Security update for SUSE Manager Server 3.2
Announcement ID: | SUSE-SU-2019:1703-1 |
Rating: | moderate |
References: | #1117017 #1125090 #1128061 #1128838 #1129079 #1130492 #1130551 #1131423 #1131704 #1131780 #1131867 #1131929 #1131954 #1132103 #1132197 #1133424 #1133587 #1133629 #1134195 #1134876 #1135166 #1136029 #1136102 #1136250 #1136423 |
Cross-References: | CVE-2019-3684 |
Affected Products: |
|
An update that solves one vulnerability and has 24 fixes is now available.
Description:
This update fixes the following issues:
cobbler:
- Removes string replace for textmode fix (bsc#1134195)
py26-compat-salt:
- Avoid syntax error on yumpkg module running on Python 2.6 (bsc#1136250)
- Use ThreadPool from multiprocessing.pool to avoid leakins when calculating FQDNs
- Fix usermod options for SLE11 (bsc#1117017)
- Do not report patches as installed on RHEL systems when not all the related packages are installed (bsc#1128061)
- Do not include "ordereddict" and "singledispatch" on the thin for Python 2.6 systems.
- Fix paths for py26-compat dependencies on SLE15 and newer
- Port optimization_order config parameter (bsc#1131423)
- Use special tornado and msgpack-python compat packages on sles15sp1 and greater in py26-compat-salt.conf (bsc#1131423)
- Add missing py26 thin dependencies
- Calculate the "FQDNs" grains in parallel to avoid long blocking (bsc#1129079)
salt-netapi-client:
- Add workaround for Salt issue 52762
- Version 0.16.0 see https://github.com/SUSE/salt-netapi-client/releases/tag/v0.16.0
spacewalk-backend:
- Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)
- Use new names in code for client tool packages which were renamed (bsc#1134876)
- Fix HTTP headers handling to avoid duplicated entries (bsc#1125090)
- Use suseLib.get_proxy to get the HTTP proxy configuration properly on DEB repos (bsc#1133424)
spacewalk-certs-tools:
- Fix missing quotation in bootstrap script (bsc#1136423)
- Add new packages names to instructions for adding remote configuration support for traditional clients
- Print error message instead of stacktrace for client_config_update.py
spacewalk-config:
- Fix config declaration for rhn.conf (bsc#1132197)
spacewalk-java:
- Remove the 'Returning' clause from the query as oracle doesn't support it (bsc#1135166)
- Use new names in code for client tool packages which were renamed (bsc#1134876)
- Handle the different retcodes that are being returned when salt module is not available (bsc#1131704)
- Do not implicitly set parent channel when cloning (bsc#1130492)
- Prevent Actions that were actually completed to be displayed as "in progress" forever (bsc#1131780)
- Enable batching mode for salt synchronous calls
- Show minion id in System Details GUI and API
- Do not report Provisioning installed product to subscription matcher (bsc#1128838)
- Fix product package conflicts with SLES for SAP systems (bsc#1130551)
- Add support for Salt batch execution mode
- Fix NPE on remote commands when no targets match (bsc1123375)
- Fix apidoc return order on mergePackages
- Take into account only synced products when scheduling SP migration from the API (bsc#1131929)
spacewalk-web:
- Change WebUI string version to 3.2.8
susemanager:
- Make swap files readable only by root (bsc#1131954, CVE-2019-3684)
- Do not show false errors when configuring swapfile during setup
- Create bootstrap repo for new Red Hat channels (bsc#1133587)
susemanager-docs_en:
- Minion ID is visible in System Info box.
- Managing Systems Completely via SSH now fully supported (bsc#1131867).
susemanager-schema:
- Copy 3.1 schema migrations to 3.2 to be able to migrate from an older schema version to 3.2
- Add support for Salt batch execution mode
susemanager-sls:
- Add support for Salt batch execution mode
susemanager-sync-data:
- Add SLES11 SP4 LTSS channels for SLES for SAP (bsc#1133629)
- Add SLES11 SP4 LTSS channels for ppc64 (bsc#1132103)
zypp-plugin-spacewalk:
- Fix python syntax error in distupgrade (bsc#1136102)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Manager Server 3.2:
zypper in -t patch SUSE-SUSE-Manager-Server-3.2-2019-1703=1
- SUSE Manager Proxy 3.2:
zypper in -t patch SUSE-SUSE-Manager-Proxy-3.2-2019-1703=1
Package List:
- SUSE Manager Server 3.2 (ppc64le s390x x86_64):
- susemanager-3.2.18-3.25.2
- susemanager-tools-3.2.18-3.25.2
- SUSE Manager Server 3.2 (noarch):
- cobbler-2.6.6-6.19.1
- py26-compat-salt-2016.11.10-6.26.1
- python2-spacewalk-certs-tools-2.8.8.10-3.11.1
- salt-netapi-client-0.16.0-4.11.1
- spacewalk-backend-2.8.57.16-3.30.1
- spacewalk-backend-app-2.8.57.16-3.30.1
- spacewalk-backend-applet-2.8.57.16-3.30.1
- spacewalk-backend-config-files-2.8.57.16-3.30.1
- spacewalk-backend-config-files-common-2.8.57.16-3.30.1
- spacewalk-backend-config-files-tool-2.8.57.16-3.30.1
- spacewalk-backend-iss-2.8.57.16-3.30.1
- spacewalk-backend-iss-export-2.8.57.16-3.30.1
- spacewalk-backend-libs-2.8.57.16-3.30.1
- spacewalk-backend-package-push-server-2.8.57.16-3.30.1
- spacewalk-backend-server-2.8.57.16-3.30.1
- spacewalk-backend-sql-2.8.57.16-3.30.1
- spacewalk-backend-sql-oracle-2.8.57.16-3.30.1
- spacewalk-backend-sql-postgresql-2.8.57.16-3.30.1
- spacewalk-backend-tools-2.8.57.16-3.30.1
- spacewalk-backend-xml-export-libs-2.8.57.16-3.30.1
- spacewalk-backend-xmlrpc-2.8.57.16-3.30.1
- spacewalk-base-2.8.7.16-3.27.1
- spacewalk-base-minimal-2.8.7.16-3.27.1
- spacewalk-base-minimal-config-2.8.7.16-3.27.1
- spacewalk-certs-tools-2.8.8.10-3.11.1
- spacewalk-config-2.8.5.7-3.16.1
- spacewalk-html-2.8.7.16-3.27.1
- spacewalk-java-2.8.78.22-3.32.1
- spacewalk-java-config-2.8.78.22-3.32.1
- spacewalk-java-lib-2.8.78.22-3.32.1
- spacewalk-java-oracle-2.8.78.22-3.32.1
- spacewalk-java-postgresql-2.8.78.22-3.32.1
- spacewalk-taskomatic-2.8.78.22-3.32.1
- susemanager-advanced-topics_en-pdf-3.2-11.26.1
- susemanager-best-practices_en-pdf-3.2-11.26.1
- susemanager-docs_en-3.2-11.26.1
- susemanager-getting-started_en-pdf-3.2-11.26.1
- susemanager-jsp_en-3.2-11.26.1
- susemanager-reference_en-pdf-3.2-11.26.1
- susemanager-schema-3.2.19-3.25.1
- susemanager-sls-3.2.25-3.29.1
- susemanager-sync-data-3.2.15-3.23.1
- susemanager-web-libs-2.8.7.16-3.27.1
- SUSE Manager Proxy 3.2 (noarch):
- python2-rhncfg-5.10.122.3-3.3.1
- python2-rhncfg-actions-5.10.122.3-3.3.1
- python2-rhncfg-client-5.10.122.3-3.3.1
- python2-rhncfg-management-5.10.122.3-3.3.1
- python2-spacewalk-certs-tools-2.8.8.10-3.11.1
- python2-zypp-plugin-spacewalk-1.0.5-3.7.1
- rhncfg-5.10.122.3-3.3.1
- rhncfg-actions-5.10.122.3-3.3.1
- rhncfg-client-5.10.122.3-3.3.1
- rhncfg-management-5.10.122.3-3.3.1
- spacewalk-backend-2.8.57.16-3.30.1
- spacewalk-backend-libs-2.8.57.16-3.30.1
- spacewalk-base-minimal-2.8.7.16-3.27.1
- spacewalk-base-minimal-config-2.8.7.16-3.27.1
- spacewalk-certs-tools-2.8.8.10-3.11.1
- spacewalk-proxy-broker-2.8.5.5-3.6.2
- spacewalk-proxy-common-2.8.5.5-3.6.2
- spacewalk-proxy-installer-2.8.6.6-3.12.1
- spacewalk-proxy-management-2.8.5.5-3.6.2
- spacewalk-proxy-package-manager-2.8.5.5-3.6.2
- spacewalk-proxy-redirect-2.8.5.5-3.6.2
- spacewalk-proxy-salt-2.8.5.5-3.6.2
- susemanager-web-libs-2.8.7.16-3.27.1
- zypp-plugin-spacewalk-1.0.5-3.7.1
References:
- https://www.suse.com/security/cve/CVE-2019-3684.html
- https://bugzilla.suse.com/1117017
- https://bugzilla.suse.com/1125090
- https://bugzilla.suse.com/1128061
- https://bugzilla.suse.com/1128838
- https://bugzilla.suse.com/1129079
- https://bugzilla.suse.com/1130492
- https://bugzilla.suse.com/1130551
- https://bugzilla.suse.com/1131423
- https://bugzilla.suse.com/1131704
- https://bugzilla.suse.com/1131780
- https://bugzilla.suse.com/1131867
- https://bugzilla.suse.com/1131929
- https://bugzilla.suse.com/1131954
- https://bugzilla.suse.com/1132103
- https://bugzilla.suse.com/1132197
- https://bugzilla.suse.com/1133424
- https://bugzilla.suse.com/1133587
- https://bugzilla.suse.com/1133629
- https://bugzilla.suse.com/1134195
- https://bugzilla.suse.com/1134876
- https://bugzilla.suse.com/1135166
- https://bugzilla.suse.com/1136029
- https://bugzilla.suse.com/1136102
- https://bugzilla.suse.com/1136250
- https://bugzilla.suse.com/1136423