Security update for SUSE Manager Server
SUSE Security Update: Security update for SUSE Manager Server
This update implement the following new feature:
* Deployment of SUSE Studio images
This update fixes the following issues:
* Rotate logfiles as user nocpulse/wwwrun
(CVE-2011-1550)
* Fix arbitrary package upload (CVE-2012-1145)
* Replace passwords in debug files
* Reword All Patches to All Types
* Remove the page errata/Overview.do as it is a
duplicate of errata/RelevantErrata.do
* Add indexes on some database tables
* Fix rhnServerNeededView to reflect all errata
* Update bootstrap repositories to latest version
How to apply this update: 1. Log in as root user to the
SUSE Manager server. 2. Stop the Spacewalk service:
spacewalk-service stop If the SUSE Manager database is
running on the same machine as the SUSE Manager server,
this command also stops the SUSE Manager database instance.
3. Apply the patch using either zypper patch or YaST
Online Update. 4. If the SUSE Manager database is running
on the same machine as your SUSE Manager server, start the
database instance with /etc/init.d/oracle-xe start 5.
Upgrade the database schema with spacewalk-schema-upgrade
6. Start the Spacewalk service: spacewalk-service start
Security Issues:
* CVE-2012-1145
>
* CVE-2011-1550
>
| Announcement ID: | SUSE-SU-2012:0509-1 |
| Rating: | moderate |
| References: | #681980 #681984 #732538 #751837 #752459 #752467 |
| Affected Products: |
An update that solves two vulnerabilities and has four fixes is now available. It includes one version update.
Description:
This update implement the following new feature:
* Deployment of SUSE Studio images
This update fixes the following issues:
* Rotate logfiles as user nocpulse/wwwrun
(CVE-2011-1550)
* Fix arbitrary package upload (CVE-2012-1145)
* Replace passwords in debug files
* Reword All Patches to All Types
* Remove the page errata/Overview.do as it is a
duplicate of errata/RelevantErrata.do
* Add indexes on some database tables
* Fix rhnServerNeededView to reflect all errata
* Update bootstrap repositories to latest version
How to apply this update: 1. Log in as root user to the
SUSE Manager server. 2. Stop the Spacewalk service:
spacewalk-service stop If the SUSE Manager database is
running on the same machine as the SUSE Manager server,
this command also stops the SUSE Manager database instance.
3. Apply the patch using either zypper patch or YaST
Online Update. 4. If the SUSE Manager database is running
on the same machine as your SUSE Manager server, start the
database instance with /etc/init.d/oracle-xe start 5.
Upgrade the database schema with spacewalk-schema-upgrade
6. Start the Spacewalk service: spacewalk-service start
Security Issues:
* CVE-2012-1145
* CVE-2011-1550
Indications:
Every SUSE Manager user should update
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-suse-manager-201204-6141
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (x86_64) [New Version: 1.2.74]:
- spacewalk-backend-1.2.74-0.52.1
- spacewalk-backend-app-1.2.74-0.52.1
- spacewalk-backend-applet-1.2.74-0.52.1
- spacewalk-backend-config-files-1.2.74-0.52.1
- spacewalk-backend-config-files-common-1.2.74-0.52.1
- spacewalk-backend-config-files-tool-1.2.74-0.52.1
- spacewalk-backend-iss-1.2.74-0.52.1
- spacewalk-backend-iss-export-1.2.74-0.52.1
- spacewalk-backend-libs-1.2.74-0.52.1
- spacewalk-backend-package-push-server-1.2.74-0.52.1
- spacewalk-backend-server-1.2.74-0.52.1
- spacewalk-backend-sql-1.2.74-0.52.1
- spacewalk-backend-sql-oracle-1.2.74-0.52.1
- spacewalk-backend-tools-1.2.74-0.52.1
- spacewalk-backend-xml-export-libs-1.2.74-0.52.1
- spacewalk-backend-xmlrpc-1.2.74-0.52.1
- spacewalk-backend-xp-1.2.74-0.52.1
- spacewalk-branding-1.2.2-0.22.4
- spacewalk-client-repository-0.1-0.5.209
- spacewalk-client-repository-sle-10-3-0.1-0.7.2
- spacewalk-client-repository-sle-10-4-0.1-0.7.2
- spacewalk-client-repository-sle-11-1-0.1-0.5.209
- SUSE Manager 1.2 for SLE 11 SP1 (noarch) [New Version: 1.2.74]:
- nocpulse-common-2.1.19-0.12.3
- osa-dispatcher-5.9.44-0.16.3
- simple-xml-2.6.2-0.5.4
- spacewalk-base-1.2.31-0.37.3
- spacewalk-base-minimal-1.2.31-0.37.3
- spacewalk-dobby-1.2.31-0.37.3
- spacewalk-grail-1.2.31-0.37.3
- spacewalk-html-1.2.31-0.37.3
- spacewalk-java-1.2.115-0.56.5
- spacewalk-java-config-1.2.115-0.56.5
- spacewalk-java-lib-1.2.115-0.56.5
- spacewalk-java-oracle-1.2.115-0.56.5
- spacewalk-pxt-1.2.31-0.37.3
- spacewalk-sniglets-1.2.31-0.37.3
- spacewalk-taskomatic-1.2.115-0.56.5
- susemanager-schema-1.2.74-0.3.3
- susestudio-java-client-0.1.2-0.3.4
References:
- http://support.novell.com/security/cve/CVE-2011-1550.html
- http://support.novell.com/security/cve/CVE-2012-1145.html
- https://bugzilla.novell.com/681980
- https://bugzilla.novell.com/681984
- https://bugzilla.novell.com/732538
- https://bugzilla.novell.com/751837
- https://bugzilla.novell.com/752459
- https://bugzilla.novell.com/752467
- http://download.suse.com/patch/finder/?keywords=2693bf7056da7107635b17b003d6f4fb