SUSE Security Update: Security update for several packages related to SUSE Manger 3.2
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:1006-1
Rating:             moderate
References:         #1109316 #1120242 #1121195 #1122230 #1122381 
                    #1122837 #1124290 #1125600 #1125744 #1126075 
                    #1126099 #1126518 #1127542 #1128228 #1128724 
                    #1128781 #1129765 #1129851 #1129956 #1130658 
                    #1131490 #1131677 #1131721 #1132579 
Cross-References:   CVE-2017-7957
Affected Products:
                    SUSE Manager Server 3.2
                    SUSE Manager Proxy 3.2
______________________________________________________________________________

   An update that solves one vulnerability and has 23 fixes is
   now available.

Description:

   This consolidated update includes multiple patchinfos for SUSE Manager
   Server and Proxy


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Manager Server 3.2:

      zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2019-1006=1

   - SUSE Manager Proxy 3.2:

      zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2019-1006=1



Package List:

   - SUSE Manager Server 3.2 (ppc64le s390x x86_64):

      reprepro-5.3.0-2.3.3
      smdba-1.6.4-0.3.9.3
      spacewalk-branding-2.8.5.15-3.19.3
      susemanager-3.2.17-3.22.4
      susemanager-tools-3.2.17-3.22.4

   - SUSE Manager Server 3.2 (noarch):

      apache-commons-lang3-3.4-3.3.3
      cobbler-2.6.6-6.16.3
      drools-7.17.0-3.3.3
      guava-27.0.1-3.3.3
      jade4j-1.0.7-3.3.3
      kie-api-7.17.0-3.3.3
      kie-soup-7.17.0.Final-2.3.3
      optaplanner-7.17.0-3.3.3
      py26-compat-salt-2016.11.10-6.21.3
      python2-spacewalk-certs-tools-2.8.8.7-3.6.3
      spacecmd-2.8.25.10-3.20.3
      spacewalk-admin-2.8.4.4-3.6.3
      spacewalk-backend-2.8.57.14-3.25.3
      spacewalk-backend-app-2.8.57.14-3.25.3
      spacewalk-backend-applet-2.8.57.14-3.25.3
      spacewalk-backend-config-files-2.8.57.14-3.25.3
      spacewalk-backend-config-files-common-2.8.57.14-3.25.3
      spacewalk-backend-config-files-tool-2.8.57.14-3.25.3
      spacewalk-backend-iss-2.8.57.14-3.25.3
      spacewalk-backend-iss-export-2.8.57.14-3.25.3
      spacewalk-backend-libs-2.8.57.14-3.25.3
      spacewalk-backend-package-push-server-2.8.57.14-3.25.3
      spacewalk-backend-server-2.8.57.14-3.25.3
      spacewalk-backend-sql-2.8.57.14-3.25.3
      spacewalk-backend-sql-oracle-2.8.57.14-3.25.3
      spacewalk-backend-sql-postgresql-2.8.57.14-3.25.3
      spacewalk-backend-tools-2.8.57.14-3.25.3
      spacewalk-backend-xml-export-libs-2.8.57.14-3.25.3
      spacewalk-backend-xmlrpc-2.8.57.14-3.25.3
      spacewalk-base-2.8.7.15-3.24.3
      spacewalk-base-minimal-2.8.7.15-3.24.3
      spacewalk-base-minimal-config-2.8.7.15-3.24.3
      spacewalk-certs-tools-2.8.8.7-3.6.3
      spacewalk-html-2.8.7.15-3.24.3
      spacewalk-java-2.8.78.21-3.29.1
      spacewalk-java-config-2.8.78.21-3.29.1
      spacewalk-java-lib-2.8.78.21-3.29.1
      spacewalk-java-oracle-2.8.78.21-3.29.1
      spacewalk-java-postgresql-2.8.78.21-3.29.1
      spacewalk-taskomatic-2.8.78.21-3.29.1
      subscription-matcher-0.23-4.12.3
      susemanager-schema-3.2.18-3.22.3
      susemanager-sls-3.2.23-3.26.3
      susemanager-sync-data-3.2.14-3.20.3
      susemanager-web-libs-2.8.7.15-3.24.3
      xstream-1.4.10-4.3.3

   - SUSE Manager Proxy 3.2 (noarch):

      python2-spacewalk-certs-tools-2.8.8.7-3.6.3
      spacewalk-backend-2.8.57.14-3.25.3
      spacewalk-backend-libs-2.8.57.14-3.25.3
      spacewalk-base-minimal-2.8.7.15-3.24.3
      spacewalk-base-minimal-config-2.8.7.15-3.24.3
      spacewalk-certs-tools-2.8.8.7-3.6.3
      susemanager-web-libs-2.8.7.15-3.24.3


References:

   https://www.suse.com/security/cve/CVE-2017-7957.html
   https://bugzilla.suse.com/1109316
   https://bugzilla.suse.com/1120242
   https://bugzilla.suse.com/1121195
   https://bugzilla.suse.com/1122230
   https://bugzilla.suse.com/1122381
   https://bugzilla.suse.com/1122837
   https://bugzilla.suse.com/1124290
   https://bugzilla.suse.com/1125600
   https://bugzilla.suse.com/1125744
   https://bugzilla.suse.com/1126075
   https://bugzilla.suse.com/1126099
   https://bugzilla.suse.com/1126518
   https://bugzilla.suse.com/1127542
   https://bugzilla.suse.com/1128228
   https://bugzilla.suse.com/1128724
   https://bugzilla.suse.com/1128781
   https://bugzilla.suse.com/1129765
   https://bugzilla.suse.com/1129851
   https://bugzilla.suse.com/1129956
   https://bugzilla.suse.com/1130658
   https://bugzilla.suse.com/1131490
   https://bugzilla.suse.com/1131677
   https://bugzilla.suse.com/1131721
   https://bugzilla.suse.com/1132579

