[SUSE-SU-2022:1545-1] Security Beta update for SUSE Manager Client Tools
Severity
Important
CVEs
5
Security Beta update for SUSE Manager Client Tools
This update fixes the following issues:
golang-github-prometheus-alertmanager:
- CVE-2022-21698: Denial of service using InstrumentHandlerCounter
- Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24077)
- Update to version 0.23.0:
- amtool: Detect version drift and warn users (#2672)
- Add ability to skip TLS verification for amtool (#2663)
- Fix empty isEqual in amtool. (#2668)
- Fix main tests (#2670)
- cli: add new template render command (#2538)
- OpsGenie: refer to alert instead of incident (#2609)
- Docs: target_match and source_match are DEPRECATED (#2665)
- Fix test not waiting for cluster member to be ready
- Added hardening to systemd service(s) (bsc#1181400).
golang-github-prometheus-prometheus:
- Build firewalld-prometheus-config only for SUSE Linux Enterprise 15, 15.1 and 15.2, and require firewalld for it
- Firewalld-prometheus-config needs to be a Recommends, not a Requires, as prometheus does not require it to run
- Create firewalld-prometheus-config subpackage (bsc#1197042)
- CVE-2022-21698: Denial of service using InstrumentHandlerCounter.
- Update vendor tarball with prometheus/client_golang 1.12.1 (bsc#1196338)
mgr-cfg:
- Version 4.3.6-1
- Fix the condition for preventing building python 2 subpackage for SLE15 (bsc#1197579)
mgr-osad:
- Version 4.3.6-1
- Fix the condition for preventing building python 2 subpackage for SLE15
mgr-push:
- Version 4.3.4-1
- Fix the condition for preventing building python 2 subpackage for SLE15
mgr-virtualization:
- Version 4.3.5-1
- Fix the condition for preventing building python 2 subpackage for SLE15
rhnlib:
- Version 4.3.4-1
- Fix the condition for preventing building python 2 subpackage for SLE15
salt:
- Prevent data pollution between actions proceesed at the same time (bsc#1197637)
- Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533)
- Fixes for Python 3.10
- Fix salt-ssh opts poisoning (bsc#1197637)
- Fix multiple security issues for salt (bsc#1197417):
- CVE-2022-22935: Sign authentication replies to prevent MiTM.
- CVE-2022-22934: Sign pillar data to prevent MiTM attacks.
- CVE-2022-22936: Prevent job and fileserver replays.
- CVE-2022-22941: Fixed targeting bug, especially visible when using syndic and user auth.
spacecmd:
- Version 4.3.10-1
- parse boolean parameters correctly (bsc#1197689)
- Add parameter to set containerized proxy SSH port
spacewalk-client-tools:
- Version 4.3.9-1
- Fix the condition for preventing building python 2 subpackage for SLE15
spacewalk-koan:
- Version 4.3.5-1
- Fix the condition for preventing building python 2 subpackage for SLE15
spacewalk-oscap:
- Version 4.3.5-1
- Fix the condition for preventing building python 2 subpackage for SLE15
suseRegisterInfo:
- Version 4.3.3-1
- Fix the condition for preventing building python 2 subpackage for SLE15
uyuni-common-libs:
- Version 4.3.4-1
- implement more decompression algorithms for reposync (bsc#1196704)
uyuni-proxy-systemd-services:
- Version 4.3.2-1
- Harmonize systemd services names and container names
- Adapted to work on Enterprise Linux.
- Add package to SLE and Client tools (jsc#SLE-24145)
- Harmonize systemd services names and container names
- ID
- SUSE-SU-2022:1545-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20221545-1/
- Published
-
2022-05-05T10:11:10
(2 years ago) - Modified
-
2022-05-05T10:11:10
(2 years ago) - Rights
- Copyright 2023 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALPINE:CVE-2022-21698
-
ALPINE:CVE-2022-22934
-
ALPINE:CVE-2022-22935
-
ALPINE:CVE-2022-22936
-
ALPINE:CVE-2022-22941
-
ALSA-2022:1762
-
ALSA-2022:7519
-
ALSA-2022:7529
-
ALSA-2022:8057
-
ELSA-2022-1762
-
ELSA-2022-7519
-
ELSA-2022-7529
-
ELSA-2022-8057
-
FEDORA-2022-13ad572b5a
-
FEDORA-2022-2067702f06
-
FEDORA-2022-3969b64d4b
-
FEDORA-2022-396c568c5e
-
FEDORA-2022-5038c3236c
-
FEDORA-2022-5e637f6cc6
-
FEDORA-2022-5f253807ce
-
FEDORA-2022-6043a7b938
-
FEDORA-2022-6c4cb64314
-
FEDORA-2022-739c7a0058
-
FEDORA-2022-741325e9a0
-
FEDORA-2022-83405f9d5b
-
FEDORA-2022-92ef43c439
-
FEDORA-2022-9dd03cab55
-
FEDORA-2022-a7d438b30b
-
FEDORA-2022-c5383675d9
-
FEDORA-2022-c87047f163
-
FEDORA-2022-e244ad73d6
-
FEDORA-2022-eda0e65b01
-
FEDORA-2022-fae3ecee19
-
GLSA-202310-22
-
GO-2022-0322
-
MS:CVE-2022-21698
-
openSUSE-SU-2022:1059-1
-
PYSEC-2022-171
-
PYSEC-2022-172
-
PYSEC-2022-173
-
PYSEC-2022-174
-
RHSA-2022:1762
-
RHSA-2022:7519
-
RHSA-2022:7529
-
RHSA-2022:8057
-
RLSA-2022:1762
-
RLSA-2022:7519
-
RLSA-2022:7529
-
RLSA-2022:8057
-
SUSE-SU-2022:1049-1
-
SUSE-SU-2022:1050-1
-
SUSE-SU-2022:1051-1
-
SUSE-SU-2022:1057-1
-
SUSE-SU-2022:1058-1
-
SUSE-SU-2022:1059-1
-
SUSE-SU-2022:1060-1
-
SUSE-SU-2022:1433-1
-
SUSE-SU-2022:1434-1
-
SUSE-SU-2022:1435-1
-
SUSE-SU-2022:1514-1
-
SUSE-SU-2022:1531-1
-
SUSE-SU-2022:1536-1
-
SUSE-SU-2022:2134-1
-
SUSE-SU-2022:2137-1
-
SUSE-SU-2022:2139-1
-
SUSE-SU-2022:2140-1
-
SUSE-SU-2022:2145-1
-
SUSE-SU-2022:2834-1
-
SUSE-SU-2022:2839-1
-
SUSE-SU-2022:2839-2
-
SUSE-SU-2022:3745-1
-
SUSE-SU-2022:3747-1
-
SUSE-SU-2024:0191-1
-
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |