Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2021-40348 (GCVE-0-2021-40348)
Vulnerability from cvelistv5
Published
2021-11-01 04:32
Modified
2024-08-04 02:44
Severity ?
EPSS score ?
Summary
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2021/10/28/4 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/10/28/4 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052 | Patch, Third Party Advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:09.485Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-04T02:12:45", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-40348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.openwall.com/lists/oss-security/2021/10/28/4", refsource: "MISC", url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { name: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", refsource: "CONFIRM", url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-40348", datePublished: "2021-11-01T04:32:06", dateReserved: "2021-08-31T00:00:00", dateUpdated: "2024-08-04T02:44:09.485Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:uyuni-project:uyuni:2021.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A411E9FA-C3C6-4252-8D1D-FEEDBC285DEE\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:spacewalk_project:spacewalk:2.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8FEE004-A489-493A-9C40-A10E708C0099\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.\"}, {\"lang\": \"es\", \"value\": \"Spacewalk versi\\u00f3n 2.10, y sus derivados como Uyuni versi\\u00f3n 2021.08, permiten la inyecci\\u00f3n de c\\u00f3digo. El archivo rhn-config-satellite.pl no sanea el nombre del archivo de configuraci\\u00f3n usado para a\\u00f1adir el par clave-valor espec\\u00edfico de Spacewalk. El script est\\u00e1 pensado para ser ejecutado por la cuenta de usuario tomcat con Sudo, seg\\u00fan la configuraci\\u00f3n de la instalaci\\u00f3n. Esto puede conllevar a la posibilidad de que un atacante use la opci\\u00f3n --option para anexar c\\u00f3digo arbitrario a un archivo propiedad de root que finalmente ser\\u00e1 ejecutado por el sistema. Esto es corregido en Uyuni spacewalk-admin versi\\u00f3n 4.3.2-1\"}]", id: "CVE-2021-40348", lastModified: "2024-11-21T06:23:55.370", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}", published: "2021-11-01T05:15:07.007", references: "[{\"url\": \"http://www.openwall.com/lists/oss-security/2021/10/28/4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2021/10/28/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2021-40348\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-11-01T05:15:07.007\",\"lastModified\":\"2024-11-21T06:23:55.370\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.\"},{\"lang\":\"es\",\"value\":\"Spacewalk versión 2.10, y sus derivados como Uyuni versión 2021.08, permiten la inyección de código. El archivo rhn-config-satellite.pl no sanea el nombre del archivo de configuración usado para añadir el par clave-valor específico de Spacewalk. El script está pensado para ser ejecutado por la cuenta de usuario tomcat con Sudo, según la configuración de la instalación. Esto puede conllevar a la posibilidad de que un atacante use la opción --option para anexar código arbitrario a un archivo propiedad de root que finalmente será ejecutado por el sistema. Esto es corregido en Uyuni spacewalk-admin versión 4.3.2-1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:uyuni-project:uyuni:2021.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A411E9FA-C3C6-4252-8D1D-FEEDBC285DEE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:spacewalk_project:spacewalk:2.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8FEE004-A489-493A-9C40-A10E708C0099\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2021/10/28/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2021/10/28/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}", }, }
fkie_cve-2021-40348
Vulnerability from fkie_nvd
Published
2021-11-01 05:15
Modified
2024-11-21 06:23
Severity ?
Summary
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2021/10/28/4 | Exploit, Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2021/10/28/4 | Exploit, Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| uyuni-project | uyuni | 2021.08 | |
| spacewalk_project | spacewalk | 2.10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:uyuni-project:uyuni:2021.08:*:*:*:*:*:*:*", matchCriteriaId: "A411E9FA-C3C6-4252-8D1D-FEEDBC285DEE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:spacewalk_project:spacewalk:2.10:*:*:*:*:*:*:*", matchCriteriaId: "D8FEE004-A489-493A-9C40-A10E708C0099", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", }, { lang: "es", value: "Spacewalk versión 2.10, y sus derivados como Uyuni versión 2021.08, permiten la inyección de código. El archivo rhn-config-satellite.pl no sanea el nombre del archivo de configuración usado para añadir el par clave-valor específico de Spacewalk. El script está pensado para ser ejecutado por la cuenta de usuario tomcat con Sudo, según la configuración de la instalación. Esto puede conllevar a la posibilidad de que un atacante use la opción --option para anexar código arbitrario a un archivo propiedad de root que finalmente será ejecutado por el sistema. Esto es corregido en Uyuni spacewalk-admin versión 4.3.2-1", }, ], id: "CVE-2021-40348", lastModified: "2024-11-21T06:23:55.370", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-01T05:15:07.007", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2021-40348
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.
Aliases
Aliases
{ GSD: { alias: "CVE-2021-40348", description: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", id: "GSD-2021-40348", references: [ "https://www.suse.com/security/cve/CVE-2021-40348.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2021-40348", ], details: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", id: "GSD-2021-40348", modified: "2023-12-13T01:23:25.391713Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-40348", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.openwall.com/lists/oss-security/2021/10/28/4", refsource: "MISC", url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { name: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", refsource: "CONFIRM", url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:uyuni-project:uyuni:2021.08:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:spacewalk_project:spacewalk:2.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-40348", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-94", }, ], }, ], }, references: { reference_data: [ { name: "http://www.openwall.com/lists/oss-security/2021/10/28/4", refsource: "MISC", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, { name: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", refsource: "CONFIRM", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, }, }, lastModifiedDate: "2022-11-14T13:30Z", publishedDate: "2021-11-01T05:15Z", }, }, }
suse-su-2021:3562-1
Vulnerability from csaf_suse
Published
2021-10-27 13:34
Modified
2021-10-27 13:34
Summary
Security update for SUSE Manager Server 4.1
Notes
Title of the patch
Security update for SUSE Manager Server 4.1
Description of the patch
This update fixes the following issues:
spacewalk-admin:
- Version 4.1.10-1
* Fix setup with rhn-config-satellite (bsc#1190300)
* Allow admins to modify only spacewalk config files with
rhn-config-satellite.pl (bsc#1190040) (CVE-2021-40348)
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2021-3562,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2021-3562
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.1", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\nspacewalk-admin:\n\n- Version 4.1.10-1\n * Fix setup with rhn-config-satellite (bsc#1190300)\n * Allow admins to modify only spacewalk config files with\n rhn-config-satellite.pl (bsc#1190040) (CVE-2021-40348)\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-3562,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2021-3562", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3562-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:3562-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20213562-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:3562-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-October/009671.html", }, { category: "self", summary: "SUSE Bug 1190040", url: "https://bugzilla.suse.com/1190040", }, { category: "self", summary: "SUSE Bug 1190300", url: "https://bugzilla.suse.com/1190300", }, { category: "self", summary: "SUSE CVE CVE-2021-40348 page", url: "https://www.suse.com/security/cve/CVE-2021-40348/", }, ], title: "Security update for SUSE Manager Server 4.1", tracking: { current_release_date: "2021-10-27T13:34:39Z", generator: { date: "2021-10-27T13:34:39Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:3562-1", initial_release_date: "2021-10-27T13:34:39Z", revision_history: [ { date: "2021-10-27T13:34:39Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "spacewalk-admin-4.1.10-3.15.1.noarch", product: { name: "spacewalk-admin-4.1.10-3.15.1.noarch", product_id: "spacewalk-admin-4.1.10-3.15.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Manager Server Module 4.1", product: { name: "SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.1.10-3.15.1.noarch as component of SUSE Manager Server Module 4.1", product_id: "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.10-3.15.1.noarch", }, product_reference: "spacewalk-admin-4.1.10-3.15.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.1", }, ], }, vulnerabilities: [ { cve: "CVE-2021-40348", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-40348", }, ], notes: [ { category: "general", text: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.10-3.15.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-40348", url: "https://www.suse.com/security/cve/CVE-2021-40348", }, { category: "external", summary: "SUSE Bug 1190040 for CVE-2021-40348", url: "https://bugzilla.suse.com/1190040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.10-3.15.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.10-3.15.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-10-27T13:34:39Z", details: "important", }, ], title: "CVE-2021-40348", }, ], }
suse-ru-2021:3551-1
Vulnerability from csaf_suse
Published
2021-10-27 13:28
Modified
2021-10-27 13:28
Summary
Recommended update for SUSE Manager 4.2.3 Release Notes
Notes
Title of the patch
Recommended update for SUSE Manager 4.2.3 Release Notes
Description of the patch
This update for SUSE Manager 4.2.3 Release Notes provides the following additions:
Release notes for SUSE Manager:
- Update to 4.2.3
- aarch64 support for CentOS 7/8, Oracle Linux 7/8, Rocky Linux 8, AlmaLinux 8, Amazon Linux 2 and openSUSE Leap 15.3
- Package Locking features is now available for Salt Minions
- New XMLRPC API methods for SaltKey
- Bugs mentioned:
bsc#1171520, bsc#1181223, bsc#1187572, bsc#1187998,
bsc#1188315, bsc#1188977, bsc#1189260, bsc#1189422,
bsc#1189609, bsc#1189799, bsc#1189818, bsc#1189933,
bsc#1190040, bsc#1190123, bsc#1190151, bsc#1190164,
bsc#1190166, bsc#1190265, bsc#1190275, bsc#1190276,
bsc#1190300, bsc#1190396, bsc#1190405, bsc#1190455,
bsc#1190512, bsc#1190602, bsc#1190751, bsc#1190820,
bsc#1191123, bsc#1191139, bsc#1191348, bsc#1191551,
CVE-2021-40348, CVE-2021-21996
Release notes for SUSE Manager proxy:
- Update to 4.2.3
- Bugs mentioned:
bsc#1171520, bsc#1181223, bsc#1187998, bsc#1188315,
bsc#1188977, bsc#1190405, bsc#1190512, bsc#1190602,
bsc#1190751, bsc#1190820, bsc#1191348
Patchnames
SUSE-2021-3551,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2021-3551,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2021-3551,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2021-3551
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "low", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Recommended update for SUSE Manager 4.2.3 Release Notes", title: "Title of the patch", }, { category: "description", text: "This update for SUSE Manager 4.2.3 Release Notes provides the following additions:\n\nRelease notes for SUSE Manager:\n\n- Update to 4.2.3 \n - aarch64 support for CentOS 7/8, Oracle Linux 7/8, Rocky Linux 8, AlmaLinux 8, Amazon Linux 2 and openSUSE Leap 15.3\n - Package Locking features is now available for Salt Minions\n - New XMLRPC API methods for SaltKey\n - Bugs mentioned:\n bsc#1171520, bsc#1181223, bsc#1187572, bsc#1187998, \n bsc#1188315, bsc#1188977, bsc#1189260, bsc#1189422, \n bsc#1189609, bsc#1189799, bsc#1189818, bsc#1189933, \n bsc#1190040, bsc#1190123, bsc#1190151, bsc#1190164, \n bsc#1190166, bsc#1190265, bsc#1190275, bsc#1190276, \n bsc#1190300, bsc#1190396, bsc#1190405, bsc#1190455, \n bsc#1190512, bsc#1190602, bsc#1190751, bsc#1190820, \n bsc#1191123, bsc#1191139, bsc#1191348, bsc#1191551, \n CVE-2021-40348, CVE-2021-21996\n\nRelease notes for SUSE Manager proxy:\n\n- Update to 4.2.3\n - Bugs mentioned:\n bsc#1171520, bsc#1181223, bsc#1187998, bsc#1188315,\n bsc#1188977, bsc#1190405, bsc#1190512, bsc#1190602,\n bsc#1190751, bsc#1190820, bsc#1191348\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-3551,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2021-3551,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2021-3551,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2021-3551", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2021_3551-1.json", }, { category: "self", summary: "URL for SUSE-RU-2021:3551-1", url: "https://www.suse.com/support/update/announcement//suse-ru-20213551-1/", }, { category: "self", summary: "E-Mail link for SUSE-RU-2021:3551-1", url: "https://lists.suse.com/pipermail/sle-updates/2021-October/020641.html", }, { category: "self", summary: "SUSE Bug 1171520", url: "https://bugzilla.suse.com/1171520", }, { category: "self", summary: "SUSE Bug 1181223", url: "https://bugzilla.suse.com/1181223", }, { category: "self", summary: "SUSE Bug 1187572", url: "https://bugzilla.suse.com/1187572", }, { category: "self", summary: "SUSE Bug 1187998", url: "https://bugzilla.suse.com/1187998", }, { category: "self", summary: "SUSE Bug 1188315", url: "https://bugzilla.suse.com/1188315", }, { category: "self", summary: "SUSE Bug 1188977", url: "https://bugzilla.suse.com/1188977", }, { category: "self", summary: "SUSE Bug 1189260", url: "https://bugzilla.suse.com/1189260", }, { category: "self", summary: "SUSE Bug 1189422", url: "https://bugzilla.suse.com/1189422", }, { category: "self", summary: "SUSE Bug 1189609", url: "https://bugzilla.suse.com/1189609", }, { category: "self", summary: "SUSE Bug 1189799", url: "https://bugzilla.suse.com/1189799", }, { category: "self", summary: "SUSE Bug 1189818", url: "https://bugzilla.suse.com/1189818", }, { category: "self", summary: "SUSE Bug 1189933", url: "https://bugzilla.suse.com/1189933", }, { category: "self", summary: "SUSE Bug 1190040", url: "https://bugzilla.suse.com/1190040", }, { category: "self", summary: "SUSE Bug 1190123", url: "https://bugzilla.suse.com/1190123", }, { category: "self", summary: "SUSE Bug 1190151", url: "https://bugzilla.suse.com/1190151", }, { category: "self", summary: "SUSE Bug 1190164", url: "https://bugzilla.suse.com/1190164", }, { category: "self", summary: "SUSE Bug 1190166", url: "https://bugzilla.suse.com/1190166", }, { category: "self", summary: "SUSE Bug 1190265", url: "https://bugzilla.suse.com/1190265", }, { category: "self", summary: "SUSE Bug 1190275", url: "https://bugzilla.suse.com/1190275", }, { category: "self", summary: "SUSE Bug 1190276", url: "https://bugzilla.suse.com/1190276", }, { category: "self", summary: "SUSE Bug 1190300", url: "https://bugzilla.suse.com/1190300", }, { category: "self", summary: "SUSE Bug 1190396", url: "https://bugzilla.suse.com/1190396", }, { category: "self", summary: "SUSE Bug 1190405", url: "https://bugzilla.suse.com/1190405", }, { category: "self", summary: "SUSE Bug 1190455", url: "https://bugzilla.suse.com/1190455", }, { category: "self", summary: "SUSE Bug 1190512", url: "https://bugzilla.suse.com/1190512", }, { category: "self", summary: "SUSE Bug 1190602", url: "https://bugzilla.suse.com/1190602", }, { category: "self", summary: "SUSE Bug 1190751", url: "https://bugzilla.suse.com/1190751", }, { category: "self", summary: "SUSE Bug 1190820", url: "https://bugzilla.suse.com/1190820", }, { category: "self", summary: "SUSE Bug 1191123", url: "https://bugzilla.suse.com/1191123", }, { category: "self", summary: "SUSE Bug 1191139", url: "https://bugzilla.suse.com/1191139", }, { category: "self", summary: "SUSE Bug 1191348", url: "https://bugzilla.suse.com/1191348", }, { category: "self", summary: "SUSE Bug 1191551", url: "https://bugzilla.suse.com/1191551", }, { category: "self", summary: "SUSE CVE CVE-2021-21996 page", url: "https://www.suse.com/security/cve/CVE-2021-21996/", }, { category: "self", summary: "SUSE CVE CVE-2021-40348 page", url: "https://www.suse.com/security/cve/CVE-2021-40348/", }, ], title: "Recommended update for SUSE Manager 4.2.3 Release Notes", tracking: { current_release_date: "2021-10-27T13:28:00Z", generator: { date: "2021-10-27T13:28:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-RU-2021:3551-1", initial_release_date: "2021-10-27T13:28:00Z", revision_history: [ { date: "2021-10-27T13:28:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.3-3.19.1.aarch64", product: { name: "release-notes-susemanager-4.2.3-3.19.1.aarch64", product_id: "release-notes-susemanager-4.2.3-3.19.1.aarch64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.3-3.15.1.aarch64", product: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.aarch64", product_id: "release-notes-susemanager-proxy-4.2.3-3.15.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.3-3.19.1.i586", product: { name: "release-notes-susemanager-4.2.3-3.19.1.i586", product_id: "release-notes-susemanager-4.2.3-3.19.1.i586", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.3-3.15.1.i586", product: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.i586", product_id: "release-notes-susemanager-proxy-4.2.3-3.15.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.3-3.19.1.ppc64le", product: { name: "release-notes-susemanager-4.2.3-3.19.1.ppc64le", product_id: "release-notes-susemanager-4.2.3-3.19.1.ppc64le", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.3-3.15.1.ppc64le", product: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.ppc64le", product_id: "release-notes-susemanager-proxy-4.2.3-3.15.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.3-3.19.1.s390x", product: { name: "release-notes-susemanager-4.2.3-3.19.1.s390x", product_id: "release-notes-susemanager-4.2.3-3.19.1.s390x", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.3-3.15.1.s390x", product: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.s390x", product_id: "release-notes-susemanager-proxy-4.2.3-3.15.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.2.3-3.19.1.x86_64", product: { name: "release-notes-susemanager-4.2.3-3.19.1.x86_64", product_id: "release-notes-susemanager-4.2.3-3.19.1.x86_64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", product: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", product_id: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy 4.2", product: { name: "SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Retail Branch Server 4.2", product: { name: "SUSE Manager Retail Branch Server 4.2", product_id: "SUSE Manager Retail Branch Server 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-retail-branch-server:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.2", product: { name: "SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64 as component of SUSE Manager Proxy 4.2", product_id: "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64 as component of SUSE Manager Retail Branch Server 4.2", product_id: "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.3-3.19.1.ppc64le as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", }, product_reference: "release-notes-susemanager-4.2.3-3.19.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.3-3.19.1.s390x as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", }, product_reference: "release-notes-susemanager-4.2.3-3.19.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.2", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.2.3-3.19.1.x86_64 as component of SUSE Manager Server 4.2", product_id: "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", }, product_reference: "release-notes-susemanager-4.2.3-3.19.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-21996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-21996", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-21996", url: "https://www.suse.com/security/cve/CVE-2021-21996", }, { category: "external", summary: "SUSE Bug 1190265 for CVE-2021-21996", url: "https://bugzilla.suse.com/1190265", }, { category: "external", summary: "SUSE Bug 1210934 for CVE-2021-21996", url: "https://bugzilla.suse.com/1210934", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-10-27T13:28:00Z", details: "moderate", }, ], title: "CVE-2021-21996", }, { cve: "CVE-2021-40348", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-40348", }, ], notes: [ { category: "general", text: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-40348", url: "https://www.suse.com/security/cve/CVE-2021-40348", }, { category: "external", summary: "SUSE Bug 1190040 for CVE-2021-40348", url: "https://bugzilla.suse.com/1190040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Retail Branch Server 4.2:release-notes-susemanager-proxy-4.2.3-3.15.1.x86_64", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.ppc64le", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.s390x", "SUSE Manager Server 4.2:release-notes-susemanager-4.2.3-3.19.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-10-27T13:28:00Z", details: "important", }, ], title: "CVE-2021-40348", }, ], }
suse-su-2021:3561-1
Vulnerability from csaf_suse
Published
2021-10-27 13:30
Modified
2021-10-27 13:30
Summary
Security update for SUSE Manager Server 4.2
Notes
Title of the patch
Security update for SUSE Manager Server 4.2
Description of the patch
This update fixes the following issues:
cobbler:
- Fixed modify_setting test to complete successfully
hub-xmlrpc-api:
- Use rpm systemd macro to restart service in replace of systemctl
patterns-suse-manager:
- Virtualization-host-formula was renamed to virtualization-formulas
py26-compat-salt:
- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265, CVE-2021-21996)
py26-compat-tornado:
- Added compatibility to Enterprise Linux 8
py27-compat-salt:
- Fix the regression of docker_container state module
- Support querying for JSON data in external sql pillar
- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265, CVE-2021-21996)
- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories
spacecmd:
- Version 4.2.13-1
* Update translation strings
* configchannel_updatefile handles directory properly (bsc#1190512)
* Add schedule_archivecompleted to mass archive actions (bsc#1181223)
* Remove whoami from the list of unauthenticated commands (bsc#1188977)
spacewalk-admin:
- Version 4.2.9-1
* Fix setup with rhn-config-satellite (bsc#1190300)
* Allow admins to modify only spacewalk config files with
rhn-config-satellite.pl (bsc#1190040) (CVE-2021-40348)
spacewalk-backend:
- Version 4.2.17-1
* Update translations strings
* handle download of metadata filesnames with checksums (bsc#1188315)
* Sanitize cached filename for custom SSL certs used by reposync (bsc#1190751)
spacewalk-certs-tools:
- Version 4.2.13-1
* add GPG keys using apt-key on debian machines (bsc#1187998)
spacewalk-client-tools:
- Version 4.2.14-1
* Update translation strings
spacewalk-java:
- Version 4.2.30-1
* Fix datetime format parsing with moment (bsc#1191348)
- Version 4.2.29-1
* Update translation strings
* fix logging of the spark framework and map requests to media.1
directory in the download controller (bsc#1189933)
* Add 'Last build date' column to CLM project list (jsc#PM-2644)
(jsc#SUMA-61)
* Improve exception handling and logging for mgr-libmod calls
* Add checksums to repository metadata filenames (bsc#1188315)
* Fix ISE in product migration if base product is missing (bsc#1190151)
* use TLSv1.3 if it is a supported Protocol
* Adapt auto errata update to respect maintenance windows
* Adapt auto errata update to skip during CLM build (bsc#1189609)
* add CentOS 7/8 aarch64
* add Oracle Linux 7/8 aarch64
* add Rocky Linux 8 aarch64
* add AlmaLinux 8 aarch64
* add Amazon Linux 2 aarch64
* Add new endpoints to saltkeys API: acceptedList, pendingList, rejectedList,
deniedList, accept and reject
* fix ISE in SSM when scheduling patches on multiple systems (bsc#1190396, bsc#1190275)
* Add 'Flush cache' option to Ansible playbook execution
(bsc#1190405)
* Update kernel live patch version on minion startup (bsc#1190276)
* Allow getting all completed actions via XMLRPC without display limit (bsc#1181223)
* Support syncing patches with advisory status 'pending' (bsc#1190455)
* Add XMLRPC API to force refreshing pillar data (bsc#1190123)
* Add missing string on XCCDF scan results (bsc#1190164)
* Ignore duplicates in 'pkg.installed' result when applying patches (bsc#1187572)
* Improved timezone support
* implement package locking for salt minions
spacewalk-utils:
- Version 4.2.14-1
* When renaming: don't regenerate CA, allow using third-party
certificate and trigger pillar refresh (bsc#1190123)
spacewalk-web:
- Version 4.2.23-1
* Fix datetime format parsing with moment (bsc#1191348)
- Version 4.2.22-1
* Add 'Last build date' column to CLM project list (jsc#PM-2644)
(jsc#SUMA-61)
* Fix 'Type' input in CLM source edit form (bsc#1190820)
* Add 'Flush cache' checkbox to Ansible playbook execution page
(bsc#1190405)
* Fix the VM creation and editing submit button action (bsc#1190602)
* Improved timezone support
* Enhance the default base channel help message (bsc#1171520)
subscription-matcher:
- Version 0.27
* update subscription rules for new SKUs (bsc#1189818)
supportutils-plugin-susemanager:
- Version 4.2.3-1
* detect broken symlinks in tomcat, taskomatic and search daemon
susemanager:
- Version 4.2.25-1
* Add python-mako, python-gnupg and gnupg1 to the Debian 9 bootstrap repository
so bootstrapping without any enabled repositories is possible (bsc#1191898)
* Fix syntax error on migration script (bsc#1191551)
* Add aarch64 bootstrap repositories for CentOS 7/8, Oracle Linux 7/8,
Rocky Linux8, AlmaLinux8, Amazon Linux 2 and openSUSE Leap 15.3
* Add the gnupg package for ubuntu which is then needed by apt-key (bsc#1187998)
* Add SLE 15 SAP Product ID to SLE15 bootstrap repositories, as
it is required to get python3-M2Crypto (bsc#1189422)
susemanager-doc-indexes:
- Added aarch64 support for selection of clients in the Installation
Guide and Client Configuration Guide
- Documented Amazon Web Services permissions for Virtual Host Manager
in the Virtual Host Manager and Amazon Web Service chapters in the
Client Configuration Guide
- Fixed unpublished patches note in the server update chapter of the
Upgrade Guide
- Updated Proxy installation screenshots to reflect SUSE Manager 4.2
version in the Installation Guide
- Updated migration instructions to help avoid migration from Proxy 4.0
to 4.1 if 4.2 is already available to the Upgrade Guide
- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the
commands on the client (bsc#1190166)
- Removed Portus and CaaSP references from the image management chapter
of the Administration Guide
- Documented package lock as a supported feature for some Salt clients
in the Client Configuration Guide.
susemanager-docs_en:
- Added aarch64 support for selection of clients in the Installation
Guide and Client Configuration Guide
- Documented Amazon Web Services permissions for Virtual Host Manager
in the Virtual Host Manager and Amazon Web Service chapters in the
Client Configuration Guide
- Fixed unpublished patches note in the server update chapter of the
Upgrade Guide
- Updated Proxy installation screenshots to reflect SUSE Manager 4.2
version in the Installation Guide
- Updated migration instructions to help avoid migration from Proxy 4.0
to 4.1 if 4.2 is already available to the Upgrade Guide
- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the
commands on the client (bsc#1190166)
- Removed Portus and CaaSP references from the image management chapter
of the Administration Guide
- Documented package lock as a supported feature for some Salt clients
in the Client Configuration Guide.
susemanager-schema:
- Version 4.2.18-1
* create unique index on package details action id (bsc#1190396, bsc#1190275)
* Add 'flush_cache' flag to Ansible playbook execution action
(bsc#1190405)
* Support syncing patches with advisory status 'pending' (bsc#1190455)
* allow Ansible Control Node entitlement for aarch64, ppc64le and
s390x (bsc#1189799)
* implement package locking for salt minions
susemanager-sls:
- Version 4.2.18-1
* Fix cpuinfo grain and virt_utils state python2 compatibility (bsc#1191139, bsc#1191123)
* deploy certificate on SLE Micro 5.1
* Realign pkgset cookie path for Salt Bundle changes
* Fix pkgset beacon to work with salt-minion 2016.11.10 (bsc#1189260)
* Fix virt grain python2 compatibility
* Fix mgrcompat state module to work with Salt 3003 and 3004
* Add 'flush_cache' flag to 'ansible.playbooks' call (bsc#1190405)
* Update kernel live patch version on minion startup (bsc#1190276)
* don't use libvirt API to get its version for the virt features grain
* implement package locking for salt minions
susemanager-sync-data:
- Version 4.2.9-1
* add CentOS 7/8 aarch64
* add Oracle Linux 7/8 aarch64
* add Rocky Linux 8 aarch64
* add AlmaLinux 8 aarch64
* add Amazon Linux 2 aarch64
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2021-3561,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2021-3561
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.2", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\ncobbler:\n\n- Fixed modify_setting test to complete successfully\n\nhub-xmlrpc-api:\n\n- Use rpm systemd macro to restart service in replace of systemctl\n\npatterns-suse-manager:\n\n- Virtualization-host-formula was renamed to virtualization-formulas \n\npy26-compat-salt:\n\n- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265, CVE-2021-21996)\n\npy26-compat-tornado:\n\n- Added compatibility to Enterprise Linux 8\n\npy27-compat-salt:\n\n- Fix the regression of docker_container state module\n- Support querying for JSON data in external sql pillar\n- Exclude the full path of a download URL to prevent injection of malicious code (bsc#1190265, CVE-2021-21996)\n- Fix wrong relative paths resolution with Jinja renderer when importing subdirectories\n\nspacecmd:\n\n- Version 4.2.13-1\n * Update translation strings\n * configchannel_updatefile handles directory properly (bsc#1190512)\n * Add schedule_archivecompleted to mass archive actions (bsc#1181223)\n * Remove whoami from the list of unauthenticated commands (bsc#1188977)\n\nspacewalk-admin:\n\n- Version 4.2.9-1\n * Fix setup with rhn-config-satellite (bsc#1190300)\n * Allow admins to modify only spacewalk config files with\n rhn-config-satellite.pl (bsc#1190040) (CVE-2021-40348)\n\nspacewalk-backend:\n\n- Version 4.2.17-1\n * Update translations strings\n * handle download of metadata filesnames with checksums (bsc#1188315)\n * Sanitize cached filename for custom SSL certs used by reposync (bsc#1190751)\n\nspacewalk-certs-tools:\n\n- Version 4.2.13-1\n * add GPG keys using apt-key on debian machines (bsc#1187998)\n\nspacewalk-client-tools:\n\n- Version 4.2.14-1\n * Update translation strings\n\nspacewalk-java:\n\n- Version 4.2.30-1\n * Fix datetime format parsing with moment (bsc#1191348)\n- Version 4.2.29-1\n * Update translation strings\n * fix logging of the spark framework and map requests to media.1\n directory in the download controller (bsc#1189933)\n * Add 'Last build date' column to CLM project list (jsc#PM-2644)\n (jsc#SUMA-61)\n * Improve exception handling and logging for mgr-libmod calls\n * Add checksums to repository metadata filenames (bsc#1188315)\n * Fix ISE in product migration if base product is missing (bsc#1190151)\n * use TLSv1.3 if it is a supported Protocol\n * Adapt auto errata update to respect maintenance windows\n * Adapt auto errata update to skip during CLM build (bsc#1189609)\n * add CentOS 7/8 aarch64\n * add Oracle Linux 7/8 aarch64\n * add Rocky Linux 8 aarch64\n * add AlmaLinux 8 aarch64\n * add Amazon Linux 2 aarch64\n * Add new endpoints to saltkeys API: acceptedList, pendingList, rejectedList,\n deniedList, accept and reject\n * fix ISE in SSM when scheduling patches on multiple systems (bsc#1190396, bsc#1190275)\n * Add 'Flush cache' option to Ansible playbook execution\n (bsc#1190405)\n * Update kernel live patch version on minion startup (bsc#1190276)\n * Allow getting all completed actions via XMLRPC without display limit (bsc#1181223)\n * Support syncing patches with advisory status 'pending' (bsc#1190455)\n * Add XMLRPC API to force refreshing pillar data (bsc#1190123)\n * Add missing string on XCCDF scan results (bsc#1190164)\n * Ignore duplicates in 'pkg.installed' result when applying patches (bsc#1187572)\n * Improved timezone support\n * implement package locking for salt minions\n\nspacewalk-utils:\n\n- Version 4.2.14-1\n * When renaming: don't regenerate CA, allow using third-party\n certificate and trigger pillar refresh (bsc#1190123)\n\nspacewalk-web:\n\n- Version 4.2.23-1\n * Fix datetime format parsing with moment (bsc#1191348)\n- Version 4.2.22-1\n * Add 'Last build date' column to CLM project list (jsc#PM-2644)\n (jsc#SUMA-61)\n * Fix 'Type' input in CLM source edit form (bsc#1190820)\n * Add 'Flush cache' checkbox to Ansible playbook execution page\n (bsc#1190405)\n * Fix the VM creation and editing submit button action (bsc#1190602)\n * Improved timezone support\n * Enhance the default base channel help message (bsc#1171520)\n\nsubscription-matcher:\n\n- Version 0.27\n * update subscription rules for new SKUs (bsc#1189818)\n\nsupportutils-plugin-susemanager:\n\n- Version 4.2.3-1\n * detect broken symlinks in tomcat, taskomatic and search daemon\n\nsusemanager:\n\n- Version 4.2.25-1\n * Add python-mako, python-gnupg and gnupg1 to the Debian 9 bootstrap repository\n so bootstrapping without any enabled repositories is possible (bsc#1191898)\n * Fix syntax error on migration script (bsc#1191551)\n * Add aarch64 bootstrap repositories for CentOS 7/8, Oracle Linux 7/8,\n Rocky Linux8, AlmaLinux8, Amazon Linux 2 and openSUSE Leap 15.3\n * Add the gnupg package for ubuntu which is then needed by apt-key (bsc#1187998)\n * Add SLE 15 SAP Product ID to SLE15 bootstrap repositories, as\n it is required to get python3-M2Crypto (bsc#1189422)\n\nsusemanager-doc-indexes:\n\n- Added aarch64 support for selection of clients in the Installation\n Guide and Client Configuration Guide\n- Documented Amazon Web Services permissions for Virtual Host Manager\n in the Virtual Host Manager and Amazon Web Service chapters in the\n Client Configuration Guide\n- Fixed unpublished patches note in the server update chapter of the\n Upgrade Guide\n- Updated Proxy installation screenshots to reflect SUSE Manager 4.2 \n version in the Installation Guide\n- Updated migration instructions to help avoid migration from Proxy 4.0 \n to 4.1 if 4.2 is already available to the Upgrade Guide\n- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the\n commands on the client (bsc#1190166)\n- Removed Portus and CaaSP references from the image management chapter\n of the Administration Guide\n- Documented package lock as a supported feature for some Salt clients\n in the Client Configuration Guide.