[SUSE-SU-2022:3751-1] Security update for SUSE Manager Client Tools
Severity
Moderate
Affected Packages
16
CVEs
2
Security update for SUSE Manager Client Tools
This update fixes the following issues:
dracut-saltboot:
- Update to version 0.1.1661440542.6cbe0da
- Use standard susemanager.conf
- Move image services to dracut-saltboot package
- Use salt bundle
golang-github-lusitaniae-apache_exporter:
- Update to upstream release 0.11.0 (jsc#SLE-24791)
- Add TLS support
- Switch to logger, please check --log.level and --log.format flags
- Update to version 0.10.1
- Bugfix: Reset ProxyBalancer metrics on each scrape to remove stale data
- Update to version 0.10.0
- Add Apache Proxy and other metrics
- Update to version 0.8.0
- Change commandline flags
- Add metrics: Apache version, request duration total
- Adapted to build on Enterprise Linux 8
- Require building with Go 1.15
- Add %license macro for LICENSE file
grafana:
- Update to version 8.3.10
- Security:
- CVE-2022-31097: Cross Site Scripting vulnerability in the Unified Alerting (bsc#1201535)
- CVE-2022-31107: Fixes OAuth account takeover vulnerability (bsc#1201539)
- Update to version 8.3.9
- Bug fixes:
- Geomap: Display legend
- Prometheus: Fix timestamp truncation
- Update to version 8.3.7
- Bug fix:
- Provisioning: Ensure that the default value for orgID is set when provisioning datasources to be deleted.
- Update to version 8.3.6
- Features and enhancements:
- Cloud Monitoring: Reduce request size when listing labels.
- Explore: Show scalar data result in a table instead of graph.
- Snapshots: Updates the default external snapshot server URL.
- Table: Makes footer not overlap table content.
- Tempo: Add request histogram to service graph datalink.
- Tempo: Add time range to tempo search query behind a feature flag.
- Tempo: Auto-clear results when changing query type.
- Tempo: Display start time in search results as relative time.
- CloudMonitoring: Fix resource labels in query editor.
- Cursor sync: Apply the settings without saving the dashboard.
- LibraryPanels: Fix for Error while cleaning library panels.
- Logs Panel: Fix timestamp parsing for string dates without timezone.
- Prometheus: Fix some of the alerting queries that use reduce/math operation.
- TablePanel: Fix ad-hoc variables not working on default datasources.
- Text Panel: Fix alignment of elements.
- Variables: Fix for constant variables in self referencing links.
- Update to version 8.3.5 (jsc#SLE-23439, jsc#SLE-23422, jsc#SLE-24565)
mgr-daemon:
- Version 4.3.6-1
- Update translation strings
spacecmd:
- Version 4.3.15-1
- Process date values in spacecmd api calls (bsc#1198903)
spacewalk-client-tools:
- Version 4.3.12-1
- Update translation strings
uyuni-common-libs:
- Version 4.3.6-1
- Do not allow creating path if nonexistent user or group in fileutils.
- ID
- SUSE-SU-2022:3751-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20223751-1/
- Published
-
2022-10-26T08:48:09
(23 months ago) - Modified
-
2022-10-26T08:48:09
(23 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALPINE:CVE-2022-31097
- ALPINE:CVE-2022-31107
- ALSA-2022:5716
- ALSA-2022:5717
- ELSA-2022-5716
- ELSA-2022-5717
- FREEBSD:0859E6D5-0415-11ED-A53B-6C3BE5272ACD
- FREEBSD:0C367E98-0415-11ED-A53B-6C3BE5272ACD
- GO-2024-2852
- GO-2024-2857
- RHSA-2022:5716
- RHSA-2022:5717
- RLSA-2022:5717
- SUSE-SU-2022:3676-1
- SUSE-SU-2022:3747-1
- SUSE-SU-2022:3765-1
- SUSE-SU-2022:4428-1
- SUSE-SU-2022:4437-1
- SUSE-SU-2022:4439-1
- SUSE-SU-2023:2575-1
- SUSE-SU-2023:2578-1
- SUSE-SU-2023:2579-1
- SUSE-SU-2024:0191-1
- SUSE-SU-2024:0196-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3751-1.json | |
Suse | URL for SUSE-SU-2022:3751-1 | https://www.suse.com/support/update/announcement/2022/suse-su-20223751-1/ | |
Suse | E-Mail link for SUSE-SU-2022:3751-1 | https://lists.suse.com/pipermail/sle-security-updates/2022-October/012706.html | |
Bugzilla | SUSE Bug 1198903 | https://bugzilla.suse.com/1198903 | |
Bugzilla | SUSE Bug 1201535 | https://bugzilla.suse.com/1201535 | |
Bugzilla | SUSE Bug 1201539 | https://bugzilla.suse.com/1201539 | |
CVE | SUSE CVE CVE-2022-31097 page | https://www.suse.com/security/cve/CVE-2022-31097/ | |
CVE | SUSE CVE CVE-2022-31107 page | https://www.suse.com/security/cve/CVE-2022-31107/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/spacecmd?arch=noarch&distro=opensuse-leap-15.4 | suse | spacecmd | < 4.3.15-150000.3.86.1 | opensuse-leap-15.4 | noarch | |
Affected | pkg:rpm/suse/spacecmd?arch=noarch&distro=opensuse-leap-15.3 | suse | spacecmd | < 4.3.15-150000.3.86.1 | opensuse-leap-15.3 | noarch | |
Affected | pkg:rpm/suse/golang-github-prometheus-node_exporter?arch=x86_64&distro=sles-15 | suse | golang-github-prometheus-node_exporter | < 1.3.0-150000.3.18.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/golang-github-prometheus-node_exporter?arch=s390x&distro=sles-15 | suse | golang-github-prometheus-node_exporter | < 1.3.0-150000.3.18.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/golang-github-prometheus-node_exporter?arch=ppc64le&distro=sles-15 | suse | golang-github-prometheus-node_exporter | < 1.3.0-150000.3.18.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/golang-github-prometheus-node_exporter?arch=aarch64&distro=sles-15 | suse | golang-github-prometheus-node_exporter | < 1.3.0-150000.3.18.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=x86_64&distro=opensuse-leap-15.4 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.4 | x86_64 | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=x86_64&distro=opensuse-leap-15.3 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=s390x&distro=opensuse-leap-15.4 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.4 | s390x | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=s390x&distro=opensuse-leap-15.3 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=ppc64le&distro=opensuse-leap-15.4 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.4 | ppc64le | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=ppc64le&distro=opensuse-leap-15.3 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=aarch64&distro=opensuse-leap-15.4 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.4 | aarch64 | |
Affected | pkg:rpm/suse/golang-github-lusitaniae-apache_exporter?arch=aarch64&distro=opensuse-leap-15.3 | suse | golang-github-lusitaniae-apache_exporter | < 0.11.0-150000.1.12.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/suse/dracut-saltboot?arch=noarch&distro=opensuse-leap-15.4 | suse | dracut-saltboot | < 0.1.1661440542.6cbe0da-150000.1.38.1 | opensuse-leap-15.4 | noarch | |
Affected | pkg:rpm/suse/dracut-saltboot?arch=noarch&distro=opensuse-leap-15.3 | suse | dracut-saltboot | < 0.1.1661440542.6cbe0da-150000.1.38.1 | opensuse-leap-15.3 | noarch |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |