Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server

Announcement ID:	SUSE-SU-2025:1297-1
Release Date:	2025-04-16T07:57:31Z
Rating:	moderate
References:	bsc#1221505 bsc#1225287 bsc#1226273 bsc#1227118 bsc#1227859 bsc#1231983 bsc#1233500 bsc#1234033 bsc#1234202 bsc#1234226 bsc#1234442 bsc#1235527 bsc#1235696 bsc#1235825 bsc#1235853 bsc#1235970 bsc#1236011 bsc#1236118 bsc#1236166 bsc#1236234 bsc#1236268 bsc#1236323 bsc#1236601 bsc#1236625 bsc#1236678 bsc#1236707 bsc#1237060 bsc#1237403 bsc#1237535 bsc#1237694 bsc#1238924 bsc#1239826 bsc#1240960 jsc#MSQA-934
Cross-References:	CVE-2025-23392
CVSS scores:	CVE-2025-23392 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N CVE-2025-23392 ( SUSE ): 5.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Affected Products:	SUSE Linux Enterprise Micro 5.5 SUSE Manager Proxy 5.0 Extension SUSE Manager Retail Branch Server 5.0 Extension SUSE Manager Server 5.0 Extension

An update that solves one vulnerability, contains one feature and has 32 security fixes can now be installed.

Recommended update 5.0.4 for Multi-Linux Manager Proxy

Description:

This update fixes the following issues:

proxy-helm:

• Version 5.0.12:
• Image rebuilt to the newest version with updated dependencies

proxy-httpd-image:

• Version 5.0.10:
• Fixed wrong IP address set on susemanager-tftpsync-recv.conf
• Image rebuilt to the newest version with updated dependencies

proxy-salt-broker-image:

• Version 5.0.10:
• Image rebuilt to the newest version with updated dependencies

proxy-squid-image:

• Version 5.0.10:
• Set maximal cache time for metadata to 5 minutes
• Image rebuilt to the newest version with updated dependencies

proxy-ssh-image:

• version 5.0.10:
• Image rebuilt to the newest version with updated dependencies

proxy-tftpd-image:

• Version 5.0.10:
• Fixed possible collisions replacing FQDNs for proxies (bsc#1236601)
• Replaced server hostname in chained proxy tftp container (bsc#1236166)
• Image rebuilt to the newest version with updated dependencies

Recommended update 5.0.4 for Multi-Linux Manager Retail Branch Server

Description:

This update fixes the following issues:

proxy-helm:

• Version 5.0.12:
• Image rebuilt to the newest version with updated dependencies

proxy-httpd-image:

• Version 5.0.10:
• Fixed wrong IP address set on susemanager-tftpsync-recv.conf
• Image rebuilt to the newest version with updated dependencies

proxy-salt-broker-image:

• Version 5.0.10:
• Image rebuilt to the newest version with updated dependencies

proxy-squid-image:

• Version 5.0.10:
• Set maximal cache time for metadata to 5 minutes
• Image rebuilt to the newest version with updated dependencies

proxy-ssh-image:

• version 5.0.10:
• Image rebuilt to the newest version with updated dependencies

proxy-tftpd-image:

• Version 5.0.10:
• Fixed possible collisions replacing FQDNs for proxies (bsc#1236601)
• Replaced server hostname in chained proxy tftp container (bsc#1236166)
• Image rebuilt to the newest version with updated dependencies

Recommended update 5.0.4 for Multi-Linux Manager Server

Description:

This update fixes the following issues:

server-attestation-image:

• Version 5.0.8:
• Image rebuilt to the newest version with updated dependencies

server-hub-xmlrpc-api-image:

• Version 5.0.10:
• Image rebuilt to the newest version with updated dependencies

server-image:

• Version 5.0.13:
• Image rebuilt to the newest version with updated dependencies

server-migration-14-16-image:

• Version 5.0.11:
• Image rebuilt to the newest version with updated dependencies

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Manager Proxy 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2025-1297=1
• SUSE Manager Retail Branch Server 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2025-1297=1
• SUSE Manager Server 5.0 Extension
  zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2025-1297=1

Package List:

• SUSE Manager Proxy 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-aarch64-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-aarch64-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-aarch64-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Proxy 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.4-7.12.13
  • suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-ppc64le-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.4-7.12.28
• SUSE Manager Proxy 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-s390x-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-s390x-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-s390x-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Proxy 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-x86_64-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-x86_64-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Retail Branch Server 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-aarch64-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-aarch64-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-aarch64-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Retail Branch Server 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.4-7.12.13
  • suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-ppc64le-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.4-7.12.28
• SUSE Manager Retail Branch Server 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-s390x-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-s390x-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-s390x-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Retail Branch Server 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-proxy-ssh-image-5.0.4-7.12.14
  • suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.4-7.12.29
  • suse-manager-5.0-x86_64-proxy-squid-image-5.0.4-7.12.12
  • suse-manager-5.0-x86_64-proxy-httpd-image-5.0.4-7.12.28
  • suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.4-7.12.13
• SUSE Manager Server 5.0 Extension (aarch64)
  • suse-manager-5.0-aarch64-server-attestation-image-5.0.4-6.12.11
  • suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.4-6.12.14
  • suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.4-7.12.23
  • suse-manager-5.0-aarch64-server-image-5.0.4-7.17.29
• SUSE Manager Server 5.0 Extension (ppc64le)
  • suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.4-6.12.14
  • suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.4-7.12.23
  • suse-manager-5.0-ppc64le-server-image-5.0.4-7.17.29
  • suse-manager-5.0-ppc64le-server-attestation-image-5.0.4-6.12.11
• SUSE Manager Server 5.0 Extension (s390x)
  • suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.4-6.12.14
  • suse-manager-5.0-s390x-server-attestation-image-5.0.4-6.12.11
  • suse-manager-5.0-s390x-server-migration-14-16-image-5.0.4-7.12.23
  • suse-manager-5.0-s390x-server-image-5.0.4-7.17.29
• SUSE Manager Server 5.0 Extension (x86_64)
  • suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.4-6.12.14
  • suse-manager-5.0-x86_64-server-attestation-image-5.0.4-6.12.11
  • suse-manager-5.0-x86_64-server-image-5.0.4-7.17.29
  • suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.4-7.12.23

References:

• https://www.suse.com/security/cve/CVE-2025-23392.html
• https://bugzilla.suse.com/show_bug.cgi?id=1221505
• https://bugzilla.suse.com/show_bug.cgi?id=1225287
• https://bugzilla.suse.com/show_bug.cgi?id=1226273
• https://bugzilla.suse.com/show_bug.cgi?id=1227118
• https://bugzilla.suse.com/show_bug.cgi?id=1227859
• https://bugzilla.suse.com/show_bug.cgi?id=1231983
• https://bugzilla.suse.com/show_bug.cgi?id=1233500
• https://bugzilla.suse.com/show_bug.cgi?id=1234033
• https://bugzilla.suse.com/show_bug.cgi?id=1234202
• https://bugzilla.suse.com/show_bug.cgi?id=1234226
• https://bugzilla.suse.com/show_bug.cgi?id=1234442
• https://bugzilla.suse.com/show_bug.cgi?id=1235527
• https://bugzilla.suse.com/show_bug.cgi?id=1235696
• https://bugzilla.suse.com/show_bug.cgi?id=1235825
• https://bugzilla.suse.com/show_bug.cgi?id=1235853
• https://bugzilla.suse.com/show_bug.cgi?id=1235970
• https://bugzilla.suse.com/show_bug.cgi?id=1236011
• https://bugzilla.suse.com/show_bug.cgi?id=1236118
• https://bugzilla.suse.com/show_bug.cgi?id=1236166
• https://bugzilla.suse.com/show_bug.cgi?id=1236234
• https://bugzilla.suse.com/show_bug.cgi?id=1236268
• https://bugzilla.suse.com/show_bug.cgi?id=1236323
• https://bugzilla.suse.com/show_bug.cgi?id=1236601
• https://bugzilla.suse.com/show_bug.cgi?id=1236625
• https://bugzilla.suse.com/show_bug.cgi?id=1236678
• https://bugzilla.suse.com/show_bug.cgi?id=1236707
• https://bugzilla.suse.com/show_bug.cgi?id=1237060
• https://bugzilla.suse.com/show_bug.cgi?id=1237403
• https://bugzilla.suse.com/show_bug.cgi?id=1237535
• https://bugzilla.suse.com/show_bug.cgi?id=1237694
• https://bugzilla.suse.com/show_bug.cgi?id=1238924
• https://bugzilla.suse.com/show_bug.cgi?id=1239826
• https://bugzilla.suse.com/show_bug.cgi?id=1240960
• https://jira.suse.com/browse/MSQA-934