\n\nsusemanager-docs_en:\n\n- Added aarch64 support for selection of clients in the Installation\n Guide and Client Configuration Guide\n- Documented Amazon Web Services permissions for Virtual Host Manager \n in the Virtual Host Manager and Amazon Web Service chapters in the \n Client Configuration Guide\n- Fixed unpublished patches note in the server update chapter of the\n Upgrade Guide\n- Updated Proxy installation screenshots to reflect SUSE Manager 4.2 \n version in the Installation Guide\n- Updated migration instructions to help avoid migration from Proxy 4.0 \n to 4.1 if 4.2 is already available to the Upgrade Guide\n- Fixed mgr-cfg-* issues in appendix of the Reference Guide. Run the\n commands on the client (bsc#1190166)\n- Removed Portus and CaaSP references from the image management chapter\n of the Administration Guide\n- Documented package lock as a supported feature for some Salt clients\n in the Client Configuration Guide. \n\nsusemanager-schema:\n\n- Version 4.2.18-1\n * create unique index on package details action id (bsc#1190396, bsc#1190275)\n * Add 'flush_cache' flag to Ansible playbook execution action\n (bsc#1190405)\n * Support syncing patches with advisory status 'pending' (bsc#1190455)\n * allow Ansible Control Node entitlement for aarch64, ppc64le and\n s390x (bsc#1189799)\n * implement package locking for salt minions\n\nsusemanager-sls:\n\n- Version 4.2.18-1\n * Fix cpuinfo grain and virt_utils state python2 compatibility (bsc#1191139, bsc#1191123)\n * deploy certificate on SLE Micro 5.1\n * Realign pkgset cookie path for Salt Bundle changes\n * Fix pkgset beacon to work with salt-minion 2016.11.10 (bsc#1189260)\n * Fix virt grain python2 compatibility\n * Fix mgrcompat state module to work with Salt 3003 and 3004\n * Add 'flush_cache' flag to 'ansible.playbooks' call (bsc#1190405)\n * Update kernel live patch version on minion startup (bsc#1190276)\n * don't use libvirt API to get its version for the virt features grain\n * implement package locking for salt minions\n\nsusemanager-sync-data:\n\n- Version 4.2.9-1\n * add CentOS 7/8 aarch64\n * add Oracle Linux 7/8 aarch64\n * add Rocky Linux 8 aarch64\n * add AlmaLinux 8 aarch64\n * add Amazon Linux 2 aarch64\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-3561,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2021-3561", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_3561-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:3561-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20213561-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:3561-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-October/009667.html", }, { category: "self", summary: "SUSE Bug 1171520", url: "https://bugzilla.suse.com/1171520", }, { category: "self", summary: "SUSE Bug 1181223", url: "https://bugzilla.suse.com/1181223", }, { category: "self", summary: "SUSE Bug 1187572", url: "https://bugzilla.suse.com/1187572", }, { category: "self", summary: "SUSE Bug 1187998", url: "https://bugzilla.suse.com/1187998", }, { category: "self", summary: "SUSE Bug 1188315", url: "https://bugzilla.suse.com/1188315", }, { category: "self", summary: "SUSE Bug 1188977", url: "https://bugzilla.suse.com/1188977", }, { category: "self", summary: "SUSE Bug 1189260", url: "https://bugzilla.suse.com/1189260", }, { category: "self", summary: "SUSE Bug 1189422", url: "https://bugzilla.suse.com/1189422", }, { category: "self", summary: "SUSE Bug 1189609", url: "https://bugzilla.suse.com/1189609", }, { category: "self", summary: "SUSE Bug 1189799", url: "https://bugzilla.suse.com/1189799", }, { category: "self", summary: "SUSE Bug 1189818", url: "https://bugzilla.suse.com/1189818", }, { category: "self", summary: "SUSE Bug 1189933", url: "https://bugzilla.suse.com/1189933", }, { category: "self", summary: "SUSE Bug 1190040", url: "https://bugzilla.suse.com/1190040", }, { category: "self", summary: "SUSE Bug 1190123", url: "https://bugzilla.suse.com/1190123", }, { category: "self", summary: "SUSE Bug 1190151", url: "https://bugzilla.suse.com/1190151", }, { category: "self", summary: "SUSE Bug 1190164", url: "https://bugzilla.suse.com/1190164", }, { category: "self", summary: "SUSE Bug 1190166", url: "https://bugzilla.suse.com/1190166", }, { category: "self", summary: "SUSE Bug 1190265", url: "https://bugzilla.suse.com/1190265", }, { category: "self", summary: "SUSE Bug 1190275", url: "https://bugzilla.suse.com/1190275", }, { category: "self", summary: "SUSE Bug 1190276", url: "https://bugzilla.suse.com/1190276", }, { category: "self", summary: "SUSE Bug 1190300", url: "https://bugzilla.suse.com/1190300", }, { category: "self", summary: "SUSE Bug 1190396", url: "https://bugzilla.suse.com/1190396", }, { category: "self", summary: "SUSE Bug 1190405", url: "https://bugzilla.suse.com/1190405", }, { category: "self", summary: "SUSE Bug 1190455", url: "https://bugzilla.suse.com/1190455", }, { category: "self", summary: "SUSE Bug 1190512", url: "https://bugzilla.suse.com/1190512", }, { category: "self", summary: "SUSE Bug 1190602", url: "https://bugzilla.suse.com/1190602", }, { category: "self", summary: "SUSE Bug 1190751", url: "https://bugzilla.suse.com/1190751", }, { category: "self", summary: "SUSE Bug 1190820", url: "https://bugzilla.suse.com/1190820", }, { category: "self", summary: "SUSE Bug 1191123", url: "https://bugzilla.suse.com/1191123", }, { category: "self", summary: "SUSE Bug 1191139", url: "https://bugzilla.suse.com/1191139", }, { category: "self", summary: "SUSE Bug 1191348", url: "https://bugzilla.suse.com/1191348", }, { category: "self", summary: "SUSE Bug 1191551", url: "https://bugzilla.suse.com/1191551", }, { category: "self", summary: "SUSE Bug 1191898", url: "https://bugzilla.suse.com/1191898", }, { category: "self", summary: "SUSE CVE CVE-2021-21996 page", url: "https://www.suse.com/security/cve/CVE-2021-21996/", }, { category: "self", summary: "SUSE CVE CVE-2021-40348 page", url: "https://www.suse.com/security/cve/CVE-2021-40348/", }, ], title: "Security update for SUSE Manager Server 4.2", tracking: { current_release_date: "2021-10-27T13:30:01Z", generator: { date: "2021-10-27T13:30:01Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:3561-1", initial_release_date: "2021-10-27T13:30:01Z", revision_history: [ { date: "2021-10-27T13:30:01Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "hub-xmlrpc-api-0.7-3.3.3.aarch64", product: { name: "hub-xmlrpc-api-0.7-3.3.3.aarch64", product_id: "hub-xmlrpc-api-0.7-3.3.3.aarch64", }, }, { category: "product_version", name: "inter-server-sync-0.0.5-8.6.3.aarch64", product: { name: "inter-server-sync-0.0.5-8.6.3.aarch64", product_id: "inter-server-sync-0.0.5-8.6.3.aarch64", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-4.3.1.aarch64", product: { name: "patterns-suma_proxy-4.2-4.3.1.aarch64", product_id: "patterns-suma_proxy-4.2-4.3.1.aarch64", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-4.3.1.aarch64", product: { name: "patterns-suma_retail-4.2-4.3.1.aarch64", product_id: "patterns-suma_retail-4.2-4.3.1.aarch64", }, }, { category: "product_version", name: "patterns-suma_server-4.2-4.3.1.aarch64", product: { name: "patterns-suma_server-4.2-4.3.1.aarch64", product_id: "patterns-suma_server-4.2-4.3.1.aarch64", }, }, { category: "product_version", name: "py26-compat-tornado-4.2.1-3.3.1.aarch64", product: { name: "py26-compat-tornado-4.2.1-3.3.1.aarch64", product_id: "py26-compat-tornado-4.2.1-3.3.1.aarch64", }, }, { category: "product_version", name: "susemanager-4.2.25-3.13.1.aarch64", product: { name: "susemanager-4.2.25-3.13.1.aarch64", product_id: "susemanager-4.2.25-3.13.1.aarch64", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.aarch64", product: { name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.aarch64", product_id: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.2.25-3.13.1.aarch64", product: { name: "susemanager-tools-4.2.25-3.13.1.aarch64", product_id: "susemanager-tools-4.2.25-3.13.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cobbler-3.1.2-5.11.1.noarch", product: { name: "cobbler-3.1.2-5.11.1.noarch", product_id: "cobbler-3.1.2-5.11.1.noarch", }, }, { category: "product_version", name: "cobbler-tests-3.1.2-5.11.1.noarch", product: { name: "cobbler-tests-3.1.2-5.11.1.noarch", product_id: "cobbler-tests-3.1.2-5.11.1.noarch", }, }, { category: "product_version", name: "cobbler-web-3.1.2-5.11.1.noarch", product: { name: "cobbler-web-3.1.2-5.11.1.noarch", product_id: "cobbler-web-3.1.2-5.11.1.noarch", }, }, { category: "product_version", name: "py26-compat-salt-2016.11.10-11.28.9.1.noarch", product: { name: "py26-compat-salt-2016.11.10-11.28.9.1.noarch", product_id: "py26-compat-salt-2016.11.10-11.28.9.1.noarch", }, }, { category: "product_version", name: "py27-compat-salt-3000.3-7.7.11.1.noarch", product: { name: "py27-compat-salt-3000.3-7.7.11.1.noarch", product_id: "py27-compat-salt-3000.3-7.7.11.1.noarch", }, }, { category: "product_version", name: "python2-spacewalk-certs-tools-4.2.13-3.9.2.noarch", product: { name: "python2-spacewalk-certs-tools-4.2.13-3.9.2.noarch", product_id: "python2-spacewalk-certs-tools-4.2.13-3.9.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-check-4.2.14-4.9.3.noarch", product: { name: "python2-spacewalk-check-4.2.14-4.9.3.noarch", product_id: "python2-spacewalk-check-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-setup-4.2.14-4.9.3.noarch", product: { name: "python2-spacewalk-client-setup-4.2.14-4.9.3.noarch", product_id: "python2-spacewalk-client-setup-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "python2-spacewalk-client-tools-4.2.14-4.9.3.noarch", product: { name: "python2-spacewalk-client-tools-4.2.14-4.9.3.noarch", product_id: "python2-spacewalk-client-tools-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", product: { name: "python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", product_id: "python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.2.14-4.9.3.noarch", product: { name: "python3-spacewalk-check-4.2.14-4.9.3.noarch", product_id: "python3-spacewalk-check-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.2.14-4.9.3.noarch", product: { name: "python3-spacewalk-client-setup-4.2.14-4.9.3.noarch", product_id: "python3-spacewalk-client-setup-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", product: { name: "python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", product_id: "python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "spacecmd-4.2.13-4.9.1.noarch", product: { name: "spacecmd-4.2.13-4.9.1.noarch", product_id: "spacecmd-4.2.13-4.9.1.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.2.9-3.6.2.noarch", product: { name: "spacewalk-admin-4.2.9-3.6.2.noarch", product_id: "spacewalk-admin-4.2.9-3.6.2.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-app-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-app-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-applet-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-applet-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-cdn-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-cdn-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-config-files-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-config-files-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-iss-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-iss-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-server-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-server-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-sql-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-sql-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-tools-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-tools-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", product: { name: "spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", product_id: "spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.2.23-3.9.3.noarch", product: { name: "spacewalk-base-4.2.23-3.9.3.noarch", product_id: "spacewalk-base-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.2.23-3.9.3.noarch", product: { name: "spacewalk-base-minimal-4.2.23-3.9.3.noarch", product_id: "spacewalk-base-minimal-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", product: { name: "spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", product_id: "spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-certs-tools-4.2.13-3.9.2.noarch", product: { name: "spacewalk-certs-tools-4.2.13-3.9.2.noarch", product_id: "spacewalk-certs-tools-4.2.13-3.9.2.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.2.14-4.9.3.noarch", product: { name: "spacewalk-check-4.2.14-4.9.3.noarch", product_id: "spacewalk-check-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.2.14-4.9.3.noarch", product: { name: "spacewalk-client-setup-4.2.14-4.9.3.noarch", product_id: "spacewalk-client-setup-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.2.14-4.9.3.noarch", product: { name: "spacewalk-client-tools-4.2.14-4.9.3.noarch", product_id: "spacewalk-client-tools-4.2.14-4.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.2.23-3.9.3.noarch", product: { name: "spacewalk-dobby-4.2.23-3.9.3.noarch", product_id: "spacewalk-dobby-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.2.23-3.9.3.noarch", product: { name: "spacewalk-html-4.2.23-3.9.3.noarch", product_id: "spacewalk-html-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.2.23-3.9.3.noarch", product: { name: "spacewalk-html-debug-4.2.23-3.9.3.noarch", product_id: "spacewalk-html-debug-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.2.30-3.14.4.noarch", product: { name: "spacewalk-java-4.2.30-3.14.4.noarch", product_id: "spacewalk-java-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.2.30-3.14.4.noarch", product: { name: "spacewalk-java-apidoc-sources-4.2.30-3.14.4.noarch", product_id: "spacewalk-java-apidoc-sources-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.2.30-3.14.4.noarch", product: { name: "spacewalk-java-config-4.2.30-3.14.4.noarch", product_id: "spacewalk-java-config-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.2.30-3.14.4.noarch", product: { name: "spacewalk-java-lib-4.2.30-3.14.4.noarch", product_id: "spacewalk-java-lib-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.2.30-3.14.4.noarch", product: { name: "spacewalk-java-postgresql-4.2.30-3.14.4.noarch", product_id: "spacewalk-java-postgresql-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-broker-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-broker-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-broker-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-common-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-common-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-common-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-installer-4.2.7-3.9.3.noarch", product: { name: "spacewalk-proxy-installer-4.2.7-3.9.3.noarch", product_id: "spacewalk-proxy-installer-4.2.7-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-management-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-management-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-management-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-package-manager-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-package-manager-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-package-manager-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-redirect-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-redirect-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-redirect-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-salt-4.2.7-3.6.3.noarch", product: { name: "spacewalk-proxy-salt-4.2.7-3.6.3.noarch", product_id: "spacewalk-proxy-salt-4.2.7-3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.2.30-3.14.4.noarch", product: { name: "spacewalk-taskomatic-4.2.30-3.14.4.noarch", product_id: "spacewalk-taskomatic-4.2.30-3.14.4.noarch", }, }, { category: "product_version", name: "spacewalk-utils-4.2.14-3.9.3.noarch", product: { name: "spacewalk-utils-4.2.14-3.9.3.noarch", product_id: "spacewalk-utils-4.2.14-3.9.3.noarch", }, }, { category: "product_version", name: "spacewalk-utils-extras-4.2.14-3.9.3.noarch", product: { name: "spacewalk-utils-extras-4.2.14-3.9.3.noarch", product_id: "spacewalk-utils-extras-4.2.14-3.9.3.noarch", }, }, { category: "product_version", name: "subscription-matcher-0.27-6.3.1.noarch", product: { name: "subscription-matcher-0.27-6.3.1.noarch", product_id: "subscription-matcher-0.27-6.3.1.noarch", }, }, { category: "product_version", name: "subscription-matcher-kit-f1abfdf2e278d72e3556dac7704054d0d6ba2075-3.3.1.noarch", product: { name: "subscription-matcher-kit-f1abfdf2e278d72e3556dac7704054d0d6ba2075-3.3.1.noarch", product_id: "subscription-matcher-kit-f1abfdf2e278d72e3556dac7704054d0d6ba2075-3.3.1.noarch", }, }, { category: "product_version", name: "supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", product: { name: "supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", product_id: "supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", }, }, { category: "product_version", name: "susemanager-doc-indexes-4.2-12.11.3.noarch", product: { name: "susemanager-doc-indexes-4.2-12.11.3.noarch", product_id: "susemanager-doc-indexes-4.2-12.11.3.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.2-12.11.1.noarch", product: { name: "susemanager-docs_en-4.2-12.11.1.noarch", product_id: "susemanager-docs_en-4.2-12.11.1.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.2-12.11.1.noarch", product: { name: "susemanager-docs_en-pdf-4.2-12.11.1.noarch", product_id: "susemanager-docs_en-pdf-4.2-12.11.1.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.2.18-3.9.3.noarch", product: { name: "susemanager-schema-4.2.18-3.9.3.noarch", product_id: "susemanager-schema-4.2.18-3.9.3.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.2.18-3.9.3.noarch", product: { name: "susemanager-schema-sanity-4.2.18-3.9.3.noarch", product_id: "susemanager-schema-sanity-4.2.18-3.9.3.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.2.18-3.11.1.noarch", product: { name: "susemanager-sls-4.2.18-3.11.1.noarch", product_id: "susemanager-sls-4.2.18-3.11.1.noarch", }, }, { category: "product_version", name: "susemanager-sync-data-4.2.9-3.9.1.noarch", product: { name: "susemanager-sync-data-4.2.9-3.9.1.noarch", product_id: "susemanager-sync-data-4.2.9-3.9.1.noarch", }, }, { category: "product_version", name: "susemanager-web-libs-4.2.23-3.9.3.noarch", product: { name: "susemanager-web-libs-4.2.23-3.9.3.noarch", product_id: "susemanager-web-libs-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "susemanager-web-libs-debug-4.2.23-3.9.3.noarch", product: { name: "susemanager-web-libs-debug-4.2.23-3.9.3.noarch", product_id: "susemanager-web-libs-debug-4.2.23-3.9.3.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.2.18-3.11.1.noarch", product: { name: "uyuni-config-modules-4.2.18-3.11.1.noarch", product_id: "uyuni-config-modules-4.2.18-3.11.1.noarch", }, }, { category: "product_version", name: "virtualization-formulas-0.6.1-8.3.1.noarch", product: { name: "virtualization-formulas-0.6.1-8.3.1.noarch", product_id: "virtualization-formulas-0.6.1-8.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "hub-xmlrpc-api-0.7-3.3.3.ppc64le", product: { name: "hub-xmlrpc-api-0.7-3.3.3.ppc64le", product_id: "hub-xmlrpc-api-0.7-3.3.3.ppc64le", }, }, { category: "product_version", name: "inter-server-sync-0.0.5-8.6.3.ppc64le", product: { name: "inter-server-sync-0.0.5-8.6.3.ppc64le", product_id: "inter-server-sync-0.0.5-8.6.3.ppc64le", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-4.3.1.ppc64le", product: { name: "patterns-suma_proxy-4.2-4.3.1.ppc64le", product_id: "patterns-suma_proxy-4.2-4.3.1.ppc64le", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-4.3.1.ppc64le", product: { name: "patterns-suma_retail-4.2-4.3.1.ppc64le", product_id: "patterns-suma_retail-4.2-4.3.1.ppc64le", }, }, { category: "product_version", name: "patterns-suma_server-4.2-4.3.1.ppc64le", product: { name: "patterns-suma_server-4.2-4.3.1.ppc64le", product_id: "patterns-suma_server-4.2-4.3.1.ppc64le", }, }, { category: "product_version", name: "py26-compat-tornado-4.2.1-3.3.1.ppc64le", product: { name: "py26-compat-tornado-4.2.1-3.3.1.ppc64le", product_id: "py26-compat-tornado-4.2.1-3.3.1.ppc64le", }, }, { category: "product_version", name: "susemanager-4.2.25-3.13.1.ppc64le", product: { name: "susemanager-4.2.25-3.13.1.ppc64le", product_id: "susemanager-4.2.25-3.13.1.ppc64le", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.ppc64le", product: { name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.ppc64le", product_id: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.2.25-3.13.1.ppc64le", product: { name: "susemanager-tools-4.2.25-3.13.1.ppc64le", product_id: "susemanager-tools-4.2.25-3.13.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "hub-xmlrpc-api-0.7-3.3.3.s390x", product: { name: "hub-xmlrpc-api-0.7-3.3.3.s390x", product_id: "hub-xmlrpc-api-0.7-3.3.3.s390x", }, }, { category: "product_version", name: "inter-server-sync-0.0.5-8.6.3.s390x", product: { name: "inter-server-sync-0.0.5-8.6.3.s390x", product_id: "inter-server-sync-0.0.5-8.6.3.s390x", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-4.3.1.s390x", product: { name: "patterns-suma_proxy-4.2-4.3.1.s390x", product_id: "patterns-suma_proxy-4.2-4.3.1.s390x", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-4.3.1.s390x", product: { name: "patterns-suma_retail-4.2-4.3.1.s390x", product_id: "patterns-suma_retail-4.2-4.3.1.s390x", }, }, { category: "product_version", name: "patterns-suma_server-4.2-4.3.1.s390x", product: { name: "patterns-suma_server-4.2-4.3.1.s390x", product_id: "patterns-suma_server-4.2-4.3.1.s390x", }, }, { category: "product_version", name: "py26-compat-tornado-4.2.1-3.3.1.s390x", product: { name: "py26-compat-tornado-4.2.1-3.3.1.s390x", product_id: "py26-compat-tornado-4.2.1-3.3.1.s390x", }, }, { category: "product_version", name: "susemanager-4.2.25-3.13.1.s390x", product: { name: "susemanager-4.2.25-3.13.1.s390x", product_id: "susemanager-4.2.25-3.13.1.s390x", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.s390x", product: { name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.s390x", product_id: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.2.25-3.13.1.s390x", product: { name: "susemanager-tools-4.2.25-3.13.1.s390x", product_id: "susemanager-tools-4.2.25-3.13.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "hub-xmlrpc-api-0.7-3.3.3.x86_64", product: { name: "hub-xmlrpc-api-0.7-3.3.3.x86_64", product_id: "hub-xmlrpc-api-0.7-3.3.3.x86_64", }, }, { category: "product_version", name: "inter-server-sync-0.0.5-8.6.3.x86_64", product: { name: "inter-server-sync-0.0.5-8.6.3.x86_64", product_id: "inter-server-sync-0.0.5-8.6.3.x86_64", }, }, { category: "product_version", name: "patterns-suma_proxy-4.2-4.3.1.x86_64", product: { name: "patterns-suma_proxy-4.2-4.3.1.x86_64", product_id: "patterns-suma_proxy-4.2-4.3.1.x86_64", }, }, { category: "product_version", name: "patterns-suma_retail-4.2-4.3.1.x86_64", product: { name: "patterns-suma_retail-4.2-4.3.1.x86_64", product_id: "patterns-suma_retail-4.2-4.3.1.x86_64", }, }, { category: "product_version", name: "patterns-suma_server-4.2-4.3.1.x86_64", product: { name: "patterns-suma_server-4.2-4.3.1.x86_64", product_id: "patterns-suma_server-4.2-4.3.1.x86_64", }, }, { category: "product_version", name: "py26-compat-tornado-4.2.1-3.3.1.x86_64", product: { name: "py26-compat-tornado-4.2.1-3.3.1.x86_64", product_id: "py26-compat-tornado-4.2.1-3.3.1.x86_64", }, }, { category: "product_version", name: "susemanager-4.2.25-3.13.1.x86_64", product: { name: "susemanager-4.2.25-3.13.1.x86_64", product_id: "susemanager-4.2.25-3.13.1.x86_64", }, }, { category: "product_version", name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.x86_64", product: { name: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.x86_64", product_id: "susemanager-nodejs-sdk-devel-4.2.15-3.9.2.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.2.25-3.13.1.x86_64", product: { name: "susemanager-tools-4.2.25-3.13.1.x86_64", product_id: "susemanager-tools-4.2.25-3.13.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Server Module 4.2", product: { name: "SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cobbler-3.1.2-5.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", }, product_reference: "cobbler-3.1.2-5.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "hub-xmlrpc-api-0.7-3.3.3.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", }, product_reference: "hub-xmlrpc-api-0.7-3.3.3.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "hub-xmlrpc-api-0.7-3.3.3.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", }, product_reference: "hub-xmlrpc-api-0.7-3.3.3.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "hub-xmlrpc-api-0.7-3.3.3.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", }, product_reference: "hub-xmlrpc-api-0.7-3.3.3.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.0.5-8.6.3.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", }, product_reference: "inter-server-sync-0.0.5-8.6.3.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.0.5-8.6.3.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", }, product_reference: "inter-server-sync-0.0.5-8.6.3.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.0.5-8.6.3.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", }, product_reference: "inter-server-sync-0.0.5-8.6.3.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-4.3.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", }, product_reference: "patterns-suma_retail-4.2-4.3.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-4.3.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", }, product_reference: "patterns-suma_retail-4.2-4.3.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_retail-4.2-4.3.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", }, product_reference: "patterns-suma_retail-4.2-4.3.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-4.3.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", }, product_reference: "patterns-suma_server-4.2-4.3.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-4.3.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", }, product_reference: "patterns-suma_server-4.2-4.3.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "patterns-suma_server-4.2-4.3.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", }, product_reference: "patterns-suma_server-4.2-4.3.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py26-compat-salt-2016.11.10-11.28.9.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", }, product_reference: "py26-compat-salt-2016.11.10-11.28.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py26-compat-tornado-4.2.1-3.3.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", }, product_reference: "py26-compat-tornado-4.2.1-3.3.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py26-compat-tornado-4.2.1-3.3.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", }, product_reference: "py26-compat-tornado-4.2.1-3.3.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py26-compat-tornado-4.2.1-3.3.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", }, product_reference: "py26-compat-tornado-4.2.1-3.3.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py27-compat-salt-3000.3-7.7.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", }, product_reference: "py27-compat-salt-3000.3-7.7.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.14-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.13-4.9.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", }, product_reference: "spacecmd-4.2.13-4.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.2.9-3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", }, product_reference: "spacewalk-admin-4.2.9-3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-app-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-applet-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-config-files-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-iss-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-server-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-sql-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-tools-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.2.23-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", }, product_reference: "spacewalk-base-4.2.23-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.23-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", }, product_reference: "spacewalk-base-minimal-4.2.23-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.23-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.13-3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", }, product_reference: "spacewalk-certs-tools-4.2.13-3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.14-4.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", }, product_reference: "spacewalk-client-tools-4.2.14-4.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.2.23-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", }, product_reference: "spacewalk-html-4.2.23-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.2.30-3.14.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", }, product_reference: "spacewalk-java-4.2.30-3.14.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.2.30-3.14.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", }, product_reference: "spacewalk-java-config-4.2.30-3.14.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.2.30-3.14.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", }, product_reference: "spacewalk-java-lib-4.2.30-3.14.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.2.30-3.14.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", }, product_reference: "spacewalk-java-postgresql-4.2.30-3.14.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.2.30-3.14.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", }, product_reference: "spacewalk-taskomatic-4.2.30-3.14.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-utils-4.2.14-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", }, product_reference: "spacewalk-utils-4.2.14-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-utils-extras-4.2.14-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", }, product_reference: "spacewalk-utils-extras-4.2.14-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "subscription-matcher-0.27-6.3.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", }, product_reference: "subscription-matcher-0.27-6.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "supportutils-plugin-susemanager-4.2.3-3.3.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", }, product_reference: "supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.25-3.13.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", }, product_reference: "susemanager-4.2.25-3.13.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.25-3.13.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", }, product_reference: "susemanager-4.2.25-3.13.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.25-3.13.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", }, product_reference: "susemanager-4.2.25-3.13.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-doc-indexes-4.2-12.11.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", }, product_reference: "susemanager-doc-indexes-4.2-12.11.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.2-12.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", }, product_reference: "susemanager-docs_en-4.2-12.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.2-12.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", }, product_reference: "susemanager-docs_en-pdf-4.2-12.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.2.18-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", }, product_reference: "susemanager-schema-4.2.18-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.2.18-3.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", }, product_reference: "susemanager-sls-4.2.18-3.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-sync-data-4.2.9-3.9.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", }, product_reference: "susemanager-sync-data-4.2.9-3.9.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.25-3.13.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", }, product_reference: "susemanager-tools-4.2.25-3.13.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.25-3.13.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", }, product_reference: "susemanager-tools-4.2.25-3.13.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.25-3.13.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", }, product_reference: "susemanager-tools-4.2.25-3.13.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-web-libs-4.2.23-3.9.3.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", }, product_reference: "susemanager-web-libs-4.2.23-3.9.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.2.18-3.11.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", }, product_reference: "uyuni-config-modules-4.2.18-3.11.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtualization-formulas-0.6.1-8.3.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", }, product_reference: "virtualization-formulas-0.6.1-8.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-21996", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-21996", }, ], notes: [ { category: "general", text: "An issue was discovered in SaltStack Salt before 3003.3. A user who has control of the source, and source_hash URLs can gain full file system access as root on a salt minion.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-21996", url: "https://www.suse.com/security/cve/CVE-2021-21996", }, { category: "external", summary: "SUSE Bug 1190265 for CVE-2021-21996", url: "https://bugzilla.suse.com/1190265", }, { category: "external", summary: "SUSE Bug 1210934 for CVE-2021-21996", url: "https://bugzilla.suse.com/1210934", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 4.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-10-27T13:30:01Z", details: "moderate", }, ], title: "CVE-2021-21996", }, { cve: "CVE-2021-40348", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-40348", }, ], notes: [ { category: "general", text: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-40348", url: "https://www.suse.com/security/cve/CVE-2021-40348", }, { category: "external", summary: "SUSE Bug 1190040 for CVE-2021-40348", url: "https://bugzilla.suse.com/1190040", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Server Module 4.2:cobbler-3.1.2-5.11.1.noarch", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.ppc64le", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.s390x", "SUSE Manager Server Module 4.2:hub-xmlrpc-api-0.7-3.3.3.x86_64", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.0.5-8.6.3.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_retail-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.ppc64le", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.s390x", "SUSE Manager Server Module 4.2:patterns-suma_server-4.2-4.3.1.x86_64", "SUSE Manager Server Module 4.2:py26-compat-salt-2016.11.10-11.28.9.1.noarch", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.ppc64le", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.s390x", "SUSE Manager Server Module 4.2:py26-compat-tornado-4.2.1-3.3.1.x86_64", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-7.7.11.1.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacecmd-4.2.13-4.9.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.9-3.6.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.17-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.13-3.9.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.14-4.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.30-3.14.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:spacewalk-utils-extras-4.2.14-3.9.3.noarch", "SUSE Manager Server Module 4.2:subscription-matcher-0.27-6.3.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.3-3.3.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-12.11.3.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-12.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.18-3.9.3.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sync-data-4.2.9-3.9.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.25-3.13.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-web-libs-4.2.23-3.9.3.noarch", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.18-3.11.1.noarch", "SUSE Manager Server Module 4.2:virtualization-formulas-0.6.1-8.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-10-27T13:30:01Z", details: "important", }, ], title: "CVE-2021-40348", }, ], }
ghsa-h847-jmmj-x7rc
Vulnerability from github
Published
2022-05-24 19:19
Modified
2022-11-14 19:00
Severity ?
Details
Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.
{ affected: [], aliases: [ "CVE-2021-40348", ], database_specific: { cwe_ids: [ "CWE-94", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2021-11-01T05:15:00Z", severity: "HIGH", }, details: "Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account with Sudo, according to the installation setup. This can lead to the ability of an attacker to use --option to append arbitrary code to a root-owned file that eventually will be executed by the system. This is fixed in Uyuni spacewalk-admin 4.3.2-1.", id: "GHSA-h847-jmmj-x7rc", modified: "2022-11-14T19:00:26Z", published: "2022-05-24T19:19:21Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-40348", }, { type: "WEB", url: "https://github.com/uyuni-project/uyuni/commit/790c7388efac6923c5475e01c1ff718dffa9f052", }, { type: "WEB", url: "http://www.openwall.com/lists/oss-security/2021/10/28/4", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.