<div class="container">
<h1>Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2024:4006-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2024-11-18T13:20:05Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>critical</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1146701">bsc#1146701</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211899">bsc#1211899</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212985">bsc#1212985</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217003">bsc#1217003</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217338">bsc#1217338</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217978">bsc#1217978</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218090">bsc#1218090</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219450">bsc#1219450</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219645">bsc#1219645</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219887">bsc#1219887</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221435">bsc#1221435</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221505">bsc#1221505</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1223312">bsc#1223312</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1223988">bsc#1223988</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224108">bsc#1224108</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224209">bsc#1224209</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225603">bsc#1225603</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225619">bsc#1225619</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225960">bsc#1225960</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226090">bsc#1226090</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226439">bsc#1226439</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226461">bsc#1226461</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226478">bsc#1226478</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226687">bsc#1226687</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226917">bsc#1226917</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227133">bsc#1227133</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227334">bsc#1227334</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227406">bsc#1227406</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227526">bsc#1227526</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227543">bsc#1227543</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227599">bsc#1227599</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227606">bsc#1227606</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227746">bsc#1227746</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228036">bsc#1228036</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228101">bsc#1228101</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228130">bsc#1228130</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228147">bsc#1228147</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228286">bsc#1228286</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228326">bsc#1228326</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228345">bsc#1228345</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228412">bsc#1228412</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228545">bsc#1228545</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228638">bsc#1228638</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228851">bsc#1228851</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228945">bsc#1228945</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229079">bsc#1229079</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229178">bsc#1229178</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229260">bsc#1229260</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229339">bsc#1229339</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231332">bsc#1231332</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231852">bsc#1231852</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231900">bsc#1231900</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231922">bsc#1231922</a>
</li>
<li style="display: inline;">
<a href="https://jira.suse.com/browse/MSQA-863">jsc#MSQA-863</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-47533.html">CVE-2024-47533</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-49502.html">CVE-2024-49502</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2024-49503.html">CVE-2024-49503</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-47533</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">9.8</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-49502</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.6</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-49502</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-49503</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">4.6</span>
<span class="cvss-vector">CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2024-49503</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">3.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">openSUSE Leap 15.3</li>
<li class="list-group-item">openSUSE Leap 15.4</li>
<li class="list-group-item">openSUSE Leap 15.5</li>
<li class="list-group-item">openSUSE Leap 15.6</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Desktop 15 SP6</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise High Performance Computing 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.0</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.1</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.2</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.3</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.4</li>
<li class="list-group-item">SUSE Linux Enterprise Micro 5.5</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Real Time 15 SP6</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server 15 SP6</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP1</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP2</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP3</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP4</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP5</li>
<li class="list-group-item">SUSE Linux Enterprise Server for SAP Applications 15 SP6</li>
<li class="list-group-item">SUSE Manager Client Tools for SLE 15</li>
<li class="list-group-item">SUSE Manager Client Tools for SLE Micro 5</li>
<li class="list-group-item">SUSE Manager Proxy 4.3</li>
<li class="list-group-item">SUSE Manager Proxy 4.3 Module 4.3</li>
<li class="list-group-item">SUSE Manager Retail Branch Server 4.3</li>
<li class="list-group-item">SUSE Manager Server 4.3</li>
<li class="list-group-item">SUSE Manager Server 4.3 Module 4.3</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities, contains one feature and has 50 security fixes can now be installed.</p>
<h2>Security update for SUSE Manager Proxy and Retail Branch Server 4.3</h2>
<h3>Description:</h3>
<p>This update fixes the following issues:</p>
<p>mgr-daemon:</p>
<ul>
<li>Version 4.3.11-0</li>
<li>Update translation strings</li>
</ul>
<p>spacecmd:</p>
<ul>
<li>Version 4.3.29-0</li>
<li>Speed up softwarechannel_removepackages (bsc#1227606)</li>
</ul>
<p>spacewalk-backend:</p>
<ul>
<li>Version 4.3.30-0</li>
<li>Make ISSv1 timezone independent (bsc#1221505)</li>
<li>reposync: introduce timeout when syncing DEB channels (bsc#1225960)</li>
<li>yum_src: use proper name variable name for subprocess.TimeoutExpired</li>
<li>Check and populate PTF attributes at the time of importing
packages (bsc#1225619)</li>
<li>reposync: import GPG keys to RPM DB individually (bsc#1217003)</li>
<li>Add log string to the journal when services are stopped
because of insufficient disk space</li>
</ul>
<p>spacewalk-certs-tools:</p>
<ul>
<li>Version 4.3.26-0</li>
<li>Fix private key format in jabberd certificate file (bsc#1228851)</li>
<li>Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079)</li>
<li>Support multiple certificates for root-ca-file and server-cert-file</li>
</ul>
<p>spacewalk-client-tools:</p>
<ul>
<li>
<p>Version 4.3.21-0</p>
</li>
<li>
<p>Update translation strings</p>
</li>
</ul>
<p>spacewalk-proxy:</p>
<ul>
<li>
<p>Version 4.3.19-0</p>
</li>
<li>
<p>Allow execute of ssh-keygen command on the Proxy to clean up SSH
known_hosts (bsc#1228345)</p>
</li>
</ul>
<p>spacewalk-web:</p>
<ul>
<li>
<p>Security issues fixed:</p>
</li>
<li>
<p>Version 4.3.42-0</p>
<ul>
<li>CVE-2024-49503: Escape organization credentials username to
mitigate XSS vulnerability (bsc#1231922)</li>
</ul>
</li>
<li>
<p>Version 4.3.41-0</p>
<ul>
<li>CVE-2024-49502: Validate proxy hostname format and escape proxy
username to mitigate XSS vulnerabilities (bsc#1231852)</li>
</ul>
</li>
<li>
<p>Bugs fixed:</p>
</li>
<li>
<p>Version 4.3.40-0</p>
<ul>
<li>Fix channel selection using SSM (bsc#1226917)</li>
<li>Fix datetime selection when using maintenance windows (bsc#1228036)</li>
</ul>
</li>
</ul>
<p>susemanager-build-keys:</p>
<ul>
<li>Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)</li>
</ul>
<p>uyuni-common-libs:</p>
<ul>
<li>
<p>Version 4.3.11-0</p>
</li>
<li>
<p>Enforce directory permissions at repo-sync when creating
directories (bsc#1229260)</p>
</li>
<li>Make ISSv1 timezone independent (bsc#1221505)</li>
</ul>
<p>uyuni-proxy-systemd-services:</p>
<ul>
<li>
<p>version 4.3.14-0</p>
</li>
<li>
<p>Update to SUSE Manager 4.3.14</p>
</li>
</ul>
<p>How to apply this update:</p>
<ol>
<li>Log in as root user to the SUSE Manager Proxy or Retail Branch Server.</li>
<li>Stop the proxy service:
<code>spacewalk-proxy stop</code></li>
<li>Apply the patch using either zypper patch or YaST Online Update.</li>
<li>Start the Spacewalk service:
<code>spacewalk-proxy start</code></li>
</ol>
<h2>Security update for SUSE Manager Server 4.3</h2>
<h3>Description:</h3>
<p>This update fixes the following issues:</p>
<p>cobbler:</p>
<ul>
<li>
<p>Security issues fixed:</p>
</li>
<li>
<p>CVE-2024-47533: Prevent privilege escalation from none to admin (bsc#1231332)</p>
</li>
<li>
<p>Other bugs fixed:</p>
</li>
<li>
<p>Increase start timeout for cobblerd unit (bsc#1219450)</p>
</li>
<li>Provide sync_single_system for DHCP modules to improve performance (bsc#1219450)</li>
<li>Add input_string_*, input_boolean, input_int functions to public API</li>
<li>Add new setting for Uyuni authentication endpoint (bsc#1219887)</li>
</ul>
<p>grafana-formula:</p>
<ul>
<li>Version 0.11.0</li>
<li>Add SLES 15 SP6 to supported versions (bsc#1228286)</li>
</ul>
<p>inter-server-sync:</p>
<ul>
<li>Version 0.3.5-0</li>
<li>Decode boolean values for export (bsc#1228545)</li>
</ul>
<p>saltboot-formula:</p>
<ul>
<li>Update to version 0.1.1723628891.ffb1da5</li>
<li>Rework request stop function to avoid unnecessary warnings
(bsc#1212985)</li>
</ul>
<p>spacecmd:</p>
<ul>
<li>Version 4.3.29-0</li>
<li>Speed up softwarechannel_removepackages (bsc#1227606)</li>
</ul>
<p>spacewalk-backend:</p>
<ul>
<li>Version 4.3.30-0</li>
<li>Make ISSv1 timezone independent (bsc#1221505)</li>
<li>reposync: introduce timeout when syncing DEB channels (bsc#1225960)</li>
<li>yum_src: use proper name variable name for subprocess.TimeoutExpired</li>
<li>Check and populate PTF attributes at the time of importing
packages (bsc#1225619)</li>
<li>reposync: import GPG keys to RPM DB individually (bsc#1217003)</li>
<li>Add log string to the journal when services are stopped
because of insufficient disk space</li>
</ul>
<p>spacewalk-certs-tools:</p>
<ul>
<li>Version 4.3.26-0</li>
<li>Fix private key format in jabberd certificate file (bsc#1228851)</li>
<li>Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079)</li>
<li>Support multiple certificates for root-ca-file and server-cert-file</li>
</ul>
<p>spacewalk-client-tools:</p>
<ul>
<li>Version 4.3.21-0</li>
<li>Update translation strings</li>
</ul>
<p>spacewalk-config:</p>
<ul>
<li>Version 4.3.14-0</li>
<li>Trust the Content-Length header from AJP (bsc#1226439)</li>
</ul>
<p>spacewalk-java:</p>
<ul>
<li>Version 4.3.82-0</li>
<li>Limit frontend-log message size (bsc#1231900)</li>
<li>Version 4.3.81-0</li>
<li>Add detection of Ubuntu 24.04</li>
<li>Version 4.3.80-0</li>
<li>Use custom select instead of errata view for better performance
(bsc#1225619)</li>
<li>Version 4.3.79-0</li>
<li>Add info URL for cobbler to clean the system profile (bsc#1219645)</li>
<li>Require correct scap packages for Ubuntu</li>
<li>Require correct scap packages for Debian 12 (bsc#1227746)</li>
<li>Fix finding system_checkin_threshold configuration value on Sytems
Overview page (bsc#1224108)</li>
<li>Allow changing base channel to SUSE Liberty Linux LTSS when the system is on
Liberty (bsc#1228326)</li>
<li>Implement product migration from RHEL and Clones to SUSE Liberty
Linux</li>
<li>Remove system also from proxy SSH known_hosts (bsc#1228345)</li>
<li>Fix NullPointerException when generating subscription matcher
input (bsc#1228638)</li>
<li>Allow free products and SUSE Manager Proxy being managed by SUSE Manager
Server PAYG</li>
<li>Open bootstrap script directory URL in a new page (bsc#1225603)</li>
<li>Delay package list refresh when Salt was updated (bsc#1217978)</li>
<li>Add SLE Micro 5 to the list of systems which support monitoring (bsc#1227334)</li>
<li>Add all SLE Micro systems to the list of systems which get PTF repositories</li>
<li>Update last sync refresh timestamp only when at least one time products
were synced before</li>
<li>Prevent NullPointerException when listing history events without completion
time (bsc#1146701)</li>
<li>Autoinstallation: prevent issues with duplicate IP address due to some
networks (bsc#1226461)</li>
<li>Improve SQL queries and performance to check for PTF packages (bsc#1225619)</li>
<li>Check the correct Salt package before product migration (bsc#1224209)</li>
<li>Fix the date format output when using the HTTP API to use ISO 8601
format (bsc#1227543)</li>
<li>Fix transactional update check for SL Micro (bsc#1227406)</li>
<li>Improve score comparison in system search to fix ISE (bsc#1228412)</li>
<li>Fix package profile update on CentOS 7 when yum-utils is not
installed (bsc#1227133)</li>
</ul>
<p>spacewalk-utils:</p>
<ul>
<li>Version 4.3.22-0</li>
<li>Add repositories for Ubuntu 24.04 LTS</li>
<li>Version 4.3.21-0</li>
<li>Drop unsupported tool spacewalk-final-archive as it is broken
and may disclose sensitive information (bsc#1228945)</li>
</ul>
<p>spacewalk-web:</p>
<ul>
<li>
<p>Security issues fixed:</p>
</li>
<li>
<p>Version 4.3.42-0</p>
<ul>
<li>CVE-2024-49503: Escape organization credentials username to
mitigate XSS vulnerability (bsc#1231922) </li>
</ul>
</li>
<li>
<p>Version 4.3.41-0</p>
<ul>
<li>CVE-2024-49502: Validate proxy hostname format and escape proxy
username to mitigate XSS vulnerabilities (bsc#1231852)</li>
</ul>
</li>
<li>
<p>Bugs fixed:</p>
</li>
<li>
<p>Version 4.3.40-0</p>
<ul>
<li>Fix channel selection using SSM (bsc#1226917)</li>
<li>Fix datetime selection when using maintenance windows (bsc#1228036)</li>
</ul>
</li>
</ul>
<p>susemanager:</p>
<ul>
<li>Version 4.3.39-0</li>
<li>Enable bootstrapping for Ubuntu 24.04 LTS</li>
<li>Version 4.3.38-0</li>
<li>Add missing package python3-ply to bootstrap repo definition (bsc#1228130)</li>
<li>Create special bootstrap data for SUSE Manager Server 4.3 with LTSS
updates for Hub scenario (bsc#1211899)</li>
<li>Add LTSS updates to SUSE Manager Proxy 4.3 bootstrap data</li>
<li>Add traditional stack to boostrap repo on sles15sp6 (bsc#1228147)</li>
<li>Change package to libdbus-glib-1-2 on sle15sp6 (bsc#1228147)</li>
</ul>
<p>susemanager-build-keys:</p>
<ul>
<li>Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339)</li>
</ul>
<p>susemanager-docs_en:</p>
<ul>
<li>Documented Ubuntu 24.04 LTS as a supported client OS in Client</li>
<li>SUSE Manager 4.3.14 documentation update</li>
<li>In network ports section, deleted partially outdated image, added
port 443 for clients, and removed Cobbler only used internally
(bsc#1217338)</li>
<li>Added installer-updates.suse.com to the list of URLs in Installation
and Upgrade Guide (bsc#1229178)</li>
<li>Enhanced instructions about the permissions for the IAM role
in Public Cloud Guide</li>
<li>Fixed OS minor number in Client Configuration Guide (bsc#1218090)</li>
<li>Added warning about Package Hub (bsc#1221435)</li>
<li>Removed Verify Packages section from Package Management chapter
in Client Configuration Guide</li>
<li>Added note about usernames in PAM section in Administration Guide
(bsc#1227599)</li>
<li>Updated Content Lifecycle Management (CLM) examples for Red Hat
Enterprise Linux 9 (bsc#1226687)</li>
<li>Added VM based proxy installation in Installation and Upgrade Guide</li>
<li>Fixed PostgreSQL name entity</li>
<li>Improved Large Deployments Guide with better tuning values and
extra parameters added</li>
<li>Updated lists of SUSE Linux Enterprise hardening profiles in openSCAP
chapter in the Administration Guide</li>
</ul>
<p>susemanager-schema:</p>
<ul>
<li>Version 4.3.27-0</li>
<li>Introduce new attributes to detect PTF packages (bsc#1225619)</li>
</ul>
<p>susemanager-sls:</p>
<ul>
<li>Version 4.3.45-0</li>
<li>Start using DEB822 format for repository sources beginning with Ubuntu 24.04</li>
<li>Version 4.3.44-0</li>
<li>Speed-up mgrutil.remove_ssh_known_host runner (bsc#1223312)</li>
<li>Implement product migration from RHEL and clones to SUSE Liberty Linux</li>
<li>Disable transactional-update.timer on SLEM at bootstrap</li>
<li>Explicitly remove old venv-minion environment when updating Python versions</li>
<li>sumautil: properly detect bridge interfaces (bsc#1226461)</li>
<li>Fix typo on directories to clean up when deleting a system (bsc#1228101)</li>
<li>Translate GPG URL if it has server name and client behind proxy
(bsc#1223988)</li>
<li>Fix yum-utils package missing on CentOS7 minions (bsc#1227133)</li>
<li>Implement IMDSv2 for AWS instance detection (bsc#1226090)</li>
<li>Fix package profile update on CentOS 7 when yum-utils is not
installed (bsc#1227133)</li>
<li>Fix parsing passwords with special characters for PostgreSQL
exporter</li>
</ul>
<p>susemanager-sync-data:</p>
<ul>
<li>Version 4.3.21-0</li>
<li>Add SLES15-SP5-LTSS channel families</li>
<li>Add MicroOS PPC channel family</li>
<li>Version 4.3.20-0</li>
<li>Add Ubuntu 24.04 support</li>
<li>Version 4.3.19-0</li>
<li>Fix CentOS 7 repo urls (bsc#1227526)</li>
<li>Add channel family for SLES 12 SP5 LTSS Extended Security</li>
<li>Implement product migration from RHEL and clones to SUSE Liberty Linux</li>
</ul>
<p>uyuni-common-libs:</p>
<ul>
<li>Version 4.3.11-0</li>
<li>Enforce directory permissions at repo-sync when creating
directories (bsc#1229260)</li>
<li>Make ISSv1 timezone independent (bsc#1221505)</li>
</ul>
<p>uyuni-reportdb-schema:</p>
<ul>
<li>Version 4.3.11-0</li>
<li>Change Errata CVE column to type text as a varchar reaches the
maximum (bsc#1226478)</li>
</ul>
<p>How to apply this update:</p>
<ol>
<li>Log in as root user to the SUSE Manager Server.</li>
<li>Stop the Spacewalk service:
<code>spacewalk-service stop</code></li>
<li>Apply the patch using either zypper patch or YaST Online Update.</li>
<li>Start the Spacewalk service:
<code>spacewalk-service start</code></li>
</ol>
<h2>Recommended update for SUSE Manager Client Tools</h2>
<h3>Description:</h3>
<p>This update fixes the following issues:</p>
<p>uyuni-proxy-systemd-services:</p>
<ul>
<li>version 4.3.14-0</li>
<li>Update to SUSE Manager 4.3.14</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Manager Client Tools for SLE Micro 5
<br/>
<code>zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4006=1</code>
</li>
<li class="list-group-item">
SUSE Manager Proxy 4.3 Module 4.3
<br/>
<code>zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4006=1</code>
</li>
<li class="list-group-item">
SUSE Manager Server 4.3 Module 4.3
<br/>
<code>zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4006=1</code>
</li>
<li class="list-group-item">
SUSE Manager Client Tools for SLE 15
<br/>
<code>zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4006=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Manager Client Tools for SLE Micro 5 (noarch)
<ul>
<li>uyuni-proxy-systemd-services-4.3.14-150000.1.27.4</li>
</ul>
</li>
<li>
SUSE Manager Proxy 4.3 Module 4.3 (noarch)
<ul>
<li>spacewalk-proxy-redirect-4.3.19-150400.3.29.9</li>
<li>python3-spacewalk-certs-tools-4.3.26-150400.3.36.7</li>
<li>spacewalk-proxy-package-manager-4.3.19-150400.3.29.9</li>
<li>spacewalk-client-tools-4.3.21-150400.3.33.11</li>
<li>uyuni-proxy-systemd-services-4.3.14-150000.1.27.4</li>
<li>mgr-daemon-4.3.11-150400.3.21.6</li>
<li>spacewalk-base-minimal-4.3.42-150400.3.52.1</li>
<li>spacewalk-backend-4.3.30-150400.3.47.16</li>
<li>spacecmd-4.3.29-150400.3.42.8</li>
<li>spacewalk-proxy-salt-4.3.19-150400.3.29.9</li>
<li>python3-spacewalk-client-setup-4.3.21-150400.3.33.11</li>
<li>python3-spacewalk-client-tools-4.3.21-150400.3.33.11</li>
<li>spacewalk-certs-tools-4.3.26-150400.3.36.7</li>
<li>spacewalk-client-setup-4.3.21-150400.3.33.11</li>
<li>spacewalk-proxy-common-4.3.19-150400.3.29.9</li>
<li>susemanager-build-keys-15.4.10-150400.3.29.4</li>
<li>spacewalk-proxy-broker-4.3.19-150400.3.29.9</li>
<li>susemanager-build-keys-web-15.4.10-150400.3.29.4</li>
<li>python3-spacewalk-check-4.3.21-150400.3.33.11</li>
<li>spacewalk-proxy-management-4.3.19-150400.3.29.9</li>
<li>spacewalk-check-4.3.21-150400.3.33.11</li>
<li>spacewalk-base-minimal-config-4.3.42-150400.3.52.1</li>
</ul>
</li>
<li>
SUSE Manager Proxy 4.3 Module 4.3 (x86_64)
<ul>
<li>python3-uyuni-common-libs-4.3.11-150400.3.21.6</li>
</ul>
</li>
<li>
SUSE Manager Server 4.3 Module 4.3 (noarch)
<ul>
<li>spacewalk-backend-sql-postgresql-4.3.30-150400.3.47.16</li>
<li>spacewalk-taskomatic-4.3.82-150400.3.96.1</li>
<li>spacewalk-backend-sql-4.3.30-150400.3.47.16</li>
<li>spacewalk-java-4.3.82-150400.3.96.1</li>
<li>susemanager-schema-utility-4.3.27-150400.3.45.11</li>
<li>spacewalk-backend-config-files-common-4.3.30-150400.3.47.16</li>
<li>susemanager-schema-4.3.27-150400.3.45.11</li>
<li>python3-spacewalk-certs-tools-4.3.26-150400.3.36.7</li>
