Security update for supportutils

Announcement ID:	SUSE-SU-2023:3822-2
Rating:	moderate
References:	bsc#1181477 bsc#1196933 bsc#1204942 bsc#1205533 bsc#1206402 bsc#1206608 bsc#1207543 bsc#1207598 bsc#1208928 bsc#1209979 bsc#1210015 bsc#1210950 bsc#1211598 bsc#1211599 bsc#1213127 jsc#PED-1703
Cross-References:	CVE-2022-45154
CVSS scores:	CVE-2022-45154 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-45154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
Affected Products:	SUSE Linux Enterprise Micro 5.5

An update that solves one vulnerability, contains one feature and has 14 security fixes can now be installed.

Description:

This update for supportutils fixes the following issues:

Security fixes:

• CVE-2022-45154: Removed iSCSI passwords (bsc#1207598).

Other Fixes:

• Changes in version 3.1.26
• powerpc plugin to collect the slots and active memory (bsc#1210950)
• A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154
• supportconfig: collect BPF information (pr#154)

• Added additional iscsi information (pr#155)

• Added run time detection (bsc#1213127)

• Changes for supportutils version 3.1.25

• Removed iSCSI passwords CVE-2022-45154 (bsc#1207598)
• powerpc: Collect lsslot,amsstat, and opal elogs (pr#149)
• powerpc: collect invscout logs (pr#150)
• powerpc: collect RMC status logs (pr#151)
• Added missing nvme nbft commands (bsc#1211599)
• Fixed invalid nvme commands (bsc#1211598)
• Added missing podman information (PED-1703, bsc#1181477)
• Removed dependency on sysfstools
• Check for systool use (bsc#1210015)
• Added selinux checking (bsc#1209979)

• Updated SLES_VER matrix

• Fixed missing status detail for apparmor (bsc#1196933)

• Corrected invalid argument list in docker.txt (bsc#1206608)
• Applies limit equally to sar data and text files (bsc#1207543)
• Collects hwinfo hardware logs (bsc#1208928)

• Collects lparnumascore logs (issue#148)

• Add dependency to numactl on ppc64le and s390x, this enforces that numactl --hardware data is provided in supportconfigs

• Changes to supportconfig.rc version 3.1.11-35

• Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402)

• Changes to supportconfig version 3.1.11-46.4

• Added plymouth_info

• Changes to getappcore version 1.53.02

• The location of chkbin was updated earlier. This documents that change (bsc#1205533, bsc#1204942)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Micro 5.5
  zypper in -t patch SUSE-SLE-Micro-5.5-2023-3822=1

Package List:

• SUSE Linux Enterprise Micro 5.5 (noarch)
  • supportutils-3.1.26-150300.7.35.21.1

References:

• https://www.suse.com/security/cve/CVE-2022-45154.html
• https://bugzilla.suse.com/show_bug.cgi?id=1181477
• https://bugzilla.suse.com/show_bug.cgi?id=1196933
• https://bugzilla.suse.com/show_bug.cgi?id=1204942
• https://bugzilla.suse.com/show_bug.cgi?id=1205533
• https://bugzilla.suse.com/show_bug.cgi?id=1206402
• https://bugzilla.suse.com/show_bug.cgi?id=1206608
• https://bugzilla.suse.com/show_bug.cgi?id=1207543
• https://bugzilla.suse.com/show_bug.cgi?id=1207598
• https://bugzilla.suse.com/show_bug.cgi?id=1208928
• https://bugzilla.suse.com/show_bug.cgi?id=1209979
• https://bugzilla.suse.com/show_bug.cgi?id=1210015
• https://bugzilla.suse.com/show_bug.cgi?id=1210950
• https://bugzilla.suse.com/show_bug.cgi?id=1211598
• https://bugzilla.suse.com/show_bug.cgi?id=1211599
• https://bugzilla.suse.com/show_bug.cgi?id=1213127
• https://jira.suse.com/browse/PED-1703