Recommended update for SUSE Manager Client Tools

Announcement ID: SUSE-RU-2019:2920-1
Rating: moderate
References:
Affected Products:
  • openSUSE Leap 15.3
  • openSUSE Leap 15.4
  • openSUSE Leap 15.5
  • SUSE Linux Enterprise Desktop 15
  • SUSE Linux Enterprise Desktop 15 SP1
  • SUSE Linux Enterprise Desktop 15 SP2
  • SUSE Linux Enterprise Desktop 15 SP3
  • SUSE Linux Enterprise Desktop 15 SP4
  • SUSE Linux Enterprise Desktop 15 SP5
  • SUSE Linux Enterprise Desktop 15 SP6
  • SUSE Linux Enterprise High Performance Computing 15
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP2
  • SUSE Linux Enterprise High Performance Computing 15 SP3
  • SUSE Linux Enterprise High Performance Computing 15 SP4
  • SUSE Linux Enterprise High Performance Computing 15 SP5
  • SUSE Linux Enterprise High Performance Computing 15 SP6
  • SUSE Linux Enterprise Real Time 15 SP1
  • SUSE Linux Enterprise Real Time 15 SP2
  • SUSE Linux Enterprise Real Time 15 SP3
  • SUSE Linux Enterprise Real Time 15 SP4
  • SUSE Linux Enterprise Real Time 15 SP5
  • SUSE Linux Enterprise Server 15
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server 15 SP2
  • SUSE Linux Enterprise Server 15 SP3
  • SUSE Linux Enterprise Server 15 SP4
  • SUSE Linux Enterprise Server 15 SP5
  • SUSE Linux Enterprise Server 15 SP6
  • SUSE Linux Enterprise Server for SAP Applications 15
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2
  • SUSE Linux Enterprise Server for SAP Applications 15 SP3
  • SUSE Linux Enterprise Server for SAP Applications 15 SP4
  • SUSE Linux Enterprise Server for SAP Applications 15 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP6
  • SUSE Manager Client Tools for SLE 15

An update that has 17 fixes can now be installed.

Description:

This update fixes the following issues:

grafana:

  • Spec file change:
  • alter permissions of /etc/grafana and /var/lib/grafana to 755
  • alter owner of /etc/grafana/provisioning/dashboards tree to root:root
  • this allows installing dashboards via rpms without these rpms depending on this rpm
  • Update to version 6.2.5:
  • release 6.2.5
  • Panel: Fully escape html in drilldown links (was only sanitized before) (#17731)
  • Grafana-CLI: Wrapper for grafana-cli within RPM/DEB packages and config/homepath are now global flags (#17695)
  • config: fix connstr for remote_cache (#17675)
  • TablePanel: fix annotations display (#17646)
  • middleware: fix Strict-Transport-Security header (#17644)
  • Elasticsearch: Fix empty query request to send properly (#17488)
  • release 6.2.4
  • grafana-cli: Fix receiving flags via command line (#17617)
  • HTTPServer: Fix X-XSS-Protection header formatting (#17620)
  • release 6.2.3
  • cli: grafana-cli should receive flags from the command line (#17606)
  • AuthProxy: Optimistic lock pattern for remote cache Set (#17485)
  • OAuth: Fix for wrong user token updated on OAuth refresh in DS proxy (#17541)
  • middleware: add security related HTTP(S) response headers (#17522)
  • remote_cache: Fix redis (#17483)
  • auth_proxy: non-negative cache TTL (#17495)
  • Update to version 6.2.2:
  • Security Fix: Prevent csv formula injection attack
  • PluginConfig: Fixed plugin config page navigation when using subpath
  • Explore: Update time range before running queries
  • Perf: Fix slow dashboards ACL query
  • Database: Initialize xorm with an empty schema for postgres
  • CloudWatch: Avoid exception while accessing results

mgr-cfg:

  • Obsolete all old python2-rhncfg* packages to avoid conflicts (bsc#1152290)
  • Fix data type issue to correctly decode if needed (bsc#1150320)
  • Require mgr-daemon (new name of spacewalksd) so we systems with spacewalksd get always the new package installed (bsc#1149353)

mgr-daemon:

  • Adjust current name of the package to mgr-daemon and not spacewalksd (bsc#1149353)
  • Enable spacewalk-update-service on package installation (bsc#1143789, bsc#1150216)

mgr-osad:

  • Obsolete all old python2-osa* packages to avoid conflicts (bsc#1152290)

mgr-virtualization:

  • Require mgr-daemon (new name of spacewalksd) so we systems with spacewalksd get always the new package installed (bsc#1149353)

spacecmd:

  • Java api expects content as encoded string instead of encode bytes like before (bsc#1153277)
  • Fix building and installing on CentOS8/RES8/RHEL8
  • Check that a channel doesn't have clones before deleting it (bsc#1138454)

spacewalk-backend:

  • Fix re-registration with re-activation key (bsc#1154275)
  • Change the default value of taskomatic maxmemory to 4GB
  • Add basic support for importing modular repositories
  • Import additional fields for Deb packages
  • Add script to update additional fields in the DB for existing Deb packages
  • Use active values for diskchecker mails
  • Parse restart_suggested flag from patches and set it as keywords (bsc#1151467)
  • Improve error message when deleting channel that's in a content lifecycle project (bsc#1145769)
  • Prevent "reposync" crash when handling metadata on RPM repos (bsc#1138358)
  • Do not show expected WARNING messages from "c_rehash"
  • Fix misspelling in spacewalk-repo-sync (bsc#1149633)
  • Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)
  • Do not crash 'rhn-satellite-exporter' with ModuleNotFound error (bsc#1146869)
  • Spacewalk-remove-channel check that channel doesn't have cloned channels before deleting it (bsc#1138454)
  • Fix broken spacewalk-data-fsck utility
  • Add '--latest' support for reposync on DEB based repositories
  • Do not try to download RPMs from the unresolved mirrorlist URL
  • Fix encoding issues with DB bytes values (bsc#1144300)
  • Fix import of rhnAuthPAM to avoid issues when using rhnpush.
  • Avoid traceback on mgr-inter-sync when there are problems with cache of packages (bsc#1143016)

spacewalk-client-tools:

  • Require mgr-daemon (new name of spacewalksd) so we systems with spacewalksd get always the new package installed (bsc#1149353)
  • Enable spacewalk-update-service on package installation (bsc#1143789)
  • Invalidate cache 5 minutes before actual expiration(bsc#1143562)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Manager Client Tools for SLE 15
    zypper in -t patch SUSE-SLE-Manager-Tools-15-2019-2920=1

Package List:

  • SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64)
    • grafana-debuginfo-6.2.5-1.6.1
    • grafana-6.2.5-1.6.1
  • SUSE Manager Client Tools for SLE 15 (noarch)
    • python3-mgr-osad-4.0.10-1.9.1
    • python3-mgr-osa-common-4.0.10-1.9.1
    • spacewalk-check-4.0.10-3.11.1
    • spacecmd-4.0.16-3.29.1
    • python3-mgr-cfg-management-4.0.10-1.9.1
    • python3-mgr-cfg-client-4.0.10-1.9.1
    • python3-mgr-virtualization-host-4.0.9-1.11.1
    • spacewalk-client-setup-4.0.10-3.11.1
    • spacewalk-client-tools-4.0.10-3.11.1
    • mgr-cfg-management-4.0.10-1.9.1
    • python3-mgr-cfg-actions-4.0.10-1.9.1
    • mgr-virtualization-host-4.0.9-1.11.1
    • mgr-cfg-4.0.10-1.9.1
    • python3-spacewalk-check-4.0.10-3.11.1
    • python3-mgr-virtualization-common-4.0.9-1.11.1
    • python3-spacewalk-backend-libs-4.0.27-3.26.1
    • python3-spacewalk-client-setup-4.0.10-3.11.1
    • mgr-daemon-4.0.8-1.11.1
    • mgr-osad-4.0.10-1.9.1
    • mgr-cfg-client-4.0.10-1.9.1
    • python3-mgr-cfg-4.0.10-1.9.1
    • python3-spacewalk-client-tools-4.0.10-3.11.1
    • mgr-cfg-actions-4.0.10-1.9.1

References: