[SUSE-SU-2023:3474-1] Recommended update for SUSE Manager Server 4.2
Severity
Important
CVEs
1
Recommended update for SUSE Manager Server 4.2
This update fixes the following issues:
hub-xmlrpc-api:
- Security fix:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server while validating signatures for extremely large RSA keys. (bsc#1213880)
- There are no direct source changes. The CVE on hub-xmlrpc-api is fixed rebuilding the sources with the patched Go version.
spacecmd:
- Version 4.2.24-1
- Update translations
spacewalk-backend:
- Version 4.2.29-1
- Use a constant to get the product name in python code rather than reading rhn.conf (bsc#1212943)
- Only show missing /root/.curlrc error with log_level = 5 (bsc#1212507)
spacewalk-java:
- Version 4.2.55-1
- Set swap memory value if available
- Set primary FQDN to hostname if none is set (bsc#1209156, bsc#1214333)
- Version 4.2.54-1
- Consider venv-salt-minion package update as a Salt update to prevent backtraces on upgrading salt with itself (bsc#1211884)
- Version 4.2.53-1
- Fix 'more then one method candidate found' for API function (bsc#1211100)
- Fixed a bug that caused the tab Autoinstallation to hide when clicking on Power Management Management/Operations on SSM -> Provisioning
- Update copyright year (bsc#1212106)
- Disable jinja processing for the roster file (bsc#1211650)
- Version 4.2.52-1
- Update jetty-util to version 9.4.51
- Version 4.2.51-1
- Update version of Tomcat build dependencies
spacewalk-reports:
- Version 4.2.8-1
- Drop Python2 compatibility (bsc#1212589)
spacewalk-setup:
- Version 4.2.13-1
- Drop usage of salt.ext.six in embedded_diskspace_check
spacewalk-utils:
- Version 4.2.20-1
- Drop Python2 compatibility
spacewalk-web:
- Version 4.2.36-1
- Update translation
- Fix VHM CPU and RAM display when 0 (bsc#1175823)
- Fix parsing error when showing notification message details (bsc#1211469)
susemanager:
- Version 4.2.44-1
- Require LTSS channels for SUSE Linux Enterprise 15 SP1/SP2/SP3 and SUSE Manager Proxy 4.2 (bsc#1214187)
- Require LTSS channels for SUSE Linux Enterprise 15 SP1/SP2/SP3 and SUSE Manager Proxy 4.2 (bsc#1214187)
- Version 4.2.43-1
- Add missing Salt 3006.0 dependencies to bootstrap repo definitions (bsc#1212700)
- Make mgr-salt-ssh to properly fix HOME environment to avoid issues with gitfs (bsc#1210994)
susemanager-doc-indexes:
- Typo correction for Cobbler buildiso command in Client Configuration Guide
- Replaced plain text with dedicated attribute for AutoYaST
- Added a note about Oracle Unbreakable Linux Network mirroring requirements in Client Configuration Guide (bsc#1212032)
- Added SUSE Linux Enterprise 15 SP5 and openSUSE Leap 15.5 as supported clients in the Client Configuration Guide
- Fixed missing tables of content in the Reference Guide (bsc#1208577)
- Fixed instruction for Single sign-on implementation example in the Administration Guide (bsc#1210103)
- Removed reference to non-exitent files in Reference Guide (bsc#1208528)
susemanager-docs_en:
- Typo correction for Cobbler buildiso command in Client Configuration Guide
- Replaced plain text with dedicated attribute for AutoYaST
- Added a note about Oracle Unbreakable Linux Network mirroring requirements in Client Configuration Guide (bsc#1212032)
- Added SUSE Linux Enterprise 15 SP5 and openSUSE Leap 15.5 as supported clients in the Client Configuration Guide
- Fixed missing tables of content in the Reference Guide (bsc#1208577)
- Fixed instruction for Single sign-on implementation example in the Administration Guide (bsc#1210103)
- Removed reference to non-exitent files in Reference Guide (bsc#1208528)
susemanager-schema:
- Version 4.2.29-1
- Add schema directory for susemanager-schema-4.2.29
susemanager-sls:
- Version 4.2.35-1
- Do not disable salt-minion on salt-ssh managed clients
- Use venv-salt-minion instead of salt for docker states (bsc#1212416)
How to apply this update:
- Log in as root user to the SUSE Manager Server.
- Stop the Spacewalk service:
spacewalk-service stop
- Apply the patch using either zypper patch or YaST Online Update.
- Start the Spacewalk service:
spacewalk-service start
- ID
- SUSE-SU-2023:3474-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20233474-1/
- Published
-
2023-08-29T09:38:52
(12 months ago) - Modified
-
2023-08-29T09:38:52
(12 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2023-1848
- ALAS-2023-1849
- ALAS2-2023-2208
- ALAS2-2023-2209
- ALAS2-2023-2210
- ALAS2-2023-2211
- ALAS2-2023-2229
- ALAS2-2023-2303
- ALPINE:CVE-2023-29409
- ALSA-2023:5738
- ALSA-2023:7762
- ALSA-2023:7763
- ALSA-2023:7764
- ALSA-2023:7765
- ALSA-2023:7766
- ALSA-2024:0121
- ELSA-2023-5738
- ELSA-2023-7762
- ELSA-2023-7763
- ELSA-2023-7764
- ELSA-2023-7765
- ELSA-2023-7766
- ELSA-2024-0121
- ELSA-2024-2988
- GLSA-202311-09
- GO-2023-1987
- RHSA-2023:5721
- RHSA-2023:5738
- RHSA-2023:7762
- RHSA-2023:7763
- RHSA-2023:7764
- RHSA-2023:7765
- RHSA-2023:7766
- RHSA-2024:0121
- RHSA-2024:2988
- SUSE-SU-2023:3181-1
- SUSE-SU-2023:3263-1
- SUSE-SU-2023:3840-1
- SUSE-SU-2023:3841-1
- SUSE-SU-2023:3861-1
- SUSE-SU-2023:3867-1
- SUSE-SU-2023:3868-1
- SUSE-SU-2023:3875-1
- SUSE-SU-2023:3885-1
- SUSE-SU-2023:3886-1
- SUSE-SU-2023:3888-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |