Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Announcement ID:	SUSE-SU-2026:1035-1
Release Date:	2026-03-25T10:21:20Z
Rating:	important
References:	bsc#1213308 bsc#1214568 bsc#1214569 bsc#1216711 bsc#1217755 bsc#1220899 bsc#1221950 bsc#1223368 bsc#1227577 bsc#1227579 bsc#1228577 bsc#1230876 bsc#1232125 bsc#1233496 bsc#1236066 bsc#1236799 bsc#1237536 bsc#1238481 bsc#1239636 bsc#1240565 bsc#1241013 bsc#1243241 bsc#1243679 bsc#1243768 bsc#1243808 bsc#1243876 bsc#1243881 bsc#1244177 bsc#1244542 bsc#1244648 bsc#1244724 bsc#1245241 bsc#1245307 bsc#1245405 bsc#1245766 bsc#1246421 bsc#1246981 bsc#1247038 bsc#1248741 bsc#1248804 bsc#1249502 bsc#1251864 bsc#1251995 bsc#1252937 bsc#1253024 bsc#1253068 bsc#1253158 bsc#1253322 bsc#1253501 bsc#1253773 bsc#1255298 jsc#MSQA-1046
Cross-References:	CVE-2024-29371 CVE-2025-12816 CVE-2025-13465 CVE-2025-61140 CVE-2026-1615 CVE-2026-25547 CVE-2026-27727 CVE-2026-27830
CVSS scores:	CVE-2024-29371 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-29371 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-29371 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-12816 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-12816 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2025-13465 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2025-61140 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2025-61140 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2025-61140 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-1615 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-1615 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-1615 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-1615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-25547 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2026-25547 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-25547 ( NVD ): 9.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-27727 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVE-2026-27727 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-27727 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVE-2026-27727 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-27830 ( SUSE ): 8.9 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVE-2026-27830 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2026-27830 ( NVD ): 8.9 CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:	openSUSE Leap 15.4

An update that solves eight vulnerabilities, contains one feature and has 43 security fixes can now be installed.

Security update 4.3.17 for Multi-Linux Manager Proxy and Retail Branch Server LTS

Description:

This update fixes the following issues:

release-notes-susemanager-proxy:

Update to SUSE Manager 4.3.17
CVEs Fixed: CVE-2024-29371, CVE-2026-27727, CVE-2026-27830
Bugs mentioned: bsc#1227577, bsc#1227579, bsc#1236799, bsc#1243241, bsc#1244724 bsc#1248741, bsc#1251995, bsc#1253068, bsc#1253773

Security update 4.3.17 for Multi-Linux Manager Server LTS

Description:

This update fixes the following issues:

release-notes-susemanager:

Update to SUSE Manager 4.3.17
Monitoring: Prometheus upgraded to 3.5.0
CVEs Fixed: CVE-2024-29371, CVE-2026-27727, CVE-2026-27830, CVE-2025-12816 CVE-2025-13465, CVE-2025-61140, CVE-2026-1615, CVE-2026-25547
Bugs mentioned: bsc#1213308, bsc#1214568, bsc#1214569, bsc#1216711, bsc#1217755 bsc#1220899, bsc#1221950, bsc#1223368, bsc#1227577, bsc#1227579 bsc#1228577, bsc#1230876, bsc#1232125, bsc#1233496, bsc#1236066 bsc#1236799, bsc#1237536, bsc#1238481, bsc#1239636, bsc#1240565 bsc#1241013, bsc#1243241, bsc#1243679, bsc#1243768, bsc#1243808 bsc#1243876, bsc#1243881, bsc#1244177, bsc#1244542, bsc#1244648 bsc#1244724, bsc#1245241, bsc#1245307, bsc#1245405, bsc#1245766 bsc#1246421, bsc#1246981, bsc#1247038, bsc#1248741, bsc#1248804 bsc#1249502, bsc#1251864, bsc#1251995, bsc#1252937, bsc#1253024 bsc#1253068, bsc#1253158, bsc#1253322, bsc#1253501, bsc#1255298

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1035=1

Package List:

openSUSE Leap 15.4 (noarch)
- release-notes-susemanager-4.3.17-150400.3.151.1
- release-notes-susemanager-proxy-4.3.17-150400.3.107.1

Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes

Security update 4.3.17 for Multi-Linux Manager Proxy and Retail Branch Server LTS

Description:

Security update 4.3.17 for Multi-Linux Manager Server LTS

Description:

Patch Instructions:

Package List:

References: