SUSE: 2024:1815-1 moderate: Security Beta SUSE Manager Client Tools Security Advisory Updates
Summary
## This update fixes the following issues: grafana: * Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically * Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 mgr-push: * Version 5.0.2-0 * Remove unused code from the traditional stack * Use bundle CA certificate in rhnpush (bsc#1222731) spacecmd: * Version 5.0.6-0 * Update translations uyuni-common-libs: * Version 5.0.3-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-tools: * Version 0.1.9-0 * Redact passwords from the API payload in traces * Fix build on Ubuntu 20.04 due to version change * Version 0.1.8-0 * Add 'mgradm support sql' command * Improve GPG help * podman-mount* flag should be used only on Server installation and migration * Add flag groups in help text * Attach Proxy pod to our Podman network * Create support ptf commands * Create mgrpxy upgrade command * Add domain for internal container network * Stop the Server if first user creation failed * Add localization support * Require Podman 4.5.0 for its --shm-size-systemd parameter * Add --podman-mount-www flag for install and migration * Only colorize output if outputting to a terminal * Fix output missing newlines due to the spinner * Add product version and commit id to the version output * Add missing whitespace between podman common arguments and additional ones * Bump the push tag to 5.0.0-RC * Add gpg command to mgradm * Hide message in stdout if SCCcredentials is missing (bsc#1222277) * Redact password in stdout and uyuni-tools.log * Rework distribution mapping to work with distros without .treeinfo data * Add initial installation support for Confidental Computing attestation container * Allow PAM and LDAP authentication using SSSD * Change pull policy default to Always during upgrade * Allow migration with non-root user on source server ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2024-1815=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 12 (aarch64 ppc64le s390x x86_64) * grafana-9.5.18-4.30.4 * python2-uyuni-common-libs-5.0.3-3.39.3 * mgrctl-0.1.9-3.11.4 * SUSE Manager Client Tools Beta for SLE 12 (noarch) * mgr-push-5.0.2-4.24.5 * spacecmd-5.0.6-41.51.3 * mgrctl-bash-completion-0.1.9-3.11.4 * mgrctl-lang-0.1.9-3.11.4 * python2-mgr-push-5.0.2-4.24.5 * mgrctl-zsh-completion-0.1.9-3.11.4
References
* bsc#1221465
* bsc#1222155
* bsc#1222277
* bsc#1222731
* jsc#MSQA-775
Cross-
* CVE-2024-1313
CVSS scores:
* CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Affected Products:
* SUSE Linux Enterprise Desktop 12
* SUSE Linux Enterprise Desktop 12 SP1
* SUSE Linux Enterprise Desktop 12 SP2
* SUSE Linux Enterprise Desktop 12 SP3
* SUSE Linux Enterprise Desktop 12 SP4
* SUSE Linux Enterprise High Performance Computing 12 SP2
* SUSE Linux Enterprise High Performance Computing 12 SP3
* SUSE Linux Enterprise High Performance Computing 12 SP4
* SUSE Linux Enterprise High Performance Computing 12 SP5
* SUSE Linux Enterprise Server 12
* SUSE Linux Enterprise Server 12 SP1
* SUSE Linux Enterprise Server 12 SP2
* SUSE Linux Enterprise Server 12 SP3
* SUSE Linux Enterprise Server 12 SP4
* SUSE Linux Enterprise Server 12 SP5
* SUSE Linux Enterprise Server for SAP Applications 12
* SUSE Linux Enterprise Server for SAP Applications 12 SP1
* SUSE Linux Enterprise Server for SAP Applications 12 SP2
* SUSE Linux Enterprise Server for SAP Applications 12 SP3
* SUSE Linux Enterprise Server for SAP Applications 12 SP4
* SUSE Linux Enterprise Server for SAP Applications 12 SP5
* SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2
* SUSE Manager Client Tools Beta for SLE 12
An update that solves one vulnerability, contains one feature and has three
security fixes can now be installed.
##
* https://www.suse.com/security/cve/CVE-2024-1313.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221465
* https://bugzilla.suse.com/show_bug.cgi?id=1222155
* https://bugzilla.suse.com/show_bug.cgi?id=1222277
* https://bugzilla.suse.com/show_bug.cgi?id=1222731
* https://jira.suse.com/browse/MSQA-775