File _patchinfo of Package patchinfo.26337

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.26337

<patchinfo incident="26337">
  <issue tracker="cve" id="2021-42740"/>
  <issue tracker="cve" id="2022-0860"/>
  <issue tracker="cve" id="2021-41411"/>
  <issue tracker="cve" id="2021-43138"/>
  <issue tracker="cve" id="2022-31129"/>
  <issue tracker="bnc" id="1198168">Nightly reposync</issue>
  <issue tracker="bnc" id="1202805">Containerized proxy setup: give customers a hint where to find the CA certificate files</issue>
  <issue tracker="bnc" id="1201589">Cobbler sync not working after upgrade to suma 4.3. and proxy 4.3 with sles15sp4</issue>
  <issue tracker="bnc" id="1201913">HighState triggered via API or WebUI in TEST mode times out, return never reaches SUSE Manager</issue>
  <issue tracker="bnc" id="1200573">option --flush of mgr-create-bootstrap-repo does not work as expected</issue>
  <issue tracker="bnc" id="1200480">VUL-0: CVE-2021-43138: spacewalk-web: a malicious user can obtain privileges via the mapValues() method</issue>
  <issue tracker="bnc" id="1198903">Spacecmd api calls with date values do not get processed</issue>
  <issue tracker="bnc" id="1203169">L3: Exception using Filter within System List</issue>
  <issue tracker="bnc" id="1203385">spacewalk-startup-helper[1915]: Prototype mismatch after updating to 4.3.1</issue>
  <issue tracker="bnc" id="1203484">L3: SuseManager 4.3.1 constantly crashing and UI is unresponsive</issue>
  <issue tracker="bnc" id="1202728">Unable to migrate suse manager 4.2.5 to suse manager 4.3: nothing provides python3-urlgrabber</issue>
  <issue tracker="bnc" id="1203611">Null Pointer Exception during hardware list refresh in function getDnsFqdns()  when onboarding CentOS SSH minion</issue>
  <issue tracker="bnc" id="1191857">SysV service '/etc/init.d/susemanager' lacks of a native systemd unit file</issue>
  <issue tracker="bnc" id="1195624">Wrong virtualization type returned for EC2 VMs</issue>
  <issue tracker="bnc" id="1203056">util.mgr_switch_to_venv_minion does not copy /etc/salt/grains</issue>
  <issue tracker="bnc" id="1203585">Replacing certificate is result in  ERROR: 'authorityKeyIdentifier'</issue>
  <issue tracker="bnc" id="1202899">Problems when listing system events using JSON API</issue>
  <issue tracker="bnc" id="1201260">Need more details about vacuumdb in output of /usr/lib/susemanager/bin/pg-migrate-x-to-y.sh</issue>
  <issue tracker="bnc" id="1201220">With "all repos" - argument list too long: '/bin/sh'</issue>
  <issue tracker="bnc" id="1199726">Hardware page shows only shows multicast DNS domain as FQDN</issue>
  <issue tracker="bnc" id="1197027">VUL-1: CVE-2022-0860: cobbler: Improper Authorization in cobbler</issue>
  <issue tracker="bnc" id="1201918">Possibly missing packages in bootstrap repo for SLES 12 SP5</issue>
  <issue tracker="bnc" id="1203478">Cobbler migration issues - collection cannot be parsed</issue>
  <issue tracker="bnc" id="1202729">unable to connect a pay-as-you-go instance in admin =&gt; setup wizard =&gt; pay-as-you-go... Error getting instance data: CA file</issue>
  <issue tracker="bnc" id="1203449">missing packages in bootstrap repos for 15 15SP1 15SP2</issue>
  <issue tracker="bnc" id="1203406">Salt formula Locale failing due to a wrong value</issue>
  <issue tracker="bnc" id="1202602">Enabling OES2023 Channels on Suse Manager</issue>
  <issue tracker="bnc" id="1200629">VUL-0: CVE-2021-41411: drools: XXE injection in KieModuleMarshaller.java</issue>
  <issue tracker="bnc" id="1201788">reposync takes much longer if not run in interactive terminal</issue>
  <issue tracker="bnc" id="1202271">deselecting a formula is not working for a systemgroup</issue>
  <issue tracker="bnc" id="1203287">VUL-0: CVE-2021-42740: spacewalk-web: command injection in the shell-quote package</issue>
  <issue tracker="bnc" id="1203422">Enable/disable Troubleshooting Notifications</issue>
  <issue tracker="bnc" id="1203049">bootstrapping SLES 11 SP4 machine | 00360292 [ ref:_00D1igLOd._5005qANDHg:ref ]</issue>
  <issue tracker="bnc" id="1203026">Update documentation reference case 00360365</issue>
  <issue tracker="bnc" id="1201626">Adding "SLE-Module-DevTools15" channels as part of CLM to minion fails due to missing dependency</issue>
  <issue tracker="bnc" id="1202367">Product migration for SLES 15 SP3 client to SP4 failing with no successor for installed extension</issue>
  <issue tracker="bnc" id="1202464">Doc Bug: SUMA Disconnected Setup and Mandatory SUMA Client Tools Channels</issue>
  <issue tracker="bnc" id="1201210">onboarding with webUI fails - unable to parse venv file</issue>
  <issue tracker="bnc" id="1203288">VUL-0: CVE-2022-31129: spacewalk-web: moment: inefficient parsing algorithm resulting in DoS</issue>
  <issue tracker="bnc" id="1196729">Symlinks don't update when new image is synced to Branch Server</issue>
  <issue tracker="bnc" id="1202272">Unable to delete Image Profile</issue>
  <issue tracker="bnc" id="1203564">spacewalk-hostname-rename fails to find /etc/cobbler/settings</issue>
  <issue tracker="bnc" id="1202455">SUMA 4.3 ami-0095e957cb679f32  (20220621) fails setup with tomcat error</issue>
  <issue tracker="bnc" id="1201753">SLE Workstation channel  not listed in  SUMA Disconnected setup</issue>
  <packager>deneb_alpha</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for release-notes-susemanager, release-notes-susemanager-proxy</summary>
  <description>This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:

Release notes for SUSE Manager:

- Update to SUSE Manager 4.3.2
  * Containerized proxy and RBS are now fully supported
  * HTTP API is now fully supported
  * Ubuntu 22.04 is now supported as a client
  * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support
  * pip support has been added for the Salt Bundle  
  * Prometheus exporter for Apache has been upgraded to 0.10.0
  * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129
  * Bugs mentioned:
    bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168
    bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629
    bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753
    bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272
    bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728
    bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049
    bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385
    bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484
    bsc#1203564, bsc#1203585, bsc#1203611

Release notes for SUSE Manager Proxy:

- Update to SUSE Manager 4.3.2
  * Containerized proxy and RBS are now fully supported
  * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129
  * Bugs mentioned:
    bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788
    bsc#1203287, bsc#1203288, bsc#1203585 
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.26337

Places