Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server

Announcement ID:	SUSE-RU-2025:0523-1
Release Date:	2025-02-14T07:16:09Z
Rating:	moderate
References:	bsc#1027642 bsc#1212161 bsc#1212985 bsc#1213437 bsc#1215815 bsc#1216683 bsc#1216946 bsc#1217338 bsc#1220494 bsc#1220902 bsc#1221219 bsc#1222447 bsc#1222574 bsc#1222820 bsc#1224318 bsc#1226958 bsc#1227374 bsc#1227644 bsc#1227759 bsc#1227827 bsc#1227852 bsc#1227882 bsc#1228182 bsc#1228232 bsc#1228261 bsc#1228319 bsc#1228351 bsc#1228856 bsc#1228956 bsc#1229000 bsc#1229077 bsc#1229079 bsc#1229286 bsc#1229848 bsc#1229902 bsc#1230502 bsc#1230585 bsc#1230670 bsc#1230741 bsc#1230833 bsc#1230943 bsc#1231053 bsc#1231255 bsc#1231377 bsc#1231378 bsc#1231398 bsc#1231404 bsc#1231430 bsc#1231459 bsc#1231762 bsc#1232042 bsc#1232125 bsc#1232530 bsc#1232713 bsc#1233258 bsc#1233383 bsc#1233400 bsc#1233426 bsc#1233431 bsc#1233450 bsc#1233497 bsc#1233595 bsc#1233696 bsc#1233724 bsc#1233761 bsc#1233793 bsc#1233871 bsc#1233884 bsc#1234251 bsc#1234441 bsc#1234994 bsc#1235145 bsc#1235692 bsc#1235908 jsc#MSQA-914 jsc#SUMA-314 jsc#SUMA-406 jsc#SUMA-431
Cross-References:	CVE-2024-21528 CVE-2024-45801
CVSS scores:	CVE-2024-21528 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-45801 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:	SUSE Linux Enterprise Micro 5.5 SUSE Manager Proxy 5.0 Extension SUSE Manager Retail Branch Server 5.0 Extension SUSE Manager Server 5.0 Extension

An update that solves two vulnerabilities, contains four features and has 72 fixes can now be installed.

Recommended update for SUSE Manager Proxy 5.0

Description:

This update fixes the following issues:

proxy-helm:

• Version 5.0.11:
• Update for next release

proxy-httpd-image:

• Version 5.0.9:
• Update for next release

proxy-salt-broker-image:

• Version 5.0.9:
• Update for next release

proxy-squid-image:

• Version 5.0.9:
• Update for next release

proxy-ssh-image:

• Version 5.0.9:
• Update for next release

proxy-tftpd-image:

• Version 5.0.9:
• Update for next release

Recommended update for SUSE Manager Retail Branch Server 5.0

Description:

This update fixes the following issues:

proxy-helm:

• Version 5.0.11:
• Update for next release

proxy-httpd-image:

• Version 5.0.9:
• Update for next release

proxy-salt-broker-image:

• Version 5.0.9:
• Update for next release

proxy-squid-image:

• Version 5.0.9:
• Update for next release

proxy-ssh-image:

• Version 5.0.9:
• Update for next release

proxy-tftpd-image:

• Version 5.0.9:

Recommended update for SUSE Manager Server 5.0

Description:

This update fixes the following issues:

server-attestation-image:

• Version 5.0.7:
• Update for next release

server-hub-xmlrpc-api-image:

• Version 5.0.9:
• Update for next release

server-image:

• Version 5.0.11:
• Fixed timezone alignment on container restart (bsc#1235692)
• Version 5.0.10:
• Added aarch64 and ppc64 grub loaders (bsc#1231762)
• Use FILE: type for krb5 ccache
• Removed pam_ldap as it is no longer shipped (bsc#1231377)

server-migration-14-16-image:

• Version 5.0.10:
• Update for next release

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Manager Proxy 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-523=1
• SUSE Manager Retail Branch Server 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-523=1
• SUSE Manager Server 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-523=1

Package List:

• SUSE Manager Proxy 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.3-7.9.14
• SUSE Manager Proxy 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.3-7.9.14
• SUSE Manager Proxy 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-s390x-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.3-7.9.14
  • suse-manager-5.0-s390x-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-s390x-proxy-ssh-image-5.0.3-7.9.6
• SUSE Manager Proxy 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.3-7.9.14
  • suse-manager-5.0-x86_64-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-httpd-image-5.0.3-7.9.12
• SUSE Manager Retail Branch Server 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-aarch64-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.3-7.9.14
• SUSE Manager Retail Branch Server 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.3-7.9.14
• SUSE Manager Retail Branch Server 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-proxy-httpd-image-5.0.3-7.9.12
  • suse-manager-5.0-s390x-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.3-7.9.14
  • suse-manager-5.0-s390x-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-s390x-proxy-ssh-image-5.0.3-7.9.6
• SUSE Manager Retail Branch Server 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-proxy-squid-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.3-7.9.14
  • suse-manager-5.0-x86_64-proxy-ssh-image-5.0.3-7.9.6
  • suse-manager-5.0-x86_64-proxy-httpd-image-5.0.3-7.9.12
• SUSE Manager Server 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-server-image-5.0.3-7.11.12
  • suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.3-6.9.5
  • suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.3-7.9.7
  • suse-manager-5.0-x86_64-server-attestation-image-5.0.3-6.9.10
• SUSE Manager Server 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-server-attestation-image-5.0.3-6.9.10
  • suse-manager-5.0-aarch64-server-image-5.0.3-7.11.12
  • suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.3-7.9.7
  • suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.3-6.9.5
• SUSE Manager Server 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-server-image-5.0.3-7.11.12
  • suse-manager-5.0-ppc64le-server-attestation-image-5.0.3-6.9.10
  • suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.3-6.9.5
  • suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.3-7.9.7
• SUSE Manager Server 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.3-6.9.5
  • suse-manager-5.0-s390x-server-attestation-image-5.0.3-6.9.10
  • suse-manager-5.0-s390x-server-image-5.0.3-7.11.12
  • suse-manager-5.0-s390x-server-migration-14-16-image-5.0.3-7.9.7

References:

• https://www.suse.com/security/cve/CVE-2024-21528.html
• https://www.suse.com/security/cve/CVE-2024-45801.html
• https://bugzilla.suse.com/show_bug.cgi?id=1027642
• https://bugzilla.suse.com/show_bug.cgi?id=1212161
• https://bugzilla.suse.com/show_bug.cgi?id=1212985
• https://bugzilla.suse.com/show_bug.cgi?id=1213437
• https://bugzilla.suse.com/show_bug.cgi?id=1215815
• https://bugzilla.suse.com/show_bug.cgi?id=1216683
• https://bugzilla.suse.com/show_bug.cgi?id=1216946
• https://bugzilla.suse.com/show_bug.cgi?id=1217338
• https://bugzilla.suse.com/show_bug.cgi?id=1220494
• https://bugzilla.suse.com/show_bug.cgi?id=1220902
• https://bugzilla.suse.com/show_bug.cgi?id=1221219
• https://bugzilla.suse.com/show_bug.cgi?id=1222447
• https://bugzilla.suse.com/show_bug.cgi?id=1222574
• https://bugzilla.suse.com/show_bug.cgi?id=1222820
• https://bugzilla.suse.com/show_bug.cgi?id=1224318
• https://bugzilla.suse.com/show_bug.cgi?id=1226958
• https://bugzilla.suse.com/show_bug.cgi?id=1227374
• https://bugzilla.suse.com/show_bug.cgi?id=1227644
• https://bugzilla.suse.com/show_bug.cgi?id=1227759
• https://bugzilla.suse.com/show_bug.cgi?id=1227827
• https://bugzilla.suse.com/show_bug.cgi?id=1227852
• https://bugzilla.suse.com/show_bug.cgi?id=1227882
• https://bugzilla.suse.com/show_bug.cgi?id=1228182
• https://bugzilla.suse.com/show_bug.cgi?id=1228232
• https://bugzilla.suse.com/show_bug.cgi?id=1228261
• https://bugzilla.suse.com/show_bug.cgi?id=1228319
• https://bugzilla.suse.com/show_bug.cgi?id=1228351
• https://bugzilla.suse.com/show_bug.cgi?id=1228856
• https://bugzilla.suse.com/show_bug.cgi?id=1228956
• https://bugzilla.suse.com/show_bug.cgi?id=1229000
• https://bugzilla.suse.com/show_bug.cgi?id=1229077
• https://bugzilla.suse.com/show_bug.cgi?id=1229079
• https://bugzilla.suse.com/show_bug.cgi?id=1229286
• https://bugzilla.suse.com/show_bug.cgi?id=1229848
• https://bugzilla.suse.com/show_bug.cgi?id=1229902
• https://bugzilla.suse.com/show_bug.cgi?id=1230502
• https://bugzilla.suse.com/show_bug.cgi?id=1230585
• https://bugzilla.suse.com/show_bug.cgi?id=1230670
• https://bugzilla.suse.com/show_bug.cgi?id=1230741
• https://bugzilla.suse.com/show_bug.cgi?id=1230833
• https://bugzilla.suse.com/show_bug.cgi?id=1230943
• https://bugzilla.suse.com/show_bug.cgi?id=1231053
• https://bugzilla.suse.com/show_bug.cgi?id=1231255
• https://bugzilla.suse.com/show_bug.cgi?id=1231377
• https://bugzilla.suse.com/show_bug.cgi?id=1231378
• https://bugzilla.suse.com/show_bug.cgi?id=1231398
• https://bugzilla.suse.com/show_bug.cgi?id=1231404
• https://bugzilla.suse.com/show_bug.cgi?id=1231430
• https://bugzilla.suse.com/show_bug.cgi?id=1231459
• https://bugzilla.suse.com/show_bug.cgi?id=1231762
• https://bugzilla.suse.com/show_bug.cgi?id=1232042
• https://bugzilla.suse.com/show_bug.cgi?id=1232125
• https://bugzilla.suse.com/show_bug.cgi?id=1232530
• https://bugzilla.suse.com/show_bug.cgi?id=1232713
• https://bugzilla.suse.com/show_bug.cgi?id=1233258
• https://bugzilla.suse.com/show_bug.cgi?id=1233383
• https://bugzilla.suse.com/show_bug.cgi?id=1233400
• https://bugzilla.suse.com/show_bug.cgi?id=1233426
• https://bugzilla.suse.com/show_bug.cgi?id=1233431
• https://bugzilla.suse.com/show_bug.cgi?id=1233450
• https://bugzilla.suse.com/show_bug.cgi?id=1233497
• https://bugzilla.suse.com/show_bug.cgi?id=1233595
• https://bugzilla.suse.com/show_bug.cgi?id=1233696
• https://bugzilla.suse.com/show_bug.cgi?id=1233724
• https://bugzilla.suse.com/show_bug.cgi?id=1233761
• https://bugzilla.suse.com/show_bug.cgi?id=1233793
• https://bugzilla.suse.com/show_bug.cgi?id=1233871
• https://bugzilla.suse.com/show_bug.cgi?id=1233884
• https://bugzilla.suse.com/show_bug.cgi?id=1234251
• https://bugzilla.suse.com/show_bug.cgi?id=1234441
• https://bugzilla.suse.com/show_bug.cgi?id=1234994
• https://bugzilla.suse.com/show_bug.cgi?id=1235145
• https://bugzilla.suse.com/show_bug.cgi?id=1235692
• https://bugzilla.suse.com/show_bug.cgi?id=1235908
• https://jira.suse.com/browse/MSQA-914
• https://jira.suse.com/browse/SUMA-314
• https://jira.suse.com/browse/SUMA-406
• https://jira.suse.com/browse/SUMA-431