SUSE-SU-2025:1297-1: moderate: Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
SUSE-MANAGER-UPDATES
null at suse.de
Wed Apr 16 08:34:33 UTC 2025
# Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Announcement ID: SUSE-SU-2025:1297-1
Release Date: 2025-04-16T07:57:31Z
Rating: moderate
References:
* bsc#1221505
* bsc#1225287
* bsc#1226273
* bsc#1227118
* bsc#1227859
* bsc#1231983
* bsc#1233500
* bsc#1234033
* bsc#1234202
* bsc#1234226
* bsc#1234442
* bsc#1235527
* bsc#1235696
* bsc#1235825
* bsc#1235853
* bsc#1235970
* bsc#1236011
* bsc#1236118
* bsc#1236166
* bsc#1236234
* bsc#1236268
* bsc#1236323
* bsc#1236601
* bsc#1236625
* bsc#1236678
* bsc#1236707
* bsc#1237060
* bsc#1237403
* bsc#1237535
* bsc#1237694
* bsc#1238924
* bsc#1239826
* bsc#1240960
* jsc#MSQA-934
Cross-References:
* CVE-2025-23392
CVSS scores:
* CVE-2025-23392 ( SUSE ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2025-23392 ( SUSE ): 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Affected Products:
* SUSE Linux Enterprise Micro 5.5
* SUSE Manager Proxy 5.0 Extension
* SUSE Manager Retail Branch Server 5.0 Extension
* SUSE Manager Server 5.0 Extension
An update that solves one vulnerability, contains one feature and has 32
security fixes can now be installed.
## Recommended update 5.0.4 for Multi-Linux Manager Proxy
### Description:
This update fixes the following issues:
proxy-helm:
* Version 5.0.12:
* Image rebuilt to the newest version with updated dependencies
proxy-httpd-image:
* Version 5.0.10:
* Fixed wrong IP address set on susemanager-tftpsync-recv.conf
* Image rebuilt to the newest version with updated dependencies
proxy-salt-broker-image:
* Version 5.0.10:
* Image rebuilt to the newest version with updated dependencies
proxy-squid-image:
* Version 5.0.10:
* Set maximal cache time for metadata to 5 minutes
* Image rebuilt to the newest version with updated dependencies
proxy-ssh-image:
* version 5.0.10:
* Image rebuilt to the newest version with updated dependencies
proxy-tftpd-image:
* Version 5.0.10:
* Fixed possible collisions replacing FQDNs for proxies (bsc#1236601)
* Replaced server hostname in chained proxy tftp container (bsc#1236166)
* Image rebuilt to the newest version with updated dependencies
## Recommended update 5.0.4 for Multi-Linux Manager Retail Branch Server
### Description:
This update fixes the following issues:
proxy-helm:
* Version 5.0.12:
* Image rebuilt to the newest version with updated dependencies
proxy-httpd-image:
* Version 5.0.10:
* Fixed wrong IP address set on susemanager-tftpsync-recv.conf
* Image rebuilt to the newest version with updated dependencies
proxy-salt-broker-image:
* Version 5.0.10:
* Image rebuilt to the newest version with updated dependencies
proxy-squid-image:
* Version 5.0.10:
* Set maximal cache time for metadata to 5 minutes
* Image rebuilt to the newest version with updated dependencies
proxy-ssh-image:
* version 5.0.10:
* Image rebuilt to the newest version with updated dependencies
proxy-tftpd-image:
* Version 5.0.10:
* Fixed possible collisions replacing FQDNs for proxies (bsc#1236601)
* Replaced server hostname in chained proxy tftp container (bsc#1236166)
* Image rebuilt to the newest version with updated dependencies
## Recommended update 5.0.4 for Multi-Linux Manager Server
### Description:
This update fixes the following issues:
server-attestation-image:
* Version 5.0.8:
* Image rebuilt to the newest version with updated dependencies
server-hub-xmlrpc-api-image:
* Version 5.0.10:
* Image rebuilt to the newest version with updated dependencies
server-image:
* Version 5.0.13:
* Image rebuilt to the newest version with updated dependencies
server-migration-14-16-image:
* Version 5.0.11:
* Image rebuilt to the newest version with updated dependencies
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Manager Proxy 5.0 Extension
zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-1297=1
* SUSE Manager Retail Branch Server 5.0 Extension
zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-1297=1
* SUSE Manager Server 5.0 Extension
zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-1297=1
## Package List:
* SUSE Manager Proxy 5.0 Extension (aarch64)
* suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-aarch64-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-aarch64-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-aarch64-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Proxy 5.0 Extension (ppc64le)
* suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.4-7.12.13
* suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-ppc64le-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.4-7.12.28
* SUSE Manager Proxy 5.0 Extension (s390x)
* suse-manager-5.0-s390x-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-s390x-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-s390x-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-s390x-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Proxy 5.0 Extension (x86_64)
* suse-manager-5.0-x86_64-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-x86_64-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-x86_64-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Retail Branch Server 5.0 Extension (aarch64)
* suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-aarch64-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-aarch64-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-aarch64-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Retail Branch Server 5.0 Extension (ppc64le)
* suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.4-7.12.13
* suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-ppc64le-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.4-7.12.28
* SUSE Manager Retail Branch Server 5.0 Extension (s390x)
* suse-manager-5.0-s390x-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-s390x-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-s390x-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-s390x-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Retail Branch Server 5.0 Extension (x86_64)
* suse-manager-5.0-x86_64-proxy-ssh-image-5.0.4-7.12.14
* suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.12.29
* suse-manager-5.0-x86_64-proxy-squid-image-5.0.4-7.12.12
* suse-manager-5.0-x86_64-proxy-httpd-image-5.0.4-7.12.28
* suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.4-7.12.13
* SUSE Manager Server 5.0 Extension (aarch64)
* suse-manager-5.0-aarch64-server-attestation-image-5.0.4-6.12.11
* suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.4-6.12.14
* suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.4-7.12.23
* suse-manager-5.0-aarch64-server-image-5.0.4-7.17.29
* SUSE Manager Server 5.0 Extension (ppc64le)
* suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.4-6.12.14
* suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.4-7.12.23
* suse-manager-5.0-ppc64le-server-image-5.0.4-7.17.29
* suse-manager-5.0-ppc64le-server-attestation-image-5.0.4-6.12.11
* SUSE Manager Server 5.0 Extension (s390x)
* suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.4-6.12.14
* suse-manager-5.0-s390x-server-attestation-image-5.0.4-6.12.11
* suse-manager-5.0-s390x-server-migration-14-16-image-5.0.4-7.12.23
* suse-manager-5.0-s390x-server-image-5.0.4-7.17.29
* SUSE Manager Server 5.0 Extension (x86_64)
* suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.4-6.12.14
* suse-manager-5.0-x86_64-server-attestation-image-5.0.4-6.12.11
* suse-manager-5.0-x86_64-server-image-5.0.4-7.17.29
* suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.4-7.12.23
## References:
* https://www.suse.com/security/cve/CVE-2025-23392.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221505
* https://bugzilla.suse.com/show_bug.cgi?id=1225287
* https://bugzilla.suse.com/show_bug.cgi?id=1226273
* https://bugzilla.suse.com/show_bug.cgi?id=1227118
* https://bugzilla.suse.com/show_bug.cgi?id=1227859
* https://bugzilla.suse.com/show_bug.cgi?id=1231983
* https://bugzilla.suse.com/show_bug.cgi?id=1233500
* https://bugzilla.suse.com/show_bug.cgi?id=1234033
* https://bugzilla.suse.com/show_bug.cgi?id=1234202
* https://bugzilla.suse.com/show_bug.cgi?id=1234226
* https://bugzilla.suse.com/show_bug.cgi?id=1234442
* https://bugzilla.suse.com/show_bug.cgi?id=1235527
* https://bugzilla.suse.com/show_bug.cgi?id=1235696
* https://bugzilla.suse.com/show_bug.cgi?id=1235825
* https://bugzilla.suse.com/show_bug.cgi?id=1235853
* https://bugzilla.suse.com/show_bug.cgi?id=1235970
* https://bugzilla.suse.com/show_bug.cgi?id=1236011
* https://bugzilla.suse.com/show_bug.cgi?id=1236118
* https://bugzilla.suse.com/show_bug.cgi?id=1236166
* https://bugzilla.suse.com/show_bug.cgi?id=1236234
* https://bugzilla.suse.com/show_bug.cgi?id=1236268
* https://bugzilla.suse.com/show_bug.cgi?id=1236323
* https://bugzilla.suse.com/show_bug.cgi?id=1236601
* https://bugzilla.suse.com/show_bug.cgi?id=1236625
* https://bugzilla.suse.com/show_bug.cgi?id=1236678
* https://bugzilla.suse.com/show_bug.cgi?id=1236707
* https://bugzilla.suse.com/show_bug.cgi?id=1237060
* https://bugzilla.suse.com/show_bug.cgi?id=1237403
* https://bugzilla.suse.com/show_bug.cgi?id=1237535
* https://bugzilla.suse.com/show_bug.cgi?id=1237694
* https://bugzilla.suse.com/show_bug.cgi?id=1238924
* https://bugzilla.suse.com/show_bug.cgi?id=1239826
* https://bugzilla.suse.com/show_bug.cgi?id=1240960
* https://jira.suse.com/browse/MSQA-934
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/suma-updates/attachments/20250416/4f11568c/attachment.htm>
More information about the suma-updates
mailing list