SUSE-RU-2024:0198-1: moderate: Recommended Beta update for SUSE Manager Client Tools
SUSE-MANAGER-UPDATES
null at suse.de
Tue Jan 23 20:30:05 UTC 2024
# Recommended Beta update for SUSE Manager Client Tools
Announcement ID: SUSE-RU-2024:0198-1
Rating: moderate
References:
* bsc#1197507
* bsc#1198903
* bsc#1200122
* bsc#1200149
* bsc#1200163
* bsc#1200591
* bsc#1201003
* bsc#1203283
* bsc#1204126
* bsc#1205207
* bsc#1205759
* bsc#1207352
* bsc#1207830
* bsc#1208612
* bsc#1208719
* bsc#1210458
* bsc#1213691
* bsc#1217832
* jsc#ECO-3319
* jsc#MSQA-718
Affected Products:
* SUSE Manager Client Tools Beta for Ubuntu 20.04 2004
An update that contains two features and has 18 fixes can now be installed.
## Description:
This update fixes the following issues:
scap-security-guide:
* Switch buggy journald plugindir remediation to write into journald.conf.
(bsc#1217832)
* Updated to 0.1.70 (jsc#ECO-3319)
* Add openembedded distro support (#10793)
* Remove DRAFT wording for OpenShift STIG (#11100)
* Remove test-function-check_playbook_file_removed_and_added test (#10982)
* scap-security-guide: Add Poky support (#11046)
* Updated to 0.1.69 (jsc#ECO-3319)
* Introduce a JSON build manifest (#10761)
* Introduce a script to compare ComplianceAsCode versions (#10768)
* Introduce CCN profiles for RHEL9 (#10860)
* Map rules to components (#10609)
* products/anolis23: supports Anolis OS 23 (#10548)
* Render components to HTML (#10709)
* Store rendered control files (#10656)
* Test and use rules to components mapping (#10693)
* Use distributed product properties (#10554) revert patch that breaks the SLE
hardening (bsc#1213691)
* Updated to 0.1.68 (jsc#ECO-3319)
* Bump OL8 STIG version to V1R6
* Introduce a Product class, make the project work with it
* Introduce Fedora and Firefox CaC profiles for common workstation users
* OL7 DISA STIG v2r11 update
* Publish rendered policy artifacts
* Update ANSSI BP-028 to version 2.0
* Updated to 0.1.67 (jsc#ECO-3319)
* Add utils/controlrefcheck.py
* RHEL 9 STIG Update Q1 2023
* Include warning for NetworkManager keyfiles in RHEL9
* OL7 stig v2r10 update
* Bump version of OL8 STIG to V1R5
* Various enhancements to SLE profiles
* Updated to 0.1.66 (jsc#ECO-3319)
* Ubuntu 22.04 CIS
* OL7 stig v2r9 update
* Bump OL8 STIG version to V1R4
* Update RHEL7 STIG to V3R10
* Update RHEL8 STIG to V1R9
* Introduce CIS RHEL9 profiles
* Also various SUSE profile fixes were done
* Updated to 0.1.65 (jsc#ECO-3319)
* Introduce cui profile for OL9
* Remove Support for OVAL 5.10
* Rename account_passwords_pam_faillock_audit
* CI ansible hardening and rename of existing Bash hardening
* Update contributors list for v0.1.65 release
* various SUSE profile specific fixes
* Require sudo, as remediations touch sudo config or use sudo.
* Enable ubuntu 2204 build
* Updated to 0.1.64 (jsc#ECO-3319)
* Introduce ol9 stig profile
* Introduce Ol9 anssi profiles
* Update RHEL8 STIG to V1R7
* Introduce e8 profile for OL9
* Update RHEL7 STIG to V3R8
* some SUSE profile fixes
* Added several RPM requires that are needed by the SUSE remediation scripts.
(e.g. awk is not necessary installed)
* Updated to 0.1.63 (jsc#ECO-3319)
* multiple bugfixes in SUSE profiles
* Expand project guidelines
* Add Draft OCP4 STIG profile
* Add anssi_bp28_intermediary profile
* add products/uos20 to support UnionTech OS Server 20
* products/alinux3: Add CIS Alibaba Cloud Linux 3 profiles
* Remove WRLinux Products
* Update CIS RHEL8 Benchmark for v2.0.0
* Fixed: stig: /etc/shadow group owner should not be root but shadow
(bsc#1200149)
* Fixed: sles15_script-stig.sh: remediation_functions: No such file or
directory (bsc#1200163)
* Fixed: SLES-15-010130 - The SUSE operating system must initiate a session
lock after a 15-minute period of inactivity (bsc#1200122)
* Fix the build for RHEL 7 and clones (python-setuptools is used)
* Fix the build for RHEL 9 and clones
* Convert one bash emitter to new jinja method. (bsc#1200163)
* Add python3-setuptools for all builds (so it is also used on debian and
centos flavors)
* Updated to 0.1.62 (jsc#ECO-3319)
* Update rhel8 stig to v1r6
* OL7 STIG v2r7 update
* Initial definition of ANSSI BP28 minmal profile for SLE
* Updated to 0.1.61 (jsc#ECO-3319)
* Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7
* Introduce OL9 product
* Implement handling of logical expressions in platform definitions
* Bump disk size constraints to 7gb to avoid occasional disk fulls failures.
spacecmd:
* Version 5.0.1-1
* Use localhost without ssl when running on the server
* Version 4.4.10-1
* Update translation strings
* Version 4.4.9-1
* Version 4.4.8-1
* Add spacecmd function: cryptokey_update
* Bypass traditional systems check on older SUMA instances (bsc#1208612)
* fix argument parsing of distribution_update (bsc#1210458)
* Version 4.4.7-1
* remove pylint check at build time
* Display activation key details after executing the corresponding command
(bsc#1208719)
* Show targetted packages before actually removing them (bsc#1207830)
* Version 4.4.6-1
* Fix spacecmd not showing any output for softwarechannel_diff and
softwarechannel_errata_diff (bsc#1207352)
* Version 4.4.5-1
* Prevent string api parameters to be parsed as dates if not in ISO-8601
format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in spacecmd
api calls
* Remove python3-simplejson dependency
* Version 4.4.4-1
* Correctly understand 'ssm' keyword on scap scheduling
* Add vendor_advisory information to errata_details call (bsc#1205207)
* Change default port of "Containerized Proxy configuration" 8022
* Version 4.4.3-1
* Added two missing options to schedule product migration: allow-vendor-change
and remove-products-without-successor (bsc#1204126)
* Changed schedule product migration to use the correct API method
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
* Added a warning message for traditional stack deprecation
* Remove "Undefined return code" from debug messages (bsc#1203283)
* Version 4.4.2-1
* Stop always showing help for valid proxy_container_config calls
* Version 4.4.1-1
* Process date values in spacecmd api calls (bsc#1198903)
* Improve Proxy FQDN hint message
* Version 4.3.14-1
* Fix missing argument on system_listmigrationtargets (bsc#1201003)
* Show correct help on calling kickstart_importjson with no arguments
* Fix tracebacks on spacecmd kickstart_export (bsc#1200591)
* Change proxy container config default filename to end with tar.gz
* Version 4.3.13-1
* Update translation strings
* Version 4.3.12-1
* Update translation strings
* Version 4.3.11-1
* on full system update call schedulePackageUpdate API (bsc#1197507)
## Special Instructions and Notes:
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Manager Client Tools Beta for Ubuntu 20.04 2004
zypper in -t patch SUSE-Ubuntu-20.04-CLIENT-TOOLS-BETA-2024-198=1
## Package List:
* SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 (all)
* scap-security-guide-ubuntu-0.1.70-2.15.1
* spacecmd-5.0.1-2.36.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1197507
* https://bugzilla.suse.com/show_bug.cgi?id=1198903
* https://bugzilla.suse.com/show_bug.cgi?id=1200122
* https://bugzilla.suse.com/show_bug.cgi?id=1200149
* https://bugzilla.suse.com/show_bug.cgi?id=1200163
* https://bugzilla.suse.com/show_bug.cgi?id=1200591
* https://bugzilla.suse.com/show_bug.cgi?id=1201003
* https://bugzilla.suse.com/show_bug.cgi?id=1203283
* https://bugzilla.suse.com/show_bug.cgi?id=1204126
* https://bugzilla.suse.com/show_bug.cgi?id=1205207
* https://bugzilla.suse.com/show_bug.cgi?id=1205759
* https://bugzilla.suse.com/show_bug.cgi?id=1207352
* https://bugzilla.suse.com/show_bug.cgi?id=1207830
* https://bugzilla.suse.com/show_bug.cgi?id=1208612
* https://bugzilla.suse.com/show_bug.cgi?id=1208719
* https://bugzilla.suse.com/show_bug.cgi?id=1210458
* https://bugzilla.suse.com/show_bug.cgi?id=1213691
* https://bugzilla.suse.com/show_bug.cgi?id=1217832
* https://jira.suse.com/browse/ECO-3319
* https://jira.suse.com/browse/MSQA-718
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/suma-updates/attachments/20240123/0ede35aa/attachment-0001.htm>
More information about the suma-updates
mailing list