Security update for SUSE Manager
SUSE Security Update: Security update for SUSE Manager
This update fixes the following issues:
* new function signature for image deployment
* ignore ip6addr if provided with hw_refresh from newer
client versions
* do not add a bootstrap repository on SLES 11-SP2
* escape image names to prevent XSS (CVE-2012-0414)
* spacewalk-dobby now requires oracle-update
* fix owner and permissions of /etc/rhn for
spacewalk-dobby
* make values in suseProductChannel unique before
adding an unique index
* added desktop file for susemanager_setup YaST module
* add missing schema migration for rhnErrataBuglistTmp.
* add option to migrate channels to RES subscriptions
(bnc#765053)
* fix schema upgrade
* improved performance for repomd generation
* fix ISE during registration because of duplicate ids
* fix wrong transaction name in unsubscribe_channels
* fix saving of SUSE Product names
How to apply this update:
1. Log in as root user to the SUSE Manager server. 2. Stop
the Spacewalk service: spacewalk-service stop If the
SUSE Manager database is running on the same machine as the
SUSE Manager server, this command also stops the SUSE
Manager database instance. 3. Apply the patch using either
zypper patch or YaST Online Update. 4. If the SUSE Manager
database is running on the same machine as your SUSE
Manager server, start the database instance with
/etc/init.d/oracle-xe start or /etc/init.d/oracle start
5. Upgrade the database schema with
spacewalk-schema-upgrade 6. Start the Spacewalk
service: spacewalk-service start
Security Issue reference:
* CVE-2012-0414
>
http://support.novell.com/security/cve/CVE-2012-0414.html
https://bugzilla.novell.com/753326
https://bugzilla.novell.com/760306
https://bugzilla.novell.com/760771
https://bugzilla.novell.com/761165
https://bugzilla.novell.com/763878
https://bugzilla.novell.com/763891
https://bugzilla.novell.com/764532
https://bugzilla.novell.com/764544
https://bugzilla.novell.com/765053
http://download.suse.com/patch/finder/?keywords=3fbb4edf5375671fbc21e432ba8996c4
| Announcement ID: | SUSE-SU-2012:0821-1 |
| Rating: | moderate |
| References: | #753326 #760306 #760771 #761165 #763878 #763891 #764532 #764544 #765053 |
| Affected Products: |
An update that solves one vulnerability and has 8 fixes is now available. It includes one version update.
Description:
This update fixes the following issues:
* new function signature for image deployment
* ignore ip6addr if provided with hw_refresh from newer
client versions
* do not add a bootstrap repository on SLES 11-SP2
* escape image names to prevent XSS (CVE-2012-0414)
* spacewalk-dobby now requires oracle-update
* fix owner and permissions of /etc/rhn for
spacewalk-dobby
* make values in suseProductChannel unique before
adding an unique index
* added desktop file for susemanager_setup YaST module
* add missing schema migration for rhnErrataBuglistTmp.
* add option to migrate channels to RES subscriptions
(bnc#765053)
* fix schema upgrade
* improved performance for repomd generation
* fix ISE during registration because of duplicate ids
* fix wrong transaction name in unsubscribe_channels
* fix saving of SUSE Product names
How to apply this update:
1. Log in as root user to the SUSE Manager server. 2. Stop
the Spacewalk service: spacewalk-service stop If the
SUSE Manager database is running on the same machine as the
SUSE Manager server, this command also stops the SUSE
Manager database instance. 3. Apply the patch using either
zypper patch or YaST Online Update. 4. If the SUSE Manager
database is running on the same machine as your SUSE
Manager server, start the database instance with
/etc/init.d/oracle-xe start or /etc/init.d/oracle start
5. Upgrade the database schema with
spacewalk-schema-upgrade 6. Start the Spacewalk
service: spacewalk-service start
Security Issue reference:
* CVE-2012-0414
Indications:
Everbody should update.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-spacewalk-backend-6445
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (x86_64):
- spacewalk-backend-1.2.74-0.58.1
- spacewalk-backend-app-1.2.74-0.58.1
- spacewalk-backend-applet-1.2.74-0.58.1
- spacewalk-backend-config-files-1.2.74-0.58.1
- spacewalk-backend-config-files-common-1.2.74-0.58.1
- spacewalk-backend-config-files-tool-1.2.74-0.58.1
- spacewalk-backend-iss-1.2.74-0.58.1
- spacewalk-backend-iss-export-1.2.74-0.58.1
- spacewalk-backend-libs-1.2.74-0.58.1
- spacewalk-backend-package-push-server-1.2.74-0.58.1
- spacewalk-backend-server-1.2.74-0.58.1
- spacewalk-backend-sql-1.2.74-0.58.1
- spacewalk-backend-sql-oracle-1.2.74-0.58.1
- spacewalk-backend-tools-1.2.74-0.58.1
- spacewalk-backend-xml-export-libs-1.2.74-0.58.1
- spacewalk-backend-xmlrpc-1.2.74-0.58.1
- spacewalk-backend-xp-1.2.74-0.58.1
- susemanager-1.2.0-0.58.1
- susemanager-tools-1.2.0-0.58.1
- SUSE Manager 1.2 for SLE 11 SP1 (noarch) [New Version: 1.2.75]:
- spacewalk-base-1.2.31-0.39.3
- spacewalk-base-minimal-1.2.31-0.39.3
- spacewalk-certs-tools-1.2.2-0.28.3
- spacewalk-dobby-1.2.31-0.39.3
- spacewalk-grail-1.2.31-0.39.3
- spacewalk-html-1.2.31-0.39.3
- spacewalk-java-1.2.115-0.60.1
- spacewalk-java-config-1.2.115-0.60.1
- spacewalk-java-lib-1.2.115-0.60.1
- spacewalk-java-oracle-1.2.115-0.60.1
- spacewalk-pxt-1.2.31-0.39.3
- spacewalk-sniglets-1.2.31-0.39.3
- spacewalk-taskomatic-1.2.115-0.60.1
- susemanager-schema-1.2.75-0.5.1