qdisc performance, hwmon filtering, rtnetlink for ARP stats</li>
<li>Fixed: netdev 32-bit fallback, btrfs handle leaks, NFSd v4 index</li>
</ul>
</li>
<li>
<p>Version 1.6.0:</p>
<ul>
<li>Deprecated ntp and supervisord collectors</li>
<li>Removed bcache cache_readaheads_totals metrics</li>
<li>Improved offline CPU handling (removed metrics for offline CPUs)</li>
<li>New: softirqs collector</li>
<li>Enhancements: ZFS zpool states and memory metrics, network interface admin state, CPU frequency governor, reduced
btrfs privileges</li>
<li>Fixed: perf tracefs detection, thermal zone noise, Linux aarch64 interrupts</li>
</ul>
</li>
</ul>
<p>prometheus-postgres_exporter:</p>
<ul>
<li>
<p>Security Fixes:</p>
</li>
<li>
<p>CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter (bsc#1248699) </p>
</li>
</ul>
<p>scap-security-guide:</p>
<ul>
<li>Update the SSG package description </li>
<li>Add SLE16 profiles to the build</li>
<li>Updated to 0.1.79 (jsc#ECO-3319)<ul>
<li>Create SLE16 HIPAA profile</li>
<li>Create SLE16 PCI DSS 4 profile</li>
<li>Use Sequoia in RHEL 10 instead of GPG</li>
<li>New Profile for RHEL10: BSI</li>
<li>Move RHEL Control files to product files</li>
<li>Update RHEL 9 CCN profile</li>
<li>Various updates for SLE 12/15</li>
</ul>
</li>
</ul>
<p>spacecmd:</p>
<ul>
<li>Version 5.0.16-0</li>
<li>Update translation strings</li>
</ul>
<p>uyuni-tools:</p>
<ul>
<li>Version 0.1.39-0</li>
<li>mgrpxy ssh tuning should happen before crypto policies (bsc#1254619)</li>
<li>Fix default value for helm registry (bsc#1258927).</li>
<li>Use static supportconfig name to avoid dynamic search
(bsc#1257941)</li>
<li>Do not nest multiple tarball files and instead collect
all files into one tarball (bsc#1252964)</li>
<li>Show where final tarball was generated (bsc#1259208)</li>
</ul>
<h2>Special Instructions and Notes:</h2>
<ul>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Manager Client Tools for RHEL, Liberty and Clones 9
<br/>
<code>zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2026-2254=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64)
<ul>
<li>golang-github-QubitProducts-exporter_exporter-debuginfo-0.4.0-1.9.1</li>
<li>mgrctl-0.1.39-1.32.1</li>
<li>prometheus-postgres_exporter-0.10.1-1.15.1</li>
<li>mgrctl-debuginfo-0.1.39-1.32.1</li>
<li>golang-github-QubitProducts-exporter_exporter-0.4.0-1.9.1</li>
<li>golang-github-QubitProducts-exporter_exporter-debugsource-0.4.0-1.9.1</li>
</ul>
</li>
<li>
SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le x86_64)
<ul>
<li>golang-github-prometheus-node_exporter-1.10.2-1.12.1</li>
</ul>
</li>
<li>
SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch)
<ul>
<li>mgrctl-zsh-completion-0.1.39-1.32.1</li>
<li>mgrctl-bash-completion-0.1.39-1.32.1</li>
<li>scap-security-guide-redhat-0.1.80-1.44.1</li>
<li>spacecmd-5.0.16-1.61.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2022-21698.html">https://www.suse.com/security/cve/CVE-2022-21698.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-45288.html">https://www.suse.com/security/cve/CVE-2023-45288.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-22870.html">https://www.suse.com/security/cve/CVE-2025-22870.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1236516">https://bugzilla.suse.com/show_bug.cgi?id=1236516</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1238686">https://bugzilla.suse.com/show_bug.cgi?id=1238686</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248699">https://bugzilla.suse.com/show_bug.cgi?id=1248699</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1248707">https://bugzilla.suse.com/show_bug.cgi?id=1248707</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1252964">https://bugzilla.suse.com/show_bug.cgi?id=1252964</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1254619">https://bugzilla.suse.com/show_bug.cgi?id=1254619</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1257941">https://bugzilla.suse.com/show_bug.cgi?id=1257941</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1258927">https://bugzilla.suse.com/show_bug.cgi?id=1258927</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1259208">https://bugzilla.suse.com/show_bug.cgi?id=1259208</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1261810">https://bugzilla.suse.com/show_bug.cgi?id=1261810</a>
</li>
<li>
<a href="https://jira.suse.com/browse/ECO-3319">https://jira.suse.com/browse/ECO-3319</a>
</li>
<li>
<a href="https://jira.suse.com/browse/MSQA-1052">https://jira.suse.com/browse/MSQA-1052</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-12485">https://jira.suse.com/browse/PED-12485</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-7893">https://jira.suse.com/browse/PED-7893</a>
</li>
<li>
<a href="https://jira.suse.com/browse/PED-7928">https://jira.suse.com/browse/PED-7928</a>
</li>
</ul>
</div>