Recommended update for SUSE Manager Server 4.0

SUSE Recommended Update: Recommended update for SUSE Manager Server 4.0
Announcement ID: SUSE-RU-2019:2313-1
Rating: moderate
References: #1104949 #1109639 #1111371 #1116869 #1118175 #1122559 #1130040 #1132076 #1134677 #1135360 #1136857 #1137144 #1137229 #1137244 #1137308 #1137881 #1137882 #1137952 #1137965 #1138127 #1138130 #1138268 #1138275 #1138586 #1138655 #1138822 #1139453 #1139493 #1140644 #1141598 #1141663 #1142038 #1143204 #1143946 #1144155 #1144889 #1145584 #1146411 #1146443 #1147126 #1148125 #1148177 #1148311 #1149343
Affected Products:
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.0
  • SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0

An update that has 44 recommended fixes can now be installed.

Description:


This update includes the following new features:

  • Improve performance of 'Systems requiring reboot' page (fate#327780)
  • Drop no longer used 'allServerKeywordSinceReboot' view (fate#327780)

This update fixes the following issues:
branch-network-formula:
  • Update to version 0.1.1561374979.11123db
  • Explicitelly specify zone of the internal interface (bsc#1138586)
  • Use 'onchanges' require instead of 'wait' to clearly see when state was applied or not required to
  • Firewalld 'public' zone should be used for shared NIC (bsc#1137882)

mgr-osad:
  • Fix obsolete for old osad packages, to allow installing mgr-osad even by using osad at yum/zyppper install (bsc#1139453)
  • Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

patterns-suse-manager:
  • Add recommends for cpu-mitigations-formula

py26-compat-salt:
  • Do not break repo files with multiple line values on yumpkg (bsc#1135360)
  • Catch SSLError for TLS 1.2 bootstraps with RES/RHEL6 and SLE11 (bsc#1147126)

python-susemanager-retail:
  • Update to version 0.1.1564399963.cf19a13
  • Initialize filename_efi in dhcpd formula (bsc#1143204)

rhnlib:
  • Add SNI support for clients
  • Fix initialize ssl connection (bsc#1144155)
  • Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)

saltboot-formula:
  • Update to version 0.1.1564399963.cf19a13
  • Fix rounding errors at the end of disk (bsc#1136857)

spacewalk-backend:
  • prevent duplicate key violates on repo-sync with long changelog entries (bsc#1144889)
  • Do not overwrite comps and module data with older versions
  • Fix issue with "dists" keyword in url hostname
  • Import packages from all collections of a patch not just first one
  • Ensure bytes type when using hashlib to avoid traceback on XMLRPC call to "registration.register_osad" (bsc#1138822)
  • Don't skip Deb package tags on package import (bsc#1130040)
  • For backend-libs subpackages, exclude files for the server (already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
  • prevent duplicate key violates on repo-sync with long changelog entries (bsc#1144889)

spacewalk-branding:
  • Set Copyright year to 2019 (bsc#1141598)
  • Remove duplicate information message when changing system properties (bsc#1111371)
  • Add missing strings for task status page

spacewalk-certs-tools:
  • Run bootstrap.sh completely unattended on Ubuntu (bsc#1137881)

spacewalk-client-tools:
  • The rhnsd service was replaced by rhnsd timer, so registration script and systemd presets are now adapted to this (bsc#1138130)

spacewalk-java:
  • Fix: initialize the hibernate transaction when merging errata via XMLRPC API (bsc#1145584)
  • Improve performance for retrieving the user permissions on channels (bsc#1140644)
  • Fix permissions of cobbler owned directories
  • Prerequire salt package to avoid not existing user issues
  • Support partly patched CVEs in CVE audit (bsc#1137229)
  • Remove duplicate information message when changing system properties (bsc#1111371)
  • Align selection column in software channel managers (bsc#1122559)
  • Hide channels managed by Content Lifecycle projects from available sources (bsc#1137965)
  • Add caret sorting for rpm versioning
  • API Documentation: mention the shebang in the system.scheduleScriptRun doc strings (bsc#1138655)
  • For orphan contentsources, look also in susesccrepositoryauth to make sure they are not being referenced(bsc#1138275)
  • Fallback to logged-in-user org and then vendor errata when looking up erratum on cloning (bsc#1137308)
  • Add new validation to avoid creating content lifecycle projects starting with a number (bsc#1139493)
  • Allow virtualization tab for foreign systems (bsc#1116869)
  • Improve performance of 'Systems requiring reboot' page (fate#327780)
  • Allow forcing off or resetting VMs
  • Keep querystring on ListTag parent_url for actions that have the cid param (bsc#1134677)
  • Add XML-RPC API calls to manage server monitoring
  • Fix profiles package scheduling when epoch is null (bsc#1137144)

spacewalk-utils:
  • Fixes SSL hostname matching (bsc#1141663)
  • Hostname-rename: change hostname in cobbler db and autoinst data
  • Adds support for Ubuntu and Debian channels to spacewalk-common-channels.

spacewalk-web:
  • Redirect to first step of channel assignment after change channel submit (bsc#1137244)
  • Hide channels managed by Content Lifecycle projects from available sources (bsc#1137965)
  • Add unsupported browser warning when using Internet Explorer
  • Allow virtualization tab for foreign systems (bsc#1116869)
  • Allow forcing off or resetting VMs
  • Fix VM creation dialog with non-default pools and networks (bsc#1138268)
  • Add checks for empty required entries on formula forms (bsc#1109639)

susemanager:
  • Make dmidecode part of the bootstrap repositiories (bsc#1137952)

susemanager-nodejs-sdk-devel:
  • upgrade lodash - https://nodesecurity.io/advisories/1065
  • upgrade eslint and react-select minor

susemanager-schema:
  • Improve performance for retrieving the user permissions on channels (bsc#1140644)
  • Add caret sorting for rpm versioning
  • Allow repo and manifest sources with the same url
  • Drop no longer used 'allServerKeywordSinceReboot' view (fate#327780)
  • Allow forcing off or resetting VMs

susemanager-sls:
  • Force VM off before deleting it (bsc#1138127)
  • Check for result of image rsync transfer to catch failures early (bsc#1104949)
  • Allow forcing off or resetting VMs
  • Make sure dmidecode is installed during bootstrap to ensure that hardware refresh works for all operating systems (bsc#1137952)
  • Bootstrapping RES6/RHEL6/SLE11 with TLS1.2 now shows error message. (bsc#1147126)
  • Fix for issue with bootstrapping RES minions (bsc#1147126)

spacewalk-setup:
  • prevent CherryPy timeouts (bsc#1118175, bsc#1149343)

cpu-mitigations-formula:
  • Initial commit of cpu-mitigations-formula (bsc#1143946)

spacecmd:
  • Fix missing runtime dependencies that made spacecmd return old versions of packages in some cases, even if newer ones were available (bsc#1148311)

susemanager-docs_en:
  • Interface used for branch network on branch server is not added to internal firewall zone (bsc#1132076)
  • Increasing the maximum size allowed for configuration files (bsc#1146411)
  • Documentation - Unclear how to use groups with SUMA 4 remote commands (bsc#1146443)
  • Added link to bootstrap script creation
  • Added missing zypper entity
  • Added Canonical IP safeguard
  • Update for unified proxy installer
  • lunrjs integration replaces Algolia with local search
  • Antora UI improvements
  • JeOS docs cleaned up
  • Content review and cleanup on books Administration, Installation, Salt, Retail, Client Configuration and Upgrade
  • Removed outdated command tailf
  • Added missing images
  • Improved max size for configuration files
  • Added matching salt clients by minion_id or with a wildcard
  • Clarify image store for Kiwi images
  • Public cloud doc update
  • Content lifecycle manager filter update
  • Added note about support status of IE
  • Fixed IBM Z entity render issue
  • New Salt tuning guide

Patch Instructions:

To install this SUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Module for SUSE Manager Server 4.0:
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.0-2019-2313=1
  • SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0:
    zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2019-2313=1

Package List:

  • SUSE Linux Enterprise Module for SUSE Manager Server 4.0 (ppc64le s390x x86_64):
    • spacewalk-branding-4.0.13-3.3.6
    • susemanager-4.0.16-3.3.8
    • susemanager-tools-4.0.16-3.3.8
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.0 (noarch):
    • branch-network-formula-0.1.1561374979.11123db-3.3.3
    • cpu-mitigations-formula-0.1-4.3.2
    • mgr-osa-dispatcher-4.0.9-3.3.7
    • py26-compat-salt-2016.11.10-10.5.1
    • python3-mgr-osa-common-4.0.9-3.3.7
    • python3-mgr-osa-dispatcher-4.0.9-3.3.7
    • python3-rhnlib-4.0.11-3.7.1
    • python3-spacewalk-backend-libs-4.0.25-3.10.2
    • python3-spacewalk-certs-tools-4.0.11-3.3.6
    • python3-spacewalk-client-tools-4.0.9-3.3.4
    • python3-susemanager-retail-1.0.1564399963.cf19a13-3.3.3
    • saltboot-formula-0.1.1564399963.cf19a13-3.3.3
    • spacecmd-4.0.14-3.3.1
    • spacewalk-backend-4.0.25-3.10.2
    • spacewalk-backend-app-4.0.25-3.10.2
    • spacewalk-backend-applet-4.0.25-3.10.2
    • spacewalk-backend-config-files-4.0.25-3.10.2
    • spacewalk-backend-config-files-common-4.0.25-3.10.2
    • spacewalk-backend-config-files-tool-4.0.25-3.10.2
    • spacewalk-backend-iss-4.0.25-3.10.2
    • spacewalk-backend-iss-export-4.0.25-3.10.2
    • spacewalk-backend-package-push-server-4.0.25-3.10.2
    • spacewalk-backend-server-4.0.25-3.10.2
    • spacewalk-backend-sql-4.0.25-3.10.2
    • spacewalk-backend-sql-postgresql-4.0.25-3.10.2
    • spacewalk-backend-tools-4.0.25-3.10.2
    • spacewalk-backend-xml-export-libs-4.0.25-3.10.2
    • spacewalk-backend-xmlrpc-4.0.25-3.10.2
    • spacewalk-base-4.0.15-3.6.7
    • spacewalk-base-minimal-4.0.15-3.6.7
    • spacewalk-base-minimal-config-4.0.15-3.6.7
    • spacewalk-certs-tools-4.0.11-3.3.6
    • spacewalk-client-tools-4.0.9-3.3.4
    • spacewalk-html-4.0.15-3.6.7
    • spacewalk-java-4.0.23-3.5.2
    • spacewalk-java-config-4.0.23-3.5.2
    • spacewalk-java-lib-4.0.23-3.5.2
    • spacewalk-java-postgresql-4.0.23-3.5.2
    • spacewalk-setup-4.0.10-3.3.1
    • spacewalk-taskomatic-4.0.23-3.5.2
    • spacewalk-utils-4.0.11-3.3.6
    • susemanager-doc-indexes-4.0-10.6.1
    • susemanager-docs_en-4.0-10.6.1
    • susemanager-docs_en-pdf-4.0-10.6.1
    • susemanager-retail-tools-1.0.1564399963.cf19a13-3.3.3
    • susemanager-schema-4.0.14-3.3.4
    • susemanager-sls-4.0.19-3.5.1
    • susemanager-web-libs-4.0.15-3.6.7
  • SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0 (noarch):
    • mgr-cfg-4.0.9-3.3.6
    • mgr-cfg-actions-4.0.9-3.3.6
    • mgr-cfg-client-4.0.9-3.3.6
    • mgr-cfg-management-4.0.9-3.3.6
    • mgr-daemon-4.0.7-3.3.4
    • mgr-osad-4.0.9-3.3.7
    • python3-mgr-cfg-4.0.9-3.3.6
    • python3-mgr-cfg-actions-4.0.9-3.3.6
    • python3-mgr-cfg-client-4.0.9-3.3.6
    • python3-mgr-cfg-management-4.0.9-3.3.6
    • python3-mgr-osa-common-4.0.9-3.3.7
    • python3-mgr-osad-4.0.9-3.3.7
    • python3-rhnlib-4.0.11-3.7.1
    • python3-spacewalk-backend-libs-4.0.25-3.10.2
    • python3-spacewalk-certs-tools-4.0.11-3.3.6
    • python3-spacewalk-check-4.0.9-3.3.4
    • python3-spacewalk-client-setup-4.0.9-3.3.4
    • python3-spacewalk-client-tools-4.0.9-3.3.4
    • spacewalk-backend-4.0.25-3.10.2
    • spacewalk-base-minimal-4.0.15-3.6.7
    • spacewalk-base-minimal-config-4.0.15-3.6.7
    • spacewalk-certs-tools-4.0.11-3.3.6
    • spacewalk-check-4.0.9-3.3.4
    • spacewalk-client-setup-4.0.9-3.3.4
    • spacewalk-client-tools-4.0.9-3.3.4
    • spacewalk-remote-utils-4.0.5-3.3.6

References: