Security update for python-azure-agent
Announcement ID: | SUSE-SU-2019:3393-1 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability, contains one feature and has one security fix can now be installed.
Description:
This update for python-azure-agent fixes the following issues:
Update to version 2.2.45 (jsc#ECO-80 bsc#1159639)
- Add support for Gen2 VM resource disks
- Use alternate systemd detection
- Fix /proc/net/route requirement that causes errors on FreeBSD
- Add cloud-init auto-detect to prevent multiple provisioning mechanisms from relying on configuration for coordination
- Disable cgroups when daemon is setup incorrectly
- Remove upgrade extension loop for the same goal state
- Add container id for extension telemetry events
- Be more exact when detecting IMDS service health
- Changing add_event to start sending missing fields
Update to version 2.2.44:
- Remove outdated extension ZIP packages
- Improved error handling when starting extensions using systemd
- Reduce provisioning time of some custom images
- Improve the handling of extension download errors
- New API for extension authors to handle errors during extension update
- Fix handling of errors in calls to openssl
- Improve logic to determine current distro
- Reduce verbosity of several logging statements
Update to version 2.2.42:
- Poll for artifact blob, addresses goal state procesing issue
Update to version 2.2.41:
- Rewriting the mechanism to start the extension using systemd-run for systems using systemd for managing
- Refactoring of resource monitoring framework using cgroup for both systemd and non-systemd approaches [#1530, #1534]
- Telemetry pipeline for resource monitoring data
Update to version 2.2.40:
- Fixed tracking of memory/cpu usage
- Do not prevent extensions from running if setting up cgroups fails
- Enable systemd-aware deprovisioning on all versions >= 18.04
- Add systemd support for Debian Jessie, Stretch, and Buster
- Support for Linux Openwrt
Update to version 2.2.38:
- CVE-2019-0804: WALinuxAgent could be made to expose sensitive information. (bsc#1127838)
- Add fixes for handling swap file and other nit fixes
Update to version 2.2.37:
- Improves re-try logic to handle errors while downloading extensions
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
Public Cloud Module 15
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2019-3393=1
Package List:
-
Public Cloud Module 15 (noarch)
- python-azure-agent-2.2.45-7.9.1