<li>spacewalk-backend-applet-4.3.30-150400.3.47.16</li>
<li>spacewalk-java-postgresql-4.3.82-150400.3.96.1</li>
<li>spacewalk-backend-server-4.3.30-150400.3.47.16</li>
<li>spacewalk-client-tools-4.3.21-150400.3.33.11</li>
<li>susemanager-docs_en-pdf-4.3.14-150400.9.66.2</li>
<li>susemanager-docs_en-4.3.14-150400.9.66.2</li>
<li>spacewalk-backend-xmlrpc-4.3.30-150400.3.47.16</li>
<li>spacewalk-backend-package-push-server-4.3.30-150400.3.47.16</li>
<li>spacewalk-base-minimal-4.3.42-150400.3.52.1</li>
<li>spacewalk-backend-config-files-4.3.30-150400.3.47.16</li>
<li>spacewalk-backend-4.3.30-150400.3.47.16</li>
<li>spacecmd-4.3.29-150400.3.42.8</li>
<li>spacewalk-base-4.3.42-150400.3.52.1</li>
<li>python3-spacewalk-client-tools-4.3.21-150400.3.33.11</li>
<li>spacewalk-backend-config-files-tool-4.3.30-150400.3.47.16</li>
<li>spacewalk-certs-tools-4.3.26-150400.3.36.7</li>
<li>spacewalk-backend-iss-export-4.3.30-150400.3.47.16</li>
<li>spacewalk-html-4.3.42-150400.3.52.1</li>
<li>susemanager-build-keys-15.4.10-150400.3.29.4</li>
<li>saltboot-formula-0.1.1723628891.ffb1da5-150400.3.18.4</li>
<li>spacewalk-utils-4.3.22-150400.3.29.2</li>
<li>susemanager-build-keys-web-15.4.10-150400.3.29.4</li>
<li>spacewalk-backend-xml-export-libs-4.3.30-150400.3.47.16</li>
<li>spacewalk-java-config-4.3.82-150400.3.96.1</li>
<li>susemanager-sls-4.3.45-150400.3.55.4</li>
<li>spacewalk-java-lib-4.3.82-150400.3.96.1</li>
<li>spacewalk-backend-app-4.3.30-150400.3.47.16</li>
<li>uyuni-config-modules-4.3.45-150400.3.55.4</li>
<li>spacewalk-backend-iss-4.3.30-150400.3.47.16</li>
<li>spacewalk-utils-extras-4.3.22-150400.3.29.2</li>
<li>cobbler-3.3.3-150400.5.52.3</li>
<li>spacewalk-backend-tools-4.3.30-150400.3.47.16</li>
<li>susemanager-sync-data-4.3.21-150400.3.35.2</li>
<li>uyuni-reportdb-schema-4.3.11-150400.3.18.12</li>
<li>spacewalk-base-minimal-config-4.3.42-150400.3.52.1</li>
<li>spacewalk-config-4.3.14-150400.3.18.6</li>
<li>grafana-formula-0.11.0-150400.3.21.4</li>
</ul>
</li>
<li>
SUSE Manager Server 4.3 Module 4.3 (ppc64le s390x x86_64)
<ul>
<li>susemanager-4.3.39-150400.3.58.5</li>
<li>inter-server-sync-0.3.5-150400.3.36.13</li>
<li>python3-uyuni-common-libs-4.3.11-150400.3.21.6</li>
<li>susemanager-tools-4.3.39-150400.3.58.5</li>
<li>inter-server-sync-debuginfo-0.3.5-150400.3.36.13</li>
</ul>
</li>
<li>
SUSE Manager Client Tools for SLE 15 (noarch)
<ul>
<li>uyuni-proxy-systemd-services-4.3.14-150000.1.27.4</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-47533.html">https://www.suse.com/security/cve/CVE-2024-47533.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-49502.html">https://www.suse.com/security/cve/CVE-2024-49502.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2024-49503.html">https://www.suse.com/security/cve/CVE-2024-49503.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1146701">https://bugzilla.suse.com/show_bug.cgi?id=1146701</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1211899">https://bugzilla.suse.com/show_bug.cgi?id=1211899</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1212985">https://bugzilla.suse.com/show_bug.cgi?id=1212985</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217003">https://bugzilla.suse.com/show_bug.cgi?id=1217003</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217338">https://bugzilla.suse.com/show_bug.cgi?id=1217338</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217978">https://bugzilla.suse.com/show_bug.cgi?id=1217978</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218090">https://bugzilla.suse.com/show_bug.cgi?id=1218090</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219450">https://bugzilla.suse.com/show_bug.cgi?id=1219450</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219645">https://bugzilla.suse.com/show_bug.cgi?id=1219645</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1219887">https://bugzilla.suse.com/show_bug.cgi?id=1219887</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221435">https://bugzilla.suse.com/show_bug.cgi?id=1221435</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221505">https://bugzilla.suse.com/show_bug.cgi?id=1221505</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1223312">https://bugzilla.suse.com/show_bug.cgi?id=1223312</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1223988">https://bugzilla.suse.com/show_bug.cgi?id=1223988</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224108">https://bugzilla.suse.com/show_bug.cgi?id=1224108</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1224209">https://bugzilla.suse.com/show_bug.cgi?id=1224209</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225603">https://bugzilla.suse.com/show_bug.cgi?id=1225603</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225619">https://bugzilla.suse.com/show_bug.cgi?id=1225619</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1225960">https://bugzilla.suse.com/show_bug.cgi?id=1225960</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226090">https://bugzilla.suse.com/show_bug.cgi?id=1226090</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226439">https://bugzilla.suse.com/show_bug.cgi?id=1226439</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226461">https://bugzilla.suse.com/show_bug.cgi?id=1226461</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226478">https://bugzilla.suse.com/show_bug.cgi?id=1226478</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226687">https://bugzilla.suse.com/show_bug.cgi?id=1226687</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1226917">https://bugzilla.suse.com/show_bug.cgi?id=1226917</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227133">https://bugzilla.suse.com/show_bug.cgi?id=1227133</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227334">https://bugzilla.suse.com/show_bug.cgi?id=1227334</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227406">https://bugzilla.suse.com/show_bug.cgi?id=1227406</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227526">https://bugzilla.suse.com/show_bug.cgi?id=1227526</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227543">https://bugzilla.suse.com/show_bug.cgi?id=1227543</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227599">https://bugzilla.suse.com/show_bug.cgi?id=1227599</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227606">https://bugzilla.suse.com/show_bug.cgi?id=1227606</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1227746">https://bugzilla.suse.com/show_bug.cgi?id=1227746</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228036">https://bugzilla.suse.com/show_bug.cgi?id=1228036</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228101">https://bugzilla.suse.com/show_bug.cgi?id=1228101</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228130">https://bugzilla.suse.com/show_bug.cgi?id=1228130</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228147">https://bugzilla.suse.com/show_bug.cgi?id=1228147</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228286">https://bugzilla.suse.com/show_bug.cgi?id=1228286</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228326">https://bugzilla.suse.com/show_bug.cgi?id=1228326</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228345">https://bugzilla.suse.com/show_bug.cgi?id=1228345</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228412">https://bugzilla.suse.com/show_bug.cgi?id=1228412</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228545">https://bugzilla.suse.com/show_bug.cgi?id=1228545</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228638">https://bugzilla.suse.com/show_bug.cgi?id=1228638</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228851">https://bugzilla.suse.com/show_bug.cgi?id=1228851</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1228945">https://bugzilla.suse.com/show_bug.cgi?id=1228945</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229079">https://bugzilla.suse.com/show_bug.cgi?id=1229079</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229178">https://bugzilla.suse.com/show_bug.cgi?id=1229178</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229260">https://bugzilla.suse.com/show_bug.cgi?id=1229260</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1229339">https://bugzilla.suse.com/show_bug.cgi?id=1229339</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231332">https://bugzilla.suse.com/show_bug.cgi?id=1231332</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231852">https://bugzilla.suse.com/show_bug.cgi?id=1231852</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231900">https://bugzilla.suse.com/show_bug.cgi?id=1231900</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1231922">https://bugzilla.suse.com/show_bug.cgi?id=1231922</a>
</li>
<li>
<a href="https://jira.suse.com/browse/MSQA-863">https://jira.suse.com/browse/MSQA-863</a>
</li>
</ul>
</div>