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2019:1006-1 moderate: several packages related

April 24, 2019
An update that solves one vulnerability and has 23 fixes is now available

Summary

This consolidated update includes multiple patchinfos for SUSE Manager Server and Proxy Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 3.2: zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2019-1006=1 - SUSE Manager Proxy 3.2: zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2019-1006=1 Package List: - SUSE Manager Server 3.2 (ppc64le s390x x86_64): reprepro-5.3.0-2.3.3 smdba-1.6.4-0.3.9.3 spacewalk-branding-2.8.5.15-3.19.3 susemanager-3.2.17-3.22.4 susemanager-tools-3.2.17-3.22.4 - SUSE Manager Server 3.2 (noarch): apache-commons-lang3-3.4-3.3.3 cobbler-2.6.6-6.16.3 drools-7.17.0-3.3.3 guava-27.0.1-3.3.3 jade4j-1.0.7-3.3.3 kie-api-7.17.0-3.3.3 kie-soup-7.17.0.Final-2.3.3 optaplanner-7.17.0-3.3.3 py26-compat-salt-2016.11.10-6.21.3 python2-spacewalk-certs-tools-2.8.8.7-3.6.3 spacecmd-2.8.25.10-3.20.3 spacewalk-admin-2.8.4.4-3.6.3 spacewalk-backend-2.8.57.14-3.25.3 spacewalk-backend-app-2.8.57.14-3.25.3 spacewalk-backend-applet-2.8.57.14-3.25.3 spacewalk-backend-config-files-2.8.57.14-3.25.3 spacewalk-backend-config-files-common-2.8.57.14-3.25.3 spacewalk-backend-config-files-tool-2.8.57.14-3.25.3 spacewalk-backend-iss-2.8.57.14-3.25.3 spacewalk-backend-iss-export-2.8.57.14-3.25.3 spacewalk-backend-libs-2.8.57.14-3.25.3 spacewalk-backend-package-push-server-2.8.57.14-3.25.3 spacewalk-backend-server-2.8.57.14-3.25.3 spacewalk-backend-sql-2.8.57.14-3.25.3 spacewalk-backend-sql-oracle-2.8.57.14-3.25.3 spacewalk-backend-sql-postgresql-2.8.57.14-3.25.3 spacewalk-backend-tools-2.8.57.14-3.25.3 spacewalk-backend-xml-export-libs-2.8.57.14-3.25.3 spacewalk-backend-xmlrpc-2.8.57.14-3.25.3 spacewalk-base-2.8.7.15-3.24.3 spacewalk-base-minimal-2.8.7.15-3.24.3 spacewalk-base-minimal-config-2.8.7.15-3.24.3 spacewalk-certs-tools-2.8.8.7-3.6.3 spacewalk-html-2.8.7.15-3.24.3 spacewalk-java-2.8.78.21-3.29.1 spacewalk-java-config-2.8.78.21-3.29.1 spacewalk-java-lib-2.8.78.21-3.29.1 spacewalk-java-oracle-2.8.78.21-3.29.1 spacewalk-java-postgresql-2.8.78.21-3.29.1 spacewalk-taskomatic-2.8.78.21-3.29.1 subscription-matcher-0.23-4.12.3 susemanager-schema-3.2.18-3.22.3 susemanager-sls-3.2.23-3.26.3 susemanager-sync-data-3.2.14-3.20.3 susemanager-web-libs-2.8.7.15-3.24.3 xstream-1.4.10-4.3.3 - SUSE Manager Proxy 3.2 (noarch): python2-spacewalk-certs-tools-2.8.8.7-3.6.3 spacewalk-backend-2.8.57.14-3.25.3 spacewalk-backend-libs-2.8.57.14-3.25.3 spacewalk-base-minimal-2.8.7.15-3.24.3 spacewalk-base-minimal-config-2.8.7.15-3.24.3 spacewalk-certs-tools-2.8.8.7-3.6.3 susemanager-web-libs-2.8.7.15-3.24.3

References

#1109316 #1120242 #1121195 #1122230 #1122381

#1122837 #1124290 #1125600 #1125744 #1126075

#1126099 #1126518 #1127542 #1128228 #1128724

#1128781 #1129765 #1129851 #1129956 #1130658

#1131490 #1131677 #1131721 #1132579

Cross- CVE-2017-7957

Affected Products:

SUSE Manager Server 3.2

SUSE Manager Proxy 3.2

https://www.suse.com/security/cve/CVE-2017-7957.html

https://bugzilla.suse.com/1109316

https://bugzilla.suse.com/1120242

https://bugzilla.suse.com/1121195

https://bugzilla.suse.com/1122230

https://bugzilla.suse.com/1122381

https://bugzilla.suse.com/1122837

https://bugzilla.suse.com/1124290

https://bugzilla.suse.com/1125600

https://bugzilla.suse.com/1125744

https://bugzilla.suse.com/1126075

https://bugzilla.suse.com/1126099

https://bugzilla.suse.com/1126518

https://bugzilla.suse.com/1127542

https://bugzilla.suse.com/1128228

https://bugzilla.suse.com/1128724

https://bugzilla.suse.com/1128781

https://bugzilla.suse.com/1129765

https://bugzilla.suse.com/1129851

https://bugzilla.suse.com/1129956

https://bugzilla.suse.com/1130658

https://bugzilla.suse.com/1131490

https://bugzilla.suse.com/1131677

https://bugzilla.suse.com/1131721

https://bugzilla.suse.com/1132579

Severity
Announcement ID: SUSE-SU-2019:1006-1
Rating: moderate

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved