Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2022-0860
Vulnerability from cvelistv5
Published
2022-03-11 12:50
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| cobbler | cobbler/cobbler |
Version: unspecified < 3.3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:40:04.519Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { name: "FEDORA-2022-224e71968f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { name: "FEDORA-2022-445ec90e7c", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { name: "FEDORA-2022-ad2b0ad61b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "cobbler/cobbler", vendor: "cobbler", versions: [ { lessThan: "3.3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-285", description: "CWE-285 Improper Authorization", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-31T02:06:16", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { name: "FEDORA-2022-224e71968f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { name: "FEDORA-2022-445ec90e7c", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { name: "FEDORA-2022-ad2b0ad61b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, ], source: { advisory: "c458b868-63df-414e-af10-47e3745caa1d", discovery: "EXTERNAL", }, title: "Improper Authorization in cobbler/cobbler", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0860", STATE: "PUBLIC", TITLE: "Improper Authorization in cobbler/cobbler", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "cobbler/cobbler", version: { version_data: [ { version_affected: "<", version_value: "3.3.2", }, ], }, }, ], }, vendor_name: "cobbler", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-285 Improper Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", refsource: "CONFIRM", url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { name: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", refsource: "MISC", url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { name: "FEDORA-2022-224e71968f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { name: "FEDORA-2022-445ec90e7c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { name: "FEDORA-2022-ad2b0ad61b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, ], }, source: { advisory: "c458b868-63df-414e-af10-47e3745caa1d", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0860", datePublished: "2022-03-11T12:50:10", dateReserved: "2022-03-04T00:00:00", dateUpdated: "2024-08-02T23:40:04.519Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.3.2\", \"matchCriteriaId\": \"17C04986-BDCA-44A7-8FF7-52E8A5BABFC9\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A930E247-0B43-43CB-98FF-6CE7B8189835\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.\"}, {\"lang\": \"es\", \"value\": \"Una Autorizaci\\u00f3n Inapropiada en el repositorio GitHub cobbler/cobbler versiones anteriores a 3.3.2\"}]", id: "CVE-2022-0860", lastModified: "2024-11-21T06:39:32.823", metrics: "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}], \"cvssMetricV30\": [{\"source\": \"security@huntr.dev\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:N\", \"baseScore\": 6.4, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2022-03-11T13:15:07.937", references: "[{\"url\": \"https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa\", \"source\": \"security@huntr.dev\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d\", \"source\": \"security@huntr.dev\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/\", \"source\": \"security@huntr.dev\"}, {\"url\": \"https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: "[{\"source\": \"security@huntr.dev\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-285\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2022-0860\",\"sourceIdentifier\":\"security@huntr.dev\",\"published\":\"2022-03-11T13:15:07.937\",\"lastModified\":\"2024-11-21T06:39:32.823\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.\"},{\"lang\":\"es\",\"value\":\"Una Autorización Inapropiada en el repositorio GitHub cobbler/cobbler versiones anteriores a 3.3.2\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"cvssMetricV30\":[{\"source\":\"security@huntr.dev\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@huntr.dev\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.3.2\",\"matchCriteriaId\":\"17C04986-BDCA-44A7-8FF7-52E8A5BABFC9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]}],\"references\":[{\"url\":\"https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa\",\"source\":\"security@huntr.dev\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d\",\"source\":\"security@huntr.dev\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/\",\"source\":\"security@huntr.dev\"},{\"url\":\"https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
pysec-2022-177
Vulnerability from pysec
Published
2022-03-11 13:15
Modified
2022-04-11 00:47
Details
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
Impacted products
| Name | purl |
|---|---|
| cobbler | pkg:pypi/cobbler |
Aliases
{ affected: [ { package: { ecosystem: "PyPI", name: "cobbler", purl: "pkg:pypi/cobbler", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "9044aa990a94752fa5bd5a24051adde099280bfa", }, ], repo: "https://github.com/cobbler/cobbler", type: "GIT", }, { events: [ { introduced: "0", }, { fixed: "3.3.2", }, ], type: "ECOSYSTEM", }, ], versions: [ "0.6.3-2", "3.1.2", "3.2.1", "3.2.2", "3.3.0", "3.3.1", ], }, ], aliases: [ "CVE-2022-0860", "GHSA-mcg6-h362-cmq5", ], details: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", id: "PYSEC-2022-177", modified: "2022-04-11T00:47:24.533946Z", published: "2022-03-11T13:15:00Z", references: [ { type: "WEB", url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { type: "FIX", url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-mcg6-h362-cmq5", }, ], }
gsd-2022-0860
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
Aliases
Aliases
{ GSD: { alias: "CVE-2022-0860", description: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", id: "GSD-2022-0860", references: [ "https://www.suse.com/security/cve/CVE-2022-0860.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-0860", ], details: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", id: "GSD-2022-0860", modified: "2023-12-13T01:19:11.781375Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0860", STATE: "PUBLIC", TITLE: "Improper Authorization in cobbler/cobbler", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "cobbler/cobbler", version: { version_data: [ { version_affected: "<", version_value: "3.3.2", }, ], }, }, ], }, vendor_name: "cobbler", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-285 Improper Authorization", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", refsource: "CONFIRM", url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { name: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", refsource: "MISC", url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { name: "FEDORA-2022-224e71968f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { name: "FEDORA-2022-445ec90e7c", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { name: "FEDORA-2022-ad2b0ad61b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, ], }, source: { advisory: "c458b868-63df-414e-af10-47e3745caa1d", discovery: "EXTERNAL", }, }, "gitlab.com": { advisories: [ { affected_range: "<3.3.2", affected_versions: "All versions before 3.3.2", cwe_ids: [ "CWE-1035", "CWE-937", ], date: "2022-03-11", description: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", fixed_versions: [ "3.3.2", ], identifier: "CVE-2022-0860", identifiers: [ "GHSA-mcg6-h362-cmq5", "CVE-2022-0860", ], not_impacted: "All versions starting from 3.3.2", package_slug: "pypi/Cobbler", pubdate: "2022-03-11", solution: "Upgrade to version 3.3.2 or above.", title: "Improper Authorization in cobbler", urls: [ "https://github.com/cobbler/cobbler/security/advisories/GHSA-mcg6-h362-cmq5", "https://nvd.nist.gov/vuln/detail/CVE-2022-0860", "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", "https://github.com/advisories/GHSA-mcg6-h362-cmq5", ], uuid: "475723c9-d999-4a89-a7f0-4ad527660320", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "3.3.2", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0860", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-285", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", refsource: "CONFIRM", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { name: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { name: "FEDORA-2022-224e71968f", refsource: "FEDORA", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { name: "FEDORA-2022-ad2b0ad61b", refsource: "FEDORA", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, { name: "FEDORA-2022-445ec90e7c", refsource: "FEDORA", tags: [ "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, }, }, lastModifiedDate: "2022-05-23T22:05Z", publishedDate: "2022-03-11T13:15Z", }, }, }
suse-su-2022:3761-1
Vulnerability from csaf_suse
Published
2022-10-26 08:58
Modified
2022-10-26 08:58
Summary
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Notes
Title of the patch
Security update for release-notes-susemanager, release-notes-susemanager-proxy
Description of the patch
This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* HTTP API is now fully supported
* Ubuntu 22.04 is now supported as a client
* Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support
* pip support has been added for the Salt Bundle
* Prometheus exporter for Apache has been upgraded to 0.10.0
* CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129
* Bugs mentioned:
bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168
bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629
bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753
bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272
bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728
bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049
bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385
bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484
bsc#1203564, bsc#1203585, bsc#1203611
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.3.2
* Containerized proxy and RBS are now fully supported
* CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129
* Bugs mentioned:
bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788
bsc#1203287, bsc#1203288, bsc#1203585
Patchnames
SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", title: "Title of the patch", }, { category: "description", text: "This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:\n\nRelease notes for SUSE Manager:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * HTTP API is now fully supported\n * Ubuntu 22.04 is now supported as a client\n * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support\n * pip support has been added for the Salt Bundle \n * Prometheus exporter for Apache has been upgraded to 0.10.0\n * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129\n * Bugs mentioned:\n bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168\n bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629\n bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753\n bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272\n bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728\n bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049\n bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385\n bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484\n bsc#1203564, bsc#1203585, bsc#1203611 \n\nRelease notes for SUSE Manager Proxy:\n\n- Update to SUSE Manager 4.3.2\n * Containerized proxy and RBS are now fully supported\n * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129\n * Bugs mentioned:\n bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788\n bsc#1203287, bsc#1203288, bsc#1203585 \n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3761,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2022-3761,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2022-3761", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3761-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3761-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223761-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3761-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012707.html", }, { category: "self", summary: "SUSE Bug 1191857", url: "https://bugzilla.suse.com/1191857", }, { category: "self", summary: "SUSE Bug 1195624", url: "https://bugzilla.suse.com/1195624", }, { category: "self", summary: "SUSE Bug 1196729", url: "https://bugzilla.suse.com/1196729", }, { category: "self", summary: "SUSE Bug 1197027", url: "https://bugzilla.suse.com/1197027", }, { category: "self", summary: "SUSE Bug 1198168", url: "https://bugzilla.suse.com/1198168", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199726", url: "https://bugzilla.suse.com/1199726", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200573", url: "https://bugzilla.suse.com/1200573", }, { category: "self", summary: "SUSE Bug 1200629", url: "https://bugzilla.suse.com/1200629", }, { category: "self", summary: "SUSE Bug 1201210", url: "https://bugzilla.suse.com/1201210", }, { category: "self", summary: "SUSE Bug 1201220", url: "https://bugzilla.suse.com/1201220", }, { category: "self", summary: "SUSE Bug 1201260", url: "https://bugzilla.suse.com/1201260", }, { category: "self", summary: "SUSE Bug 1201589", url: "https://bugzilla.suse.com/1201589", }, { category: "self", summary: "SUSE Bug 1201626", url: "https://bugzilla.suse.com/1201626", }, { category: "self", summary: "SUSE Bug 1201753", url: "https://bugzilla.suse.com/1201753", }, { category: "self", summary: "SUSE Bug 1201788", url: "https://bugzilla.suse.com/1201788", }, { category: "self", summary: "SUSE Bug 1201913", url: "https://bugzilla.suse.com/1201913", }, { category: "self", summary: "SUSE Bug 1201918", url: "https://bugzilla.suse.com/1201918", }, { category: "self", summary: "SUSE Bug 1202271", url: "https://bugzilla.suse.com/1202271", }, { category: "self", summary: "SUSE Bug 1202272", url: "https://bugzilla.suse.com/1202272", }, { category: "self", summary: "SUSE Bug 1202367", url: "https://bugzilla.suse.com/1202367", }, { category: "self", summary: "SUSE Bug 1202455", url: "https://bugzilla.suse.com/1202455", }, { category: "self", summary: "SUSE Bug 1202464", url: "https://bugzilla.suse.com/1202464", }, { category: "self", summary: "SUSE Bug 1202602", url: "https://bugzilla.suse.com/1202602", }, { category: "self", summary: "SUSE Bug 1202728", url: "https://bugzilla.suse.com/1202728", }, { category: "self", summary: "SUSE Bug 1202729", url: "https://bugzilla.suse.com/1202729", }, { category: "self", summary: "SUSE Bug 1202805", url: "https://bugzilla.suse.com/1202805", }, { category: "self", summary: "SUSE Bug 1202899", url: "https://bugzilla.suse.com/1202899", }, { category: "self", summary: "SUSE Bug 1203026", url: "https://bugzilla.suse.com/1203026", }, { category: "self", summary: "SUSE Bug 1203049", url: "https://bugzilla.suse.com/1203049", }, { category: "self", summary: "SUSE Bug 1203056", url: "https://bugzilla.suse.com/1203056", }, { category: "self", summary: "SUSE Bug 1203169", url: "https://bugzilla.suse.com/1203169", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203385", url: "https://bugzilla.suse.com/1203385", }, { category: "self", summary: "SUSE Bug 1203406", url: "https://bugzilla.suse.com/1203406", }, { category: "self", summary: "SUSE Bug 1203422", url: "https://bugzilla.suse.com/1203422", }, { category: "self", summary: "SUSE Bug 1203449", url: "https://bugzilla.suse.com/1203449", }, { category: "self", summary: "SUSE Bug 1203478", url: "https://bugzilla.suse.com/1203478", }, { category: "self", summary: "SUSE Bug 1203484", url: "https://bugzilla.suse.com/1203484", }, { category: "self", summary: "SUSE Bug 1203564", url: "https://bugzilla.suse.com/1203564", }, { category: "self", summary: "SUSE Bug 1203585", url: "https://bugzilla.suse.com/1203585", }, { category: "self", summary: "SUSE Bug 1203611", url: "https://bugzilla.suse.com/1203611", }, { category: "self", summary: "SUSE CVE CVE-2021-41411 page", url: "https://www.suse.com/security/cve/CVE-2021-41411/", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2021-43138 page", url: "https://www.suse.com/security/cve/CVE-2021-43138/", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, ], title: "Security update for release-notes-susemanager, release-notes-susemanager-proxy", tracking: { current_release_date: "2022-10-26T08:58:54Z", generator: { date: "2022-10-26T08:58:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3761-1", initial_release_date: "2022-10-26T08:58:54Z", revision_history: [ { date: "2022-10-26T08:58:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.aarch64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.i586", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", product: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", product_id: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", }, }, { category: "product_version", name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", product: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", product_id: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy 4.3", product: { name: "SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Retail Branch Server 4.3", product: { name: "SUSE Manager Retail Branch Server 4.3", product_id: "SUSE Manager Retail Branch Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-retail-branch-server:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.3", product: { name: "SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64 as component of SUSE Manager Retail Branch Server 4.3", product_id: "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", }, product_reference: "release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64 as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", }, product_reference: "release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.3", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41411", }, ], notes: [ { category: "general", text: "drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-41411", url: "https://www.suse.com/security/cve/CVE-2021-41411", }, { category: "external", summary: "SUSE Bug 1200629 for CVE-2021-41411", url: "https://bugzilla.suse.com/1200629", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2021-41411", }, { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2021-43138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-43138", }, ], notes: [ { category: "general", text: "In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-43138", url: "https://www.suse.com/security/cve/CVE-2021-43138", }, { category: "external", summary: "SUSE Bug 1200480 for CVE-2021-43138", url: "https://bugzilla.suse.com/1200480", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2021-43138", }, { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2022-0860", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Retail Branch Server 4.3:release-notes-susemanager-proxy-4.3.2-150400.3.9.3.x86_64", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.ppc64le", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.s390x", "SUSE Manager Server 4.3:release-notes-susemanager-4.3.2-150400.3.15.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:58:54Z", details: "important", }, ], title: "CVE-2022-31129", }, ], }
suse-su-2022:3750-1
Vulnerability from csaf_suse
Published
2022-10-26 08:45
Modified
2022-10-26 08:45
Summary
Security update for SUSE Manager Server 4.3
Notes
Title of the patch
Security update for SUSE Manager Server 4.3
Description of the patch
This update fixes the following issues:
cobbler:
- Consider case of 'next_server' being a hostname during migration of Cobbler collections.
- Fix problem with 'proxy_url_ext' setting being None type.
- Fix settings migration schema to work while upgrading on existing running
Uyuni and SUSE Manager servers running with old Cobbler settings (bsc#1203478)
- Do generate boot menus even if no profiles or systems - only local boot
- Avoid crashing running buildiso in certain conditions.
- Fix issue that a custom kernel with the extension '.kernel' is not
accepted by 'cobbler distro add'
- Fix issue with 'get_item_resolved_value' that prevented it from
returning in cases where a complex object would have been returned
- Fix issue where the logs would have been spammed with 'grab_tree'
messages that are meant for debugging
- Buildiso - Fix DNS append line generation
- Change apache2 conf dir for SUSE distros to allow integration with
Uyuni and SUSE Manager
- Avoid permissions errors during cobbler sync
- Update to version 3.3.3
- Add UEFI capabilities to 'cobbler buildiso' (jsc#SUMA-112)
- Relevant changes on this release:
* New:
* Uyuni Proxies can now be set with the schema validation.
* Cobbler should now build on AlmaLinux.
* The initrd is not required anymore as it is an optional file.
* XML-RPC: Added dump_vars endpoint. This is intended to replace get_blended_data as of 3.4.0.
* XML-RPC: Added get_item_resolved_value & set_item_resolved_value endpoints.
* Breaking Changes:
* The field virt_file_size is now a float and the related settings as well.
* Changes:
* The error messages for duplicated objects now contains the name of the duplicated object.
* Bugfixes:
* Dictionaries had the wrong value set for <<inherit>>.
* There were some cases in which the autoinstallation manager was handed the wrong object and then crashed.
* The inheritance of the owners field was fixed.
* Serial Console options should not contain bogous -1 value anymore.
* HTTP API should not throw permission errors anymore.
* During build the log was not visible due to a custom logger without output.
* cobbler mkloaders now also copies dependencies of menu.c32.
* We now generate the grub configuration for the architectures correct again.
* virt_file_size now is a float at all times.
* Cobbler should restart successfully now if you have attached an image to a system.
* If you have a system named default the bootloader was not removed properly before.
* cobbler buildiso: The isolinux.cfg was not properly formatted.
* There were unharmful templating errors in the log related to redhat_management_type. The parts depending on this
were removed.
* The DNS managers were non-functional before because of a not existing function call.
* cobbler buildiso failed with --tmpdirs that don't end in buildiso.
* cobbler buildiso had outdated docs and help messages for some parameters.
* cobbler import: It was impossible to import Rocky Linux 8.5 successfully.
* Cobbler created duplicated settings files before.
* cobbler sync was broken by refactoring to shell=False before.
- CVE-2022-0860: Improper Authorization in Cobbler. (bsc#1197027)
- Version 3.3.0 fixed jsc#SUMA-112
- Update to version 3.3.2
* cobbler sync doesn't have to be executed no more after enable_ipxe was flipped
* Auth: Support for Global Secure Catalog via LDAP provider
* Reposync now deletes old metadata to prevent metadata merge conflicts
* The automigration of the settings is now not enabled per default.
* We removed ppc from RedHat EL 7 as it is not supported
* Network interface is not subscriptable errors were fixed
* The stacktraces related to the package and file pre & post triggers should no longer appear
* You should be able to add multiple initrds if needed again
* Debian: Fix regex for SHIM_FILE which now provides a working reasonable default
drools:
- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java (bsc#1200629)
image-sync-formula:
- Update to version 0.1.1661440542.6cbe0da
* Sort boot images by version instead of name-version (bsc#1196729)
* Do not send events if syncing fails
inter-server-sync:
* Compress exported sql data and decompress during import
* Add gzip dependency to decompress data file during import process
locale-formula:
- Update to version 0.3
* Remove .map.gz from kb_map dictionary (bsc#1203406)
python-urlgrabber:
- Avoid crashing when setting URLGRABBER_DEBUG=1 environment variable
reprepro:
- Update from version 5.3.0 to version 5.4.0
* Add shunit2 based tests
* Support multiple versions
* Add the commands move, movesrc, movematched, movefilter
* Add Limit and Archive option
* fix manpage to add the behaviour if reprepro is linked against liblzma
* Mark 'dumpcontents' command as deprecated
saltboot-formula:
- Update to version 0.1.1661440542.6cbe0da
* Fallback to local boot if the configured image is not synced
* Support salt bundle
spacecmd:
- Version 4.3.15-1
* Process date values in spacecmd api calls (bsc#1198903)
spacewalk-admin:
- Version 4.3.10-1
* Ensure 'cobbler mkloaders' is executed after restarting services
* Add --help option to mgr-monitoring-ctl
* reportdb access: force new report_db_sslrootcert if previous default is set
spacewalk-backend:
- Version 4.3.16-1
* Prevent mixing credentials for proxy and repository server
while using basic authentication and avoid hiding errors
i.e. timeouts while having proxy settings issues
with extra logging in verbose mode (bsc#1201788)
* Fix the condition of hiding the token from URL on logging
* export armored GPG key to salt filesystem as well
* Upgrade Cobbler requirement to 3.3.3 or later
* Make reposync use the configured http proxy with mirrorlist (bsc#1198168)
spacewalk-certs-tools:
- Version 4.3.15-1
* fix mgr-ssl-cert-setup for root CAs which do not set authorityKeyIdentifier (bsc#1203585)
spacewalk-client-tools:
- Version 4.3.12-1
* Update translation strings
spacewalk-java:
- version 4.3.38-1
* delay hardware refresh action to avoid missing channels (bsc#1204208)
- Version 4.3.37-1
* Fix get_item_resolved_value call
- Version 4.3.36-1
* Fix prerequisite action serialization (bsc#1202899, bsc#1203484)
* Fix hardware update where there is no DNS FQDN changes (bsc#1203611)
* Fix UI crash when filtering on systems list (bsc#1203169)
* Filter out successors that have no repositories on SP migration (bsc#1202367)
* Reduced the usage of deprecated Hibernate API
* Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)
* Support Pay-as-you-go new CA location for SUSE Linux Enterprise Server 15 SP4 and higher (bsc#1202729)
* Fixed pagination for completed/failed systems in action details
* Add support in rhn.conf for smtp port, auth, ssl/tls config
* Calculate dependencies between cloned channels of vendor channels (bsc#1201626)
* Fix sync for external repositories (bsc#1201753)
* Detect the clients running on Amazon EC2 (bsc#1195624)
* Adjust cobbler requirement to version 3.3.3
* Support inherited values for kernel options from Cobbler API
* Fix virtFileSize type after cobbler upgrade
* Redefine available power_management.types for cobbler >= 3.3.1
* fix state.apply result parsing in test mode (bsc#1201913)
* require tomcat native interface to prevent misleading warning
in tomcat startup log (bsc#1202455)
* Reduce the length of image channel URL (bsc#1201220)
* Fixed formula deselection in systemgroup (bsc#1202271)
* Added a new configuration property to allow custom channels to
be synced together with vendor channels.
* add onlyRelevant argument to addErrataUpdate API
* fix taskomatic task remain in progress
spacewalk-search:
- Version 4.3.7-1
* update dependencies after package rename
spacewalk-setup:
- version 4.3.12
* Fix detected issues to perform migration of Cobbler settings
and collections.
- Version 4.3.11-1
* Trigger migration of Cobbler settings and collections if necessary
during package installation (bsc#1203478)
* Execute 'cobbler mkloaders' when setting up cobbler
* Adjust next_server cobbler settings for cobbler >= 3.3.1
* fix prototype missmatch in idn_to_ascii (bsc#1203385)
spacewalk-utils:
- Version 4.3.14-1
* Make spacewalk-hostname-rename working with settings.yaml cobbler config file (bsc#1203564)
* spacewalk-common-channels now syncs the channels automatically
on creation, if the new configuration property named
'unify_custom_channel_management' is enabled
spacewalk-web:
- Version 4.3.24-1
* Upgrade moment-timezone
* CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)
* CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287)
* CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)
* Fix table header layout for unselectable tables
subscription-matcher:
- Added Guava maximum version requirement
susemanager:
- Version 4.3.19-1
* mark new dependencies for python-py optional in bootstrap repo
to fix generation for older service packs (bsc#1203449)
* add bootstrap repository definition for OES2023 (bsc#1202602)
* add missing packages on SUSE Linux Enterprise Server 15
* remove server-migrator.sh from SUSE Manager installations (bsc#1202728)
* create bootstrap repository data for Ubuntu 22.04 Vendor Channels
* remove obsoleted sysv init script (bsc#1191857)
* mgr-create-bootstrap-repo: flush directory also when called
for a specific label (bsc#1200573)
* pg-migrate-x-to-y.sh: improve output (bsc#1201260)
* remove python-tornado from bootstrap repo, since no longer
required for salt version >= 3000
* add missing packages on SUSE Linux Enterprise Server 12 SP5 bootstrap repo (bsc#1201918)
* revert 'bootstrap repo: set optional packages'
susemanager-build-keys:
- Add release and auxiliary GPG keys for RedHat
- Add keys for Rocky Linux 9
* RPM-GPG-KEY-redhat-release
* RPM-GPG-KEY-redhat-auxiliary
* RPM-GPG-KEY-Rocky-9
susemanager-docs_en:
- Removed Debian 9 references due to end of life and added missing Debian 11 info
- Fixed description of default notification settings (bsc#1203422)
- Added missing Debian 11 references
- Documented helm deployment of the proxy on k3s and MetalLB in
Installation and Upgrade Guide
- Added secure mail communication settings in Administration Guide
- Fixed path to state and pillar files
- Documented how pxeboot works with Secure Boot enabled in Client
Configuration Guide
- Add repository via proxy issues troubleshooting page
- Change import GPG key description
- Added SLE Micro 5.2 and 5.3 as available as a technology preview
in Client Configuration Guide, and the IBM Z architecture for 5.1,
5.2, and 5.3
- Added command to remove the obsolete Python module on SUSE Manager
Server 4.1 in the Installation and Upgrade Guide (bsc#1203026)
- Mention CA certificate directory in the proxy setup description in the
Installation and Upgrade Guide (bsc#1202805)
- Documented mandatory channels in the Disconnected Setup chapter of the
Administration Guide (bsc#1202464)
- Documented how to onboard Ubuntu clients with the Salt bundle as a
regular user
- Documented how to onboard Debian clients with the Salt bundle or
plain Salt as a regular user
- Fixed the names of updates channels for Leap
- Fixed errors in OpenSCAP chapter of Administration Guide
- Removed CentOS 8 from the list of supported client systems
- Extend the notes about using noexec option for /tmp and /var/tmp
(bsc#1201210)
- Added Extend Salt Bundle functionality with Python packages using pip
- Salt Configuration Modules are no longer Technology Preview in
the Salt Guide
susemanager-schema:
- Version 4.3.14-1
* Add subtypes for Amazon EC2 virtual instances (bsc#1195624)
* Fix migration of image actions (bsc#1202272)
* improve schema compatibility with Amazon RDS
susemanager-sls:
- Version 4.3.25-1
* Fix mgrnet availability check
* Remove dependence on Kiwi libraries
* disable always the bootstrap repository also when
'mgr_disable_local_repos' is set to False
* Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)
* fix syntax error - remove trailing colon (bsc#1203049)
* Add mgrnet salt module with mgrnet.dns_fqnd function implementation
allowing to get all possible FQDNs from DNS (bsc#1199726)
* Copy grains file with util.mgr_switch_to_venv_minion state apply (bsc#1203056)
* Remove the message 'rpm: command not found' on using Salt SSH
with Debian based systems which has no Salt Bundle
susemanager-sync-data:
- Version 4.3.9-1
* add oes2023 (bsc#1202602)
* add Ubuntu 22.04 amd64
susemanager-tftpsync:
- Version 4.3.2-1
* Adjust sync_post_tftpd_proxies module to cobbler >= 3.3.1
uyuni-common-libs:
- Version 4.3.6-1
* Do not allow creating path if nonexistent user or group in fileutils.
uyuni-reportdb-schema:
- Version 4.3.6-1
* improve schema compatibility with Amazon RDS
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2022-3750,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-3750,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3750
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.3", title: "Title of the patch", }, { category: "description", text: "\nThis update fixes the following issues:\n\ncobbler:\n\n- Consider case of 'next_server' being a hostname during migration of Cobbler collections.\n- Fix problem with 'proxy_url_ext' setting being None type.\n- Fix settings migration schema to work while upgrading on existing running\n Uyuni and SUSE Manager servers running with old Cobbler settings (bsc#1203478)\n- Do generate boot menus even if no profiles or systems - only local boot\n- Avoid crashing running buildiso in certain conditions.\n- Fix issue that a custom kernel with the extension '.kernel' is not\n accepted by 'cobbler distro add'\n- Fix issue with 'get_item_resolved_value' that prevented it from\n returning in cases where a complex object would have been returned\n- Fix issue where the logs would have been spammed with 'grab_tree'\n messages that are meant for debugging\n- Buildiso - Fix DNS append line generation\n- Change apache2 conf dir for SUSE distros to allow integration with\n Uyuni and SUSE Manager\n- Avoid permissions errors during cobbler sync\n- Update to version 3.3.3\n- Add UEFI capabilities to 'cobbler buildiso' (jsc#SUMA-112)\n- Relevant changes on this release:\n * New:\n * Uyuni Proxies can now be set with the schema validation.\n * Cobbler should now build on AlmaLinux.\n * The initrd is not required anymore as it is an optional file.\n * XML-RPC: Added dump_vars endpoint. This is intended to replace get_blended_data as of 3.4.0.\n * XML-RPC: Added get_item_resolved_value & set_item_resolved_value endpoints.\n * Breaking Changes:\n * The field virt_file_size is now a float and the related settings as well.\n * Changes:\n * The error messages for duplicated objects now contains the name of the duplicated object.\n * Bugfixes:\n * Dictionaries had the wrong value set for <<inherit>>.\n * There were some cases in which the autoinstallation manager was handed the wrong object and then crashed.\n * The inheritance of the owners field was fixed.\n * Serial Console options should not contain bogous -1 value anymore.\n * HTTP API should not throw permission errors anymore.\n * During build the log was not visible due to a custom logger without output.\n * cobbler mkloaders now also copies dependencies of menu.c32.\n * We now generate the grub configuration for the architectures correct again.\n * virt_file_size now is a float at all times.\n * Cobbler should restart successfully now if you have attached an image to a system.\n * If you have a system named default the bootloader was not removed properly before.\n * cobbler buildiso: The isolinux.cfg was not properly formatted.\n * There were unharmful templating errors in the log related to redhat_management_type. The parts depending on this\n were removed.\n * The DNS managers were non-functional before because of a not existing function call.\n * cobbler buildiso failed with --tmpdirs that don't end in buildiso.\n * cobbler buildiso had outdated docs and help messages for some parameters.\n * cobbler import: It was impossible to import Rocky Linux 8.5 successfully.\n * Cobbler created duplicated settings files before.\n * cobbler sync was broken by refactoring to shell=False before.\n- CVE-2022-0860: Improper Authorization in Cobbler. (bsc#1197027)\n- Version 3.3.0 fixed jsc#SUMA-112\n- Update to version 3.3.2\n * cobbler sync doesn't have to be executed no more after enable_ipxe was flipped\n * Auth: Support for Global Secure Catalog via LDAP provider\n * Reposync now deletes old metadata to prevent metadata merge conflicts\n * The automigration of the settings is now not enabled per default.\n * We removed ppc from RedHat EL 7 as it is not supported\n * Network interface is not subscriptable errors were fixed\n * The stacktraces related to the package and file pre & post triggers should no longer appear\n * You should be able to add multiple initrds if needed again\n * Debian: Fix regex for SHIM_FILE which now provides a working reasonable default\n\ndrools:\n\n- CVE-2021-41411: XML External Entity injection in KieModuleModelImpl.java (bsc#1200629)\n\nimage-sync-formula:\n\n- Update to version 0.1.1661440542.6cbe0da\n * Sort boot images by version instead of name-version (bsc#1196729)\n * Do not send events if syncing fails\n\ninter-server-sync:\n\n * Compress exported sql data and decompress during import\n * Add gzip dependency to decompress data file during import process\n\nlocale-formula:\n\n- Update to version 0.3\n * Remove .map.gz from kb_map dictionary (bsc#1203406)\n\npython-urlgrabber:\n\n- Avoid crashing when setting URLGRABBER_DEBUG=1 environment variable\n\nreprepro:\n\n- Update from version 5.3.0 to version 5.4.0\n * Add shunit2 based tests \n * Support multiple versions\n * Add the commands move, movesrc, movematched, movefilter\n * Add Limit and Archive option\n * fix manpage to add the behaviour if reprepro is linked against liblzma\n * Mark 'dumpcontents' command as deprecated\n\nsaltboot-formula:\n\n- Update to version 0.1.1661440542.6cbe0da \n * Fallback to local boot if the configured image is not synced\n * Support salt bundle\n\nspacecmd:\n\n- Version 4.3.15-1\n * Process date values in spacecmd api calls (bsc#1198903)\n\nspacewalk-admin:\n\n- Version 4.3.10-1\n * Ensure 'cobbler mkloaders' is executed after restarting services\n * Add --help option to mgr-monitoring-ctl\n * reportdb access: force new report_db_sslrootcert if previous default is set\n\nspacewalk-backend:\n\n- Version 4.3.16-1\n * Prevent mixing credentials for proxy and repository server\n while using basic authentication and avoid hiding errors\n i.e. timeouts while having proxy settings issues\n with extra logging in verbose mode (bsc#1201788)\n * Fix the condition of hiding the token from URL on logging\n * export armored GPG key to salt filesystem as well\n * Upgrade Cobbler requirement to 3.3.3 or later\n * Make reposync use the configured http proxy with mirrorlist (bsc#1198168)\n\nspacewalk-certs-tools:\n\n- Version 4.3.15-1\n * fix mgr-ssl-cert-setup for root CAs which do not set authorityKeyIdentifier (bsc#1203585)\n\nspacewalk-client-tools:\n\n- Version 4.3.12-1\n * Update translation strings\n\nspacewalk-java:\n \n- version 4.3.38-1\n * delay hardware refresh action to avoid missing channels (bsc#1204208)\n- Version 4.3.37-1 \n * Fix get_item_resolved_value call\n- Version 4.3.36-1\n * Fix prerequisite action serialization (bsc#1202899, bsc#1203484)\n * Fix hardware update where there is no DNS FQDN changes (bsc#1203611)\n * Fix UI crash when filtering on systems list (bsc#1203169)\n * Filter out successors that have no repositories on SP migration (bsc#1202367)\n * Reduced the usage of deprecated Hibernate API\n * Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)\n * Support Pay-as-you-go new CA location for SUSE Linux Enterprise Server 15 SP4 and higher (bsc#1202729)\n * Fixed pagination for completed/failed systems in action details\n * Add support in rhn.conf for smtp port, auth, ssl/tls config\n * Calculate dependencies between cloned channels of vendor channels (bsc#1201626)\n * Fix sync for external repositories (bsc#1201753)\n * Detect the clients running on Amazon EC2 (bsc#1195624)\n * Adjust cobbler requirement to version 3.3.3\n * Support inherited values for kernel options from Cobbler API\n * Fix virtFileSize type after cobbler upgrade\n * Redefine available power_management.types for cobbler >= 3.3.1\n * fix state.apply result parsing in test mode (bsc#1201913)\n * require tomcat native interface to prevent misleading warning\n in tomcat startup log (bsc#1202455)\n * Reduce the length of image channel URL (bsc#1201220)\n * Fixed formula deselection in systemgroup (bsc#1202271)\n * Added a new configuration property to allow custom channels to\n be synced together with vendor channels.\n * add onlyRelevant argument to addErrataUpdate API\n * fix taskomatic task remain in progress\n\nspacewalk-search:\n\n- Version 4.3.7-1\n * update dependencies after package rename\n\nspacewalk-setup:\n \n- version 4.3.12\n * Fix detected issues to perform migration of Cobbler settings\n and collections.\n\n- Version 4.3.11-1\n * Trigger migration of Cobbler settings and collections if necessary\n during package installation (bsc#1203478)\n * Execute 'cobbler mkloaders' when setting up cobbler\n * Adjust next_server cobbler settings for cobbler >= 3.3.1\n * fix prototype missmatch in idn_to_ascii (bsc#1203385)\n\nspacewalk-utils:\n\n- Version 4.3.14-1\n * Make spacewalk-hostname-rename working with settings.yaml cobbler config file (bsc#1203564)\n * spacewalk-common-channels now syncs the channels automatically\n on creation, if the new configuration property named\n 'unify_custom_channel_management' is enabled\n\nspacewalk-web:\n\n- Version 4.3.24-1\n * Upgrade moment-timezone\n * CVE-2021-43138: Obtain privileges via the `mapValues()` method. (bsc#1200480)\n * CVE-2021-42740: Command injection in the shell-quote package. (bsc#1203287)\n * CVE-2022-31129: Denial-of-Service moment: inefficient parsing algorithm (bsc#1203288)\n * Fix table header layout for unselectable tables\n\nsubscription-matcher:\n\n- Added Guava maximum version requirement\n\nsusemanager:\n\n- Version 4.3.19-1\n * mark new dependencies for python-py optional in bootstrap repo\n to fix generation for older service packs (bsc#1203449)\n * add bootstrap repository definition for OES2023 (bsc#1202602)\n * add missing packages on SUSE Linux Enterprise Server 15\n * remove server-migrator.sh from SUSE Manager installations (bsc#1202728)\n * create bootstrap repository data for Ubuntu 22.04 Vendor Channels\n * remove obsoleted sysv init script (bsc#1191857)\n * mgr-create-bootstrap-repo: flush directory also when called\n for a specific label (bsc#1200573)\n * pg-migrate-x-to-y.sh: improve output (bsc#1201260)\n * remove python-tornado from bootstrap repo, since no longer\n required for salt version >= 3000\n * add missing packages on SUSE Linux Enterprise Server 12 SP5 bootstrap repo (bsc#1201918)\n * revert 'bootstrap repo: set optional packages'\n\nsusemanager-build-keys:\n\n- Add release and auxiliary GPG keys for RedHat\n- Add keys for Rocky Linux 9\n * RPM-GPG-KEY-redhat-release\n * RPM-GPG-KEY-redhat-auxiliary\n * RPM-GPG-KEY-Rocky-9\n\nsusemanager-docs_en:\n\n- Removed Debian 9 references due to end of life and added missing Debian 11 info\n- Fixed description of default notification settings (bsc#1203422)\n- Added missing Debian 11 references\n- Documented helm deployment of the proxy on k3s and MetalLB in \n Installation and Upgrade Guide\n- Added secure mail communication settings in Administration Guide\n- Fixed path to state and pillar files\n- Documented how pxeboot works with Secure Boot enabled in Client\n Configuration Guide\n- Add repository via proxy issues troubleshooting page\n- Change import GPG key description\n- Added SLE Micro 5.2 and 5.3 as available as a technology preview \n in Client Configuration Guide, and the IBM Z architecture for 5.1, \n 5.2, and 5.3\n- Added command to remove the obsolete Python module on SUSE Manager \n Server 4.1 in the Installation and Upgrade Guide (bsc#1203026)\n- Mention CA certificate directory in the proxy setup description in the\n Installation and Upgrade Guide (bsc#1202805)\n- Documented mandatory channels in the Disconnected Setup chapter of the\n Administration Guide (bsc#1202464)\n- Documented how to onboard Ubuntu clients with the Salt bundle as a\n regular user\n- Documented how to onboard Debian clients with the Salt bundle or \n plain Salt as a regular user\n- Fixed the names of updates channels for Leap\n- Fixed errors in OpenSCAP chapter of Administration Guide\n- Removed CentOS 8 from the list of supported client systems\n- Extend the notes about using noexec option for /tmp and /var/tmp \n (bsc#1201210)\n- Added Extend Salt Bundle functionality with Python packages using pip\n- Salt Configuration Modules are no longer Technology Preview in \n the Salt Guide\n\nsusemanager-schema:\n\n- Version 4.3.14-1\n * Add subtypes for Amazon EC2 virtual instances (bsc#1195624)\n * Fix migration of image actions (bsc#1202272)\n * improve schema compatibility with Amazon RDS\n\nsusemanager-sls:\n\n- Version 4.3.25-1\n * Fix mgrnet availability check\n * Remove dependence on Kiwi libraries\n * disable always the bootstrap repository also when\n 'mgr_disable_local_repos' is set to False\n * Use mgrnet.dns_fqdns module to improve FQDN detection (bsc#1199726)\n * fix syntax error - remove trailing colon (bsc#1203049)\n * Add mgrnet salt module with mgrnet.dns_fqnd function implementation\n allowing to get all possible FQDNs from DNS (bsc#1199726)\n * Copy grains file with util.mgr_switch_to_venv_minion state apply (bsc#1203056)\n * Remove the message 'rpm: command not found' on using Salt SSH\n with Debian based systems which has no Salt Bundle\n\nsusemanager-sync-data:\n\n- Version 4.3.9-1\n * add oes2023 (bsc#1202602)\n * add Ubuntu 22.04 amd64\n\nsusemanager-tftpsync:\n\n- Version 4.3.2-1\n * Adjust sync_post_tftpd_proxies module to cobbler >= 3.3.1\n\nuyuni-common-libs:\n\n- Version 4.3.6-1\n * Do not allow creating path if nonexistent user or group in fileutils.\n\nuyuni-reportdb-schema:\n\n- Version 4.3.6-1\n * improve schema compatibility with Amazon RDS\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-3750,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-3750,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3750", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3750-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:3750-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20223750-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:3750-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012699.html", }, { category: "self", summary: "SUSE Bug 1191857", url: "https://bugzilla.suse.com/1191857", }, { category: "self", summary: "SUSE Bug 1195624", url: "https://bugzilla.suse.com/1195624", }, { category: "self", summary: "SUSE Bug 1196729", url: "https://bugzilla.suse.com/1196729", }, { category: "self", summary: "SUSE Bug 1197027", url: "https://bugzilla.suse.com/1197027", }, { category: "self", summary: "SUSE Bug 1198168", url: "https://bugzilla.suse.com/1198168", }, { category: "self", summary: "SUSE Bug 1198903", url: "https://bugzilla.suse.com/1198903", }, { category: "self", summary: "SUSE Bug 1199726", url: "https://bugzilla.suse.com/1199726", }, { category: "self", summary: "SUSE Bug 1200480", url: "https://bugzilla.suse.com/1200480", }, { category: "self", summary: "SUSE Bug 1200573", url: "https://bugzilla.suse.com/1200573", }, { category: "self", summary: "SUSE Bug 1200629", url: "https://bugzilla.suse.com/1200629", }, { category: "self", summary: "SUSE Bug 1201210", url: "https://bugzilla.suse.com/1201210", }, { category: "self", summary: "SUSE Bug 1201220", url: "https://bugzilla.suse.com/1201220", }, { category: "self", summary: "SUSE Bug 1201260", url: "https://bugzilla.suse.com/1201260", }, { category: "self", summary: "SUSE Bug 1201626", url: "https://bugzilla.suse.com/1201626", }, { category: "self", summary: "SUSE Bug 1201753", url: "https://bugzilla.suse.com/1201753", }, { category: "self", summary: "SUSE Bug 1201788", url: "https://bugzilla.suse.com/1201788", }, { category: "self", summary: "SUSE Bug 1201913", url: "https://bugzilla.suse.com/1201913", }, { category: "self", summary: "SUSE Bug 1201918", url: "https://bugzilla.suse.com/1201918", }, { category: "self", summary: "SUSE Bug 1202271", url: "https://bugzilla.suse.com/1202271", }, { category: "self", summary: "SUSE Bug 1202272", url: "https://bugzilla.suse.com/1202272", }, { category: "self", summary: "SUSE Bug 1202367", url: "https://bugzilla.suse.com/1202367", }, { category: "self", summary: "SUSE Bug 1202455", url: "https://bugzilla.suse.com/1202455", }, { category: "self", summary: "SUSE Bug 1202464", url: "https://bugzilla.suse.com/1202464", }, { category: "self", summary: "SUSE Bug 1202602", url: "https://bugzilla.suse.com/1202602", }, { category: "self", summary: "SUSE Bug 1202728", url: "https://bugzilla.suse.com/1202728", }, { category: "self", summary: "SUSE Bug 1202729", url: "https://bugzilla.suse.com/1202729", }, { category: "self", summary: "SUSE Bug 1202805", url: "https://bugzilla.suse.com/1202805", }, { category: "self", summary: "SUSE Bug 1202899", url: "https://bugzilla.suse.com/1202899", }, { category: "self", summary: "SUSE Bug 1203026", url: "https://bugzilla.suse.com/1203026", }, { category: "self", summary: "SUSE Bug 1203049", url: "https://bugzilla.suse.com/1203049", }, { category: "self", summary: "SUSE Bug 1203056", url: "https://bugzilla.suse.com/1203056", }, { category: "self", summary: "SUSE Bug 1203169", url: "https://bugzilla.suse.com/1203169", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203385", url: "https://bugzilla.suse.com/1203385", }, { category: "self", summary: "SUSE Bug 1203406", url: "https://bugzilla.suse.com/1203406", }, { category: "self", summary: "SUSE Bug 1203422", url: "https://bugzilla.suse.com/1203422", }, { category: "self", summary: "SUSE Bug 1203449", url: "https://bugzilla.suse.com/1203449", }, { category: "self", summary: "SUSE Bug 1203478", url: "https://bugzilla.suse.com/1203478", }, { category: "self", summary: "SUSE Bug 1203484", url: "https://bugzilla.suse.com/1203484", }, { category: "self", summary: "SUSE Bug 1203564", url: "https://bugzilla.suse.com/1203564", }, { category: "self", summary: "SUSE Bug 1203585", url: "https://bugzilla.suse.com/1203585", }, { category: "self", summary: "SUSE Bug 1203611", url: "https://bugzilla.suse.com/1203611", }, { category: "self", summary: "SUSE Bug 1204208", url: "https://bugzilla.suse.com/1204208", }, { category: "self", summary: "SUSE CVE CVE-2021-41411 page", url: "https://www.suse.com/security/cve/CVE-2021-41411/", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, ], title: "Security update for SUSE Manager Server 4.3", tracking: { current_release_date: "2022-10-26T08:45:32Z", generator: { date: "2022-10-26T08:45:32Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:3750-1", initial_release_date: "2022-10-26T08:45:32Z", revision_history: [ { date: "2022-10-26T08:45:32Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150400.3.6.1.aarch64", product: { name: "inter-server-sync-0.2.3-150400.3.6.1.aarch64", product_id: "inter-server-sync-0.2.3-150400.3.6.1.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", product: { name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", product_id: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", product: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", product_id: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.aarch64", }, }, { category: "product_version", name: "reprepro-5.4.0-150400.3.6.1.aarch64", product: { name: "reprepro-5.4.0-150400.3.6.1.aarch64", product_id: "reprepro-5.4.0-150400.3.6.1.aarch64", }, }, { category: "product_version", name: "susemanager-4.3.19-150400.3.6.4.aarch64", product: { name: "susemanager-4.3.19-150400.3.6.4.aarch64", product_id: "susemanager-4.3.19-150400.3.6.4.aarch64", }, }, { category: "product_version", name: "susemanager-tftpsync-4.3.2-150400.3.3.4.aarch64", product: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.aarch64", product_id: "susemanager-tftpsync-4.3.2-150400.3.3.4.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.3.19-150400.3.6.4.aarch64", product: { name: "susemanager-tools-4.3.19-150400.3.6.4.aarch64", product_id: "susemanager-tools-4.3.19-150400.3.6.4.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cobbler-3.3.3-150400.5.7.1.noarch", product: { name: "cobbler-3.3.3-150400.5.7.1.noarch", product_id: "cobbler-3.3.3-150400.5.7.1.noarch", }, }, { category: "product_version", name: "cobbler-tests-3.3.3-150400.5.7.1.noarch", product: { name: "cobbler-tests-3.3.3-150400.5.7.1.noarch", product_id: "cobbler-tests-3.3.3-150400.5.7.1.noarch", }, }, { category: "product_version", name: "drools-7.17.0-150400.3.6.1.noarch", product: { name: "drools-7.17.0-150400.3.6.1.noarch", product_id: "drools-7.17.0-150400.3.6.1.noarch", }, }, { category: "product_version", name: "image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", product: { name: "image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", product_id: "image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", }, }, { category: "product_version", name: "locale-formula-0.3-150400.3.3.1.noarch", product: { name: "locale-formula-0.3-150400.3.3.1.noarch", product_id: "locale-formula-0.3-150400.3.3.1.noarch", }, }, { category: "product_version", name: "mgr-daemon-4.3.6-150400.3.6.4.noarch", product: { name: "mgr-daemon-4.3.6-150400.3.6.4.noarch", product_id: "mgr-daemon-4.3.6-150400.3.6.4.noarch", }, }, { category: "product_version", name: "python3-schema-0.6.7-150400.10.3.1.noarch", product: { name: "python3-schema-0.6.7-150400.10.3.1.noarch", product_id: "python3-schema-0.6.7-150400.10.3.1.noarch", }, }, { category: "product_version", name: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", product: { name: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", product_id: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", product: { name: "python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", product_id: "python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", product: { name: "python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", product_id: "python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", product: { name: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", product_id: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "python3-urlgrabber-4.1.0-150400.3.6.1.noarch", product: { name: "python3-urlgrabber-4.1.0-150400.3.6.1.noarch", product_id: "python3-urlgrabber-4.1.0-150400.3.6.1.noarch", }, }, { category: "product_version", name: "saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", product: { name: "saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", product_id: "saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", }, }, { category: "product_version", name: "spacecmd-4.3.15-150400.3.6.4.noarch", product: { name: "spacecmd-4.3.15-150400.3.6.4.noarch", product_id: "spacecmd-4.3.15-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.3.10-150400.3.3.2.noarch", product: { name: "spacewalk-admin-4.3.10-150400.3.3.2.noarch", product_id: "spacewalk-admin-4.3.10-150400.3.3.2.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-cdn-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-cdn-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", product: { name: "spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", product_id: "spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-base-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-base-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", product: { name: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", product_id: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.3.12-150400.3.6.6.noarch", product: { name: "spacewalk-check-4.3.12-150400.3.6.6.noarch", product_id: "spacewalk-check-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", product: { name: "spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", product_id: "spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", product: { name: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", product_id: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-dobby-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-dobby-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-html-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-html-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.3.24-150400.3.6.4.noarch", product: { name: "spacewalk-html-debug-4.3.24-150400.3.6.4.noarch", product_id: "spacewalk-html-debug-4.3.24-150400.3.6.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-java-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-java-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-java-apidoc-sources-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-java-apidoc-sources-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-java-config-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-java-config-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-search-4.3.7-150400.3.6.2.noarch", product: { name: "spacewalk-search-4.3.7-150400.3.6.2.noarch", product_id: "spacewalk-search-4.3.7-150400.3.6.2.noarch", }, }, { category: "product_version", name: "spacewalk-setup-4.3.12-150400.3.8.1.noarch", product: { name: "spacewalk-setup-4.3.12-150400.3.8.1.noarch", product_id: "spacewalk-setup-4.3.12-150400.3.8.1.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", product: { name: "spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", product_id: "spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", }, }, { category: "product_version", name: "spacewalk-utils-4.3.14-150400.3.6.3.noarch", product: { name: "spacewalk-utils-4.3.14-150400.3.6.3.noarch", product_id: "spacewalk-utils-4.3.14-150400.3.6.3.noarch", }, }, { category: "product_version", name: "spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", product: { name: "spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", product_id: "spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", }, }, { category: "product_version", name: "subscription-matcher-0.29-150400.3.7.1.noarch", product: { name: "subscription-matcher-0.29-150400.3.7.1.noarch", product_id: "subscription-matcher-0.29-150400.3.7.1.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch", product: { name: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch", product_id: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", product: { name: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", product_id: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.3-150400.9.6.1.noarch", product: { name: "susemanager-docs_en-4.3-150400.9.6.1.noarch", product_id: "susemanager-docs_en-4.3-150400.9.6.1.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", product: { name: "susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", product_id: "susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.3.14-150400.3.6.5.noarch", product: { name: "susemanager-schema-4.3.14-150400.3.6.5.noarch", product_id: "susemanager-schema-4.3.14-150400.3.6.5.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.3.14-150400.3.6.5.noarch", product: { name: "susemanager-schema-sanity-4.3.14-150400.3.6.5.noarch", product_id: "susemanager-schema-sanity-4.3.14-150400.3.6.5.noarch", }, }, { category: "product_version", name: "susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", product: { name: "susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", product_id: "susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.3.25-150400.3.6.4.noarch", product: { name: "susemanager-sls-4.3.25-150400.3.6.4.noarch", product_id: "susemanager-sls-4.3.25-150400.3.6.4.noarch", }, }, { category: "product_version", name: "susemanager-sync-data-4.3.9-150400.3.3.1.noarch", product: { name: "susemanager-sync-data-4.3.9-150400.3.3.1.noarch", product_id: "susemanager-sync-data-4.3.9-150400.3.3.1.noarch", }, }, { category: "product_version", name: "susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", product: { name: "susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", product_id: "susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.3.25-150400.3.6.4.noarch", product: { name: "uyuni-config-modules-4.3.25-150400.3.6.4.noarch", product_id: "uyuni-config-modules-4.3.25-150400.3.6.4.noarch", }, }, { category: "product_version", name: "uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", product: { name: "uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", product_id: "uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150400.3.6.1.ppc64le", product: { name: "inter-server-sync-0.2.3-150400.3.6.1.ppc64le", product_id: "inter-server-sync-0.2.3-150400.3.6.1.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", product: { name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", product_id: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", product: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", product_id: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", }, }, { category: "product_version", name: "reprepro-5.4.0-150400.3.6.1.ppc64le", product: { name: "reprepro-5.4.0-150400.3.6.1.ppc64le", product_id: "reprepro-5.4.0-150400.3.6.1.ppc64le", }, }, { category: "product_version", name: "susemanager-4.3.19-150400.3.6.4.ppc64le", product: { name: "susemanager-4.3.19-150400.3.6.4.ppc64le", product_id: "susemanager-4.3.19-150400.3.6.4.ppc64le", }, }, { category: "product_version", name: "susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", product: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", product_id: "susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.3.19-150400.3.6.4.ppc64le", product: { name: "susemanager-tools-4.3.19-150400.3.6.4.ppc64le", product_id: "susemanager-tools-4.3.19-150400.3.6.4.ppc64le", }, }, { category: "product_version", name: "python3-magic-5.32-150000.7.16.1.ppc64le", product: { name: "python3-magic-5.32-150000.7.16.1.ppc64le", product_id: "python3-magic-5.32-150000.7.16.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150400.3.6.1.s390x", product: { name: "inter-server-sync-0.2.3-150400.3.6.1.s390x", product_id: "inter-server-sync-0.2.3-150400.3.6.1.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", product: { name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", product_id: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", product: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", product_id: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", }, }, { category: "product_version", name: "reprepro-5.4.0-150400.3.6.1.s390x", product: { name: "reprepro-5.4.0-150400.3.6.1.s390x", product_id: "reprepro-5.4.0-150400.3.6.1.s390x", }, }, { category: "product_version", name: "susemanager-4.3.19-150400.3.6.4.s390x", product: { name: "susemanager-4.3.19-150400.3.6.4.s390x", product_id: "susemanager-4.3.19-150400.3.6.4.s390x", }, }, { category: "product_version", name: "susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", product: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", product_id: "susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.3.19-150400.3.6.4.s390x", product: { name: "susemanager-tools-4.3.19-150400.3.6.4.s390x", product_id: "susemanager-tools-4.3.19-150400.3.6.4.s390x", }, }, { category: "product_version", name: "python3-magic-5.32-150000.7.16.1.s390x", product: { name: "python3-magic-5.32-150000.7.16.1.s390x", product_id: "python3-magic-5.32-150000.7.16.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.3-150400.3.6.1.x86_64", product: { name: "inter-server-sync-0.2.3-150400.3.6.1.x86_64", product_id: "inter-server-sync-0.2.3-150400.3.6.1.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", product: { name: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", product_id: "python2-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", product: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", product_id: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", }, }, { category: "product_version", name: "reprepro-5.4.0-150400.3.6.1.x86_64", product: { name: "reprepro-5.4.0-150400.3.6.1.x86_64", product_id: "reprepro-5.4.0-150400.3.6.1.x86_64", }, }, { category: "product_version", name: "susemanager-4.3.19-150400.3.6.4.x86_64", product: { name: "susemanager-4.3.19-150400.3.6.4.x86_64", product_id: "susemanager-4.3.19-150400.3.6.4.x86_64", }, }, { category: "product_version", name: "susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", product: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", product_id: "susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.3.19-150400.3.6.4.x86_64", product: { name: "susemanager-tools-4.3.19-150400.3.6.4.x86_64", product_id: "susemanager-tools-4.3.19-150400.3.6.4.x86_64", }, }, { category: "product_version", name: "python3-magic-5.32-150000.7.16.1.x86_64", product: { name: "python3-magic-5.32-150000.7.16.1.x86_64", product_id: "python3-magic-5.32-150000.7.16.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy Module 4.3", product: { name: "SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.3", product: { name: "SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mgr-daemon-4.3.6-150400.3.6.4.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", }, product_reference: "mgr-daemon-4.3.6-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", }, product_reference: "python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", }, product_reference: "python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, product_reference: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64 as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", }, product_reference: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.15-150400.3.6.4.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", }, product_reference: "spacecmd-4.3.15-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, product_reference: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", }, product_reference: "spacewalk-check-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", }, product_reference: "spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, product_reference: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", }, product_reference: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", }, product_reference: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch as component of SUSE Manager Proxy Module 4.3", product_id: "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", }, product_reference: "susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.3", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.3.3-150400.5.7.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", }, product_reference: "cobbler-3.3.3-150400.5.7.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "drools-7.17.0-150400.3.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", }, product_reference: "drools-7.17.0-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", }, product_reference: "image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150400.3.6.1.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", }, product_reference: "inter-server-sync-0.2.3-150400.3.6.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150400.3.6.1.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", }, product_reference: "inter-server-sync-0.2.3-150400.3.6.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.3-150400.3.6.1.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", }, product_reference: "inter-server-sync-0.2.3-150400.3.6.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "locale-formula-0.3-150400.3.3.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", }, product_reference: "locale-formula-0.3-150400.3.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-magic-5.32-150000.7.16.1.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", }, product_reference: "python3-magic-5.32-150000.7.16.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-magic-5.32-150000.7.16.1.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", }, product_reference: "python3-magic-5.32-150000.7.16.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-magic-5.32-150000.7.16.1.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", }, product_reference: "python3-magic-5.32-150000.7.16.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-schema-0.6.7-150400.10.3.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", }, product_reference: "python3-schema-0.6.7-150400.10.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, product_reference: "python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-urlgrabber-4.1.0-150400.3.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", }, product_reference: "python3-urlgrabber-4.1.0-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", }, product_reference: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", }, product_reference: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", }, product_reference: "python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "reprepro-5.4.0-150400.3.6.1.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", }, product_reference: "reprepro-5.4.0-150400.3.6.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "reprepro-5.4.0-150400.3.6.1.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", }, product_reference: "reprepro-5.4.0-150400.3.6.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "reprepro-5.4.0-150400.3.6.1.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", }, product_reference: "reprepro-5.4.0-150400.3.6.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", }, product_reference: "saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.3.15-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", }, product_reference: "spacecmd-4.3.15-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.3.10-150400.3.3.2.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", }, product_reference: "spacewalk-admin-4.3.10-150400.3.3.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-base-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", }, product_reference: "spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", }, product_reference: "spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.3.24-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", }, product_reference: "spacewalk-html-4.3.24-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.3.38-150400.3.8.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", }, product_reference: "spacewalk-java-4.3.38-150400.3.8.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.3.38-150400.3.8.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", }, product_reference: "spacewalk-java-config-4.3.38-150400.3.8.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.3.38-150400.3.8.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", }, product_reference: "spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", }, product_reference: "spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-search-4.3.7-150400.3.6.2.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", }, product_reference: "spacewalk-search-4.3.7-150400.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-setup-4.3.12-150400.3.8.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", }, product_reference: "spacewalk-setup-4.3.12-150400.3.8.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", }, product_reference: "spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-utils-4.3.14-150400.3.6.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", }, product_reference: "spacewalk-utils-4.3.14-150400.3.6.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", }, product_reference: "spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "subscription-matcher-0.29-150400.3.7.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", }, product_reference: "subscription-matcher-0.29-150400.3.7.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.3.19-150400.3.6.4.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", }, product_reference: "susemanager-4.3.19-150400.3.6.4.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.3.19-150400.3.6.4.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", }, product_reference: "susemanager-4.3.19-150400.3.6.4.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.3.19-150400.3.6.4.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", }, product_reference: "susemanager-4.3.19-150400.3.6.4.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", }, product_reference: "susemanager-build-keys-15.4.3-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", }, product_reference: "susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.3-150400.9.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", }, product_reference: "susemanager-docs_en-4.3-150400.9.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", }, product_reference: "susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.3.14-150400.3.6.5.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", }, product_reference: "susemanager-schema-4.3.14-150400.3.6.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-utility-4.3.14-150400.3.6.5.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", }, product_reference: "susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.3.25-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", }, product_reference: "susemanager-sls-4.3.25-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-sync-data-4.3.9-150400.3.3.1.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", }, product_reference: "susemanager-sync-data-4.3.9-150400.3.3.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", }, product_reference: "susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", }, product_reference: "susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", }, product_reference: "susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.3.19-150400.3.6.4.ppc64le as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", }, product_reference: "susemanager-tools-4.3.19-150400.3.6.4.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.3.19-150400.3.6.4.s390x as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", }, product_reference: "susemanager-tools-4.3.19-150400.3.6.4.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.3.19-150400.3.6.4.x86_64 as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", }, product_reference: "susemanager-tools-4.3.19-150400.3.6.4.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.3.25-150400.3.6.4.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", }, product_reference: "uyuni-config-modules-4.3.25-150400.3.6.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", }, product_reference: "uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, ], }, vulnerabilities: [ { cve: "CVE-2021-41411", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-41411", }, ], notes: [ { category: "general", text: "drools <=7.59.x is affected by an XML External Entity (XXE) vulnerability in KieModuleMarshaller.java. The Validator class is not used correctly, resulting in the XXE injection vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-41411", url: "https://www.suse.com/security/cve/CVE-2021-41411", }, { category: "external", summary: "SUSE Bug 1200629 for CVE-2021-41411", url: "https://bugzilla.suse.com/1200629", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:45:32Z", details: "important", }, ], title: "CVE-2021-41411", }, { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.3:mgr-daemon-4.3.6-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Proxy Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-check-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-setup-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Proxy Module 4.3:susemanager-tftpsync-recv-4.3.7-150400.3.3.3.noarch", "SUSE Manager Server Module 4.3:cobbler-3.3.3-150400.5.7.1.noarch", "SUSE Manager Server Module 4.3:drools-7.17.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:image-sync-formula-0.1.1661440542.6cbe0da-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:inter-server-sync-0.2.3-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:locale-formula-0.3-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.ppc64le", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.s390x", "SUSE Manager Server Module 4.3:python3-magic-5.32-150000.7.16.1.x86_64", "SUSE Manager Server Module 4.3:python3-schema-0.6.7-150400.10.3.1.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:python3-spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:python3-urlgrabber-4.1.0-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:python3-uyuni-common-libs-4.3.6-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.ppc64le", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.s390x", "SUSE Manager Server Module 4.3:reprepro-5.4.0-150400.3.6.1.x86_64", "SUSE Manager Server Module 4.3:saltboot-formula-0.1.1661440542.6cbe0da-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:spacecmd-4.3.15-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-admin-4.3.10-150400.3.3.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-app-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-applet-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-common-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-config-files-tool-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-iss-export-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-package-push-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-server-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-sql-postgresql-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-tools-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xml-export-libs-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-backend-xmlrpc-4.3.16-150400.3.6.8.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-base-minimal-config-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-certs-tools-4.3.15-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-client-tools-4.3.12-150400.3.6.6.noarch", "SUSE Manager Server Module 4.3:spacewalk-html-4.3.24-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-config-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-lib-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-java-postgresql-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-search-4.3.7-150400.3.6.2.noarch", "SUSE Manager Server Module 4.3:spacewalk-setup-4.3.12-150400.3.8.1.noarch", "SUSE Manager Server Module 4.3:spacewalk-taskomatic-4.3.38-150400.3.8.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:spacewalk-utils-extras-4.3.14-150400.3.6.3.noarch", "SUSE Manager Server Module 4.3:subscription-matcher-0.29-150400.3.7.1.noarch", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-build-keys-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-build-keys-web-15.4.3-150400.3.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-docs_en-pdf-4.3-150400.9.6.1.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-schema-utility-4.3.14-150400.3.6.5.noarch", "SUSE Manager Server Module 4.3:susemanager-sls-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:susemanager-sync-data-4.3.9-150400.3.3.1.noarch", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tftpsync-4.3.2-150400.3.3.4.x86_64", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.ppc64le", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.s390x", "SUSE Manager Server Module 4.3:susemanager-tools-4.3.19-150400.3.6.4.x86_64", "SUSE Manager Server Module 4.3:uyuni-config-modules-4.3.25-150400.3.6.4.noarch", "SUSE Manager Server Module 4.3:uyuni-reportdb-schema-4.3.6-150400.3.3.6.noarch", ], }, ], threats: [ { category: "impact", date: "2022-10-26T08:45:32Z", details: "important", }, ], title: "CVE-2022-0860", }, ], }
suse-su-2023:0592-1
Vulnerability from csaf_suse
Published
2023-03-02 08:32
Modified
2023-03-02 08:32
Summary
Security update for SUSE Manager Server 4.2
Notes
Title of the patch
Security update for SUSE Manager Server 4.2
Description of the patch
This update fixes the following issues:
cobbler:
- Fix improper authorization (bsc#1197027, CVE-2022-0860)
- Prevent error when starting up logrotate.service (bsc#1188191)
drools:
- Deserialization of Untrusted Data: unsafe data deserialization
in DroolsStreamUtils.java (bsc#1204879, CVE-2022-1415)
grafana-formula:
- Version 0.8.1
* Fix Uyuni/SUMA dashboard names
- Version 0.8.0
* Set dashboard names depending on project
* Update dashboards to use new JSON schema
* Fix PostgreSQL dashboard queries
* Migrate deprecated panels to their current replacements
- Version 0.7.1
* Fix default password field description (bsc#1203698)
* Do not require default admin and password fields
inter-server-sync:
- Version 0.2.7
* Do not update pillars table if it does not exists like in 4.2
- Version 0.2.6
* Export package extra tags for complete debian repo metatdata (bsc#1206375)
* Replace URLs in OS Images pillars when exporting and importing images
- Version 0.2.5
* Correct error when importing without debug log level (bsc#1204699)
mgr-osad:
- Version 4.2.9-1
* Updated logrotate configuration (bsc#1206470)
prometheus-formula:
- Version 0.7.0
* Switch from basic authentication to TLS certificate client
authentication for Blackbox exporter
* Fix scheme label in clients targets configration
* Add README.md
py27-compat-salt:
- Ignore extend declarations from excluded SLS files (bsc#1203886)
- Enhance capture of error messages for Zypper calls in zypperpkg module
rhnlib:
- Version 4.2.7-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
saltboot-formula:
- Update to version 0.1.1676908681.e90e0b1
* Add failsafe stop file when salt-minion does not stop (bsc#1208418)
* Support salt bundle (bsc#1208499)
salt-netapi-client:
- Version 0.21.0
* See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.21.0
- Add transactional_update module
- Improve logging when creating salt exception
smdba:
- Version 1.7.11
* fix config update from wal_keep_segments to wal_keep_size for
newer postgresql versions (bsc#1204519)
spacecmd:
- Version 4.2.21-1
* Prevent string api parameters to be parsed as dates if not in
ISO-8601 format (bsc#1205759)
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
* Correctly understand 'ssm' keyword on scap scheduling
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
spacewalk-admin:
- Version 4.2.13-1
* Generate uyuni_roster.conf with salt-secrets-config (bsc#1200096)
spacewalk-backend:
- Version 4.2.26-1
* Fix reposync error about missing 'content-type' key when syncing certain channels
* Compute headers as list of two-tuples to be used by url grabber (bsc#1205523)
* Updated logrotate configuration (bsc#1206470)
* Add 'octet-stream' to accepted content-types for reposync mirrorlists
* Exclude invalid mirror urls for reposync (bsc#1203826)
* do not fetch mirrorlist when a file url is given
* Keep older module metadata files in database (bsc#1201893)
* Removed the activation keys report from the debug information
spacewalk-certs-tools:
- Version 4.2.19-1
* some i18n functions moved to new module which needs to be loaded
(bsc#1201142)
* Generated bootstrap scripts installs all needed Salt 3004 dependencies
for Ubuntu 18.04 (bsc#1204517)
spacewalk-client-tools:
- Version 4.2.22-1
* Update translation strings
spacewalk-java:
- Version 4.2.47-1
* Use uyuni roster salt module instead of flat roster files (bsc#1200096)
- Version 4.2.46-1
* Fix registration with proxy and tunnel SSH (bsc#1200096)
- Version 4.2.45-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* Improve logs when sls action chain file is missing
* Do not forward ssh command if proxy and tunnel are present (bsc#1200096)
* Fix not being able to delete CLM environment if there are custom child
channels that where not built by the environment (bsc#1206932)
* Include missing 'gpg' states to avoid issues on SSH minions.
* Optimize the number of salt calls on minion startup (bsc#1203532)
* Fix CVE Audit ignoring errata in parent channels if patch in successor
product exists (bsc#1206168)
* Fix CVE Audit incorrectly displaying predecessor product (bsc#1205663)
* Fix modular channel check during system update via XMLRPC (bsc#1206613)
* Trigger a package profile update when a new live-patch is installed (bsc#1206249)
* prevent ISE on activation key page when selected base channel value is null
* Only remove product catalog if PAYG ssh credentials are defined (bsc#1205943)
* Updated logrotate configuration (bsc#1206470)
* Limit changelog data in generated metadata to 20 entries
* Fix CLM to not remove necessary packages when filtering erratas (bsc#1195979)
* check for NULL in DEB package install size value
* Allowed cancelling pending actions with a failed prerequisite (bsc#1204712)
* disable cloned vendor channel auto selection by default (bsc#1204186)
* adapt permissions of temporary ssh key directory
* format results for package, errata and image build actions in
system history similar to state apply results
* Fix ClassCastException
* Run only minion actions that are in the pending status (bsc#1205012)
* Manager reboot in transactional update action chain (bsc#1201476
* Optimize performance of config channels operations for UI and API (bsc#1204029)
* Don't add the same channel twice in the System config addChannel API (bsc#1204029)
* fix xmlrpc call randomly failing with translation error (bsc#1203633)
* Optimize action chain processing on job return event (bsc#1203532)
* Re-calculate salt event queue numbers on restart
* Fix out of memory error when building a CLM project (bsc#1202217)
* Process salt events in FIFO order (bsc#1203532)
* Remove 'SSM' column text where not applicable (bsc#1203588)
* Fix rendering of ssm/MigrateSystems page (bsc#1204651)
* Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)
* Deny packages from older module metadata when building CLM projects (bsc#1201893)
* Refresh pillar data for the assigned systems when a CLM channel is built (bsc#1200169)
* delay hardware refresh action to avoid missing channels (bsc#1204208)
* During re-activation, recalculate grains if
* Remove unused gson-extras.jar during build
spacewalk-search:
- Version 4.2.9-1
* Updated logrotate configuration (bsc#1206470)
spacewalk-web:
- Version 4.2.32-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* fix frontend logging in react pages
* Add bugzilla references to past security fixes
* shell-quote fix CVE-2021-42740 (bsc#1203287)
* moment fix CVE-2022-31129 (bsc#1203288)
supportutils-plugin-susemanager:
- Version 4.2.5-1
* Added dependency for XML Simple
* update susemanager plugin to export the number of pending salt events
susemanager:
- Version 4.2.40-1
* Add mgr-salt-ssh wrapper to use with uyuni roster Salt module (bsc#1200096)
- Version 4.2.39-1
* fix bootstrap repo path for SLES for SAP 12 (bsc#1207141)
* make venv-salt-minion optional for SUSE Manager Proxy 4.2
bootstrap repository (bsc#1206933)
* show RHEL target for bootstrap repo creation only if it is
really connected to the CDN (bsc#1206861)
* add python3-extras to bootstrap repo as dependency of
python3-libxml2, optional SLES 15 does not have it and it
is only required on SP4 or greater (bsc#1204437)
susemanager-build-keys:
- Version 15.3.6
* Add rpmlintrc configuration, so 'W: backup-file-in-package' for
the keyring is ignored. We do not ship backup files, but we own them
because they are created each time gpg is called, and we want them
removed if the package is removed
- uyuni-build-keys.rpmlintrc
susemanager-doc-indexes:
- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the
Client Configuration Guide
- Update Salt Bundle guide as Salt Bundle is now the default
registration method
- Re-added statement about Cobbler support in Reference Guide and Client
Configuration Guide (bsc#1206963)
- Added information about java.salt_event_thread_pool_size in Large
Deployments Guide
- Added information about GPG key usage in the Debian section of the
- Updated default number of changelog entries in Administration Guide
- Include migration guide from Salt 3000 to Bundle for SUSE Linux
Enterprise 12 and CentOS7 in Troubleshooting Clients
- Removed mentions to ABRT in Reference Guide
- Extended note about using Salt SSH with Salt Bundle in 4.2
- Fixed Liberty Linux client tools label in Client Configuration
Guide
susemanager-docs_en:
- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the
Client Configuration Guide
- Update Salt Bundle guide as Salt Bundle is now the default
registration method
- Re-added statement about Cobbler support in Reference Guide and Client
Configuration Guide (bsc#1206963)
- Added information about java.salt_event_thread_pool_size in Large
Deployments Guide
- Added information about GPG key usage in the Debian section of the
- Updated default number of changelog entries in Administration Guide
- Include migration guide from Salt 3000 to Bundle for SUSE Linux
Enterprise 12 and CentOS7 in Troubleshooting Clients.
- Removed mentions to ABRT in Reference Guide
- Extended note about using Salt SSH with Salt Bundle in 4.2
- Fixed Liberty Linux client tools label in Client Configuration
Guide
susemanager-schema:
- Version 4.2.27-1
* Add created and modified fields to suseMinionInfo to make uyuni roster module cache validation more
accurate (bsc#1200096)
- Version 4.2.26-1
* Add 'none' matcher to CLM AppStream filters (bsc#1206817)
* Increase cron_expr varchar length to 120 in suseRecurringAction
table (bsc#1205040)
* Keep older module metadata files in database (bsc#1201893)
* Fix setting of last modified date in channel clone procedure
susemanager-sls:
- Version 4.2.30-1
* Flush uyuni roster cache if the config has changed
* Implement uyuni roster module for Salt (bsc#1200096)
- Version 4.2.30-1
* Fix dnf plugin path calculation when using Salt Bundle (bsc#1208335)
- Version 4.2.29-1
* Improve _mgractionchains.conf logs
* Prevent possible errors from 'mgractionschains' module when there is no action chain to resume.
* Fix mgrnet custom module to be compatible with old Python 2.6 (bsc#1206979) (bsc#1206981)
* Fix custom 'mgrcompat.module_run' state module to work with Salt 3005.1
* filter out libvirt engine events (bsc#1206146)
* Optimize the number of salt calls on minion startup (bsc#1203532)
* Updated logrotate configuration (bsc#1206470)
* Make libvirt-events.conf path depend on what minion is used (bsc#1205920)
* Fix kiwi inspect regexp to allow image names with '-' (bsc#1204541)
* Avoid installing recommended packages from assigned products (bsc#1204330)
* Manager reboot in transactional update action chain (bsc#1201476)
* Use the actual sudo user home directory for salt ssh
clients on bootstrap and clean up (bsc#1202093)
* Perform refresh with packages.pkgupdate state (bsc#1203884)
uyuni-common-libs:
- Version 4.2.9-1
* Fix crash due missing 'context_manager' when running salt-secrets-config service (bsc#1200096)
- Version 4.2.8-1
* some i18n functions moved to new module which needs to be loaded
(bsc#1201142)
virtual-host-gatherer:
- Version 1.0.24-1
* Report total memory of a libvirt hypervisor
* Improve interoperability with other Python projects
woodstox:
- CVE-2022-40152: Fixed stack overflow in XML serialization. (bsc#1203521)
How to apply this update:
1. Log in as root user to the SUSE Manager Server.
2. Stop the Spacewalk service:
`spacewalk-service stop`
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
`spacewalk-service start`
Patchnames
SUSE-2023-592,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-592,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2023-592
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for SUSE Manager Server 4.2", title: "Title of the patch", }, { category: "description", text: "This update fixes the following issues:\n\ncobbler:\n\n- Fix improper authorization (bsc#1197027, CVE-2022-0860)\n- Prevent error when starting up logrotate.service (bsc#1188191)\n\ndrools:\n\n- Deserialization of Untrusted Data: unsafe data deserialization\n in DroolsStreamUtils.java (bsc#1204879, CVE-2022-1415)\n\ngrafana-formula:\n\n- Version 0.8.1\n * Fix Uyuni/SUMA dashboard names\n- Version 0.8.0\n * Set dashboard names depending on project\n * Update dashboards to use new JSON schema\n * Fix PostgreSQL dashboard queries\n * Migrate deprecated panels to their current replacements\n- Version 0.7.1\n * Fix default password field description (bsc#1203698)\n * Do not require default admin and password fields\n\ninter-server-sync:\n\n- Version 0.2.7\n * Do not update pillars table if it does not exists like in 4.2\n- Version 0.2.6\n * Export package extra tags for complete debian repo metatdata (bsc#1206375)\n * Replace URLs in OS Images pillars when exporting and importing images\n- Version 0.2.5 \n * Correct error when importing without debug log level (bsc#1204699)\n\nmgr-osad:\n\n- Version 4.2.9-1\n * Updated logrotate configuration (bsc#1206470)\n\nprometheus-formula:\n\n- Version 0.7.0\n * Switch from basic authentication to TLS certificate client\n authentication for Blackbox exporter\n * Fix scheme label in clients targets configration\n * Add README.md\n\npy27-compat-salt:\n\n- Ignore extend declarations from excluded SLS files (bsc#1203886)\n- Enhance capture of error messages for Zypper calls in zypperpkg module\n\nrhnlib:\n\n- Version 4.2.7-1\n * Don't get stuck at the end of SSL transfers (bsc#1204032)\n\nsaltboot-formula:\n\n- Update to version 0.1.1676908681.e90e0b1\n * Add failsafe stop file when salt-minion does not stop (bsc#1208418)\n * Support salt bundle (bsc#1208499)\n\nsalt-netapi-client:\n\n- Version 0.21.0\n * See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.21.0\n- Add transactional_update module\n- Improve logging when creating salt exception\n\nsmdba:\n\n- Version 1.7.11\n * fix config update from wal_keep_segments to wal_keep_size for\n newer postgresql versions (bsc#1204519)\n\nspacecmd:\n\n- Version 4.2.21-1\n * Prevent string api parameters to be parsed as dates if not in\n ISO-8601 format (bsc#1205759)\n * Add python-dateutil dependency, required to process date values in\n spacecmd api calls\n * Correctly understand 'ssm' keyword on scap scheduling\n * Fix dict_keys not supporting indexing in systems_setconfigchannelorger\n\nspacewalk-admin:\n\n- Version 4.2.13-1\n * Generate uyuni_roster.conf with salt-secrets-config (bsc#1200096)\n\nspacewalk-backend:\n\n- Version 4.2.26-1\n * Fix reposync error about missing 'content-type' key when syncing certain channels\n * Compute headers as list of two-tuples to be used by url grabber (bsc#1205523)\n * Updated logrotate configuration (bsc#1206470)\n * Add 'octet-stream' to accepted content-types for reposync mirrorlists\n * Exclude invalid mirror urls for reposync (bsc#1203826)\n * do not fetch mirrorlist when a file url is given\n * Keep older module metadata files in database (bsc#1201893)\n * Removed the activation keys report from the debug information\n\nspacewalk-certs-tools:\n\n- Version 4.2.19-1\n * some i18n functions moved to new module which needs to be loaded\n (bsc#1201142)\n * Generated bootstrap scripts installs all needed Salt 3004 dependencies\n for Ubuntu 18.04 (bsc#1204517)\n\nspacewalk-client-tools:\n\n- Version 4.2.22-1\n * Update translation strings\n\nspacewalk-java:\n\n- Version 4.2.47-1\n * Use uyuni roster salt module instead of flat roster files (bsc#1200096)\n- Version 4.2.46-1\n * Fix registration with proxy and tunnel SSH (bsc#1200096)\n- Version 4.2.45-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * Improve logs when sls action chain file is missing\n * Do not forward ssh command if proxy and tunnel are present (bsc#1200096)\n * Fix not being able to delete CLM environment if there are custom child\n channels that where not built by the environment (bsc#1206932)\n * Include missing 'gpg' states to avoid issues on SSH minions.\n * Optimize the number of salt calls on minion startup (bsc#1203532)\n * Fix CVE Audit ignoring errata in parent channels if patch in successor\n product exists (bsc#1206168)\n * Fix CVE Audit incorrectly displaying predecessor product (bsc#1205663)\n * Fix modular channel check during system update via XMLRPC (bsc#1206613)\n * Trigger a package profile update when a new live-patch is installed (bsc#1206249)\n * prevent ISE on activation key page when selected base channel value is null\n * Only remove product catalog if PAYG ssh credentials are defined (bsc#1205943)\n * Updated logrotate configuration (bsc#1206470)\n * Limit changelog data in generated metadata to 20 entries\n * Fix CLM to not remove necessary packages when filtering erratas (bsc#1195979)\n * check for NULL in DEB package install size value\n * Allowed cancelling pending actions with a failed prerequisite (bsc#1204712)\n * disable cloned vendor channel auto selection by default (bsc#1204186)\n * adapt permissions of temporary ssh key directory\n * format results for package, errata and image build actions in\n system history similar to state apply results\n * Fix ClassCastException\n * Run only minion actions that are in the pending status (bsc#1205012)\n * Manager reboot in transactional update action chain (bsc#1201476\n * Optimize performance of config channels operations for UI and API (bsc#1204029)\n * Don't add the same channel twice in the System config addChannel API (bsc#1204029)\n * fix xmlrpc call randomly failing with translation error (bsc#1203633)\n * Optimize action chain processing on job return event (bsc#1203532)\n * Re-calculate salt event queue numbers on restart\n * Fix out of memory error when building a CLM project (bsc#1202217)\n * Process salt events in FIFO order (bsc#1203532)\n * Remove 'SSM' column text where not applicable (bsc#1203588)\n * Fix rendering of ssm/MigrateSystems page (bsc#1204651)\n * Pass mgr_sudo_user pillar on salt ssh client cleanup (bsc#1202093)\n * Deny packages from older module metadata when building CLM projects (bsc#1201893)\n * Refresh pillar data for the assigned systems when a CLM channel is built (bsc#1200169)\n * delay hardware refresh action to avoid missing channels (bsc#1204208)\n * During re-activation, recalculate grains if\n * Remove unused gson-extras.jar during build\n\nspacewalk-search:\n\n- Version 4.2.9-1\n * Updated logrotate configuration (bsc#1206470)\n\nspacewalk-web:\n\n- Version 4.2.32-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * fix frontend logging in react pages\n * Add bugzilla references to past security fixes\n * shell-quote fix CVE-2021-42740 (bsc#1203287)\n * moment fix CVE-2022-31129 (bsc#1203288)\n\nsupportutils-plugin-susemanager:\n\n- Version 4.2.5-1\n * Added dependency for XML Simple\n * update susemanager plugin to export the number of pending salt events\n\nsusemanager:\n\n- Version 4.2.40-1\n * Add mgr-salt-ssh wrapper to use with uyuni roster Salt module (bsc#1200096)\n- Version 4.2.39-1\n * fix bootstrap repo path for SLES for SAP 12 (bsc#1207141)\n * make venv-salt-minion optional for SUSE Manager Proxy 4.2\n bootstrap repository (bsc#1206933)\n * show RHEL target for bootstrap repo creation only if it is\n really connected to the CDN (bsc#1206861)\n * add python3-extras to bootstrap repo as dependency of\n python3-libxml2, optional SLES 15 does not have it and it\n is only required on SP4 or greater (bsc#1204437) \n\nsusemanager-build-keys:\n\n- Version 15.3.6\n * Add rpmlintrc configuration, so 'W: backup-file-in-package' for\n the keyring is ignored. We do not ship backup files, but we own them\n because they are created each time gpg is called, and we want them\n removed if the package is removed\n - uyuni-build-keys.rpmlintrc\n\nsusemanager-doc-indexes:\n\n- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the\n Client Configuration Guide\n- Update Salt Bundle guide as Salt Bundle is now the default\n registration method\n- Re-added statement about Cobbler support in Reference Guide and Client\n Configuration Guide (bsc#1206963)\n- Added information about java.salt_event_thread_pool_size in Large\n Deployments Guide\n- Added information about GPG key usage in the Debian section of the\n- Updated default number of changelog entries in Administration Guide\n- Include migration guide from Salt 3000 to Bundle for SUSE Linux \n Enterprise 12 and CentOS7 in Troubleshooting Clients\n- Removed mentions to ABRT in Reference Guide\n- Extended note about using Salt SSH with Salt Bundle in 4.2\n- Fixed Liberty Linux client tools label in Client Configuration\n Guide\n\nsusemanager-docs_en:\n\n- Include RHEL7 in Salt 3000 to Salt Bundle migration section of the \n Client Configuration Guide\n- Update Salt Bundle guide as Salt Bundle is now the default \n registration method\n- Re-added statement about Cobbler support in Reference Guide and Client\n Configuration Guide (bsc#1206963)\n- Added information about java.salt_event_thread_pool_size in Large\n Deployments Guide\n- Added information about GPG key usage in the Debian section of the \n- Updated default number of changelog entries in Administration Guide\n- Include migration guide from Salt 3000 to Bundle for SUSE Linux \n Enterprise 12 and CentOS7 in Troubleshooting Clients.\n- Removed mentions to ABRT in Reference Guide\n- Extended note about using Salt SSH with Salt Bundle in 4.2\n- Fixed Liberty Linux client tools label in Client Configuration \n Guide\n\nsusemanager-schema:\n\n- Version 4.2.27-1\n * Add created and modified fields to suseMinionInfo to make uyuni roster module cache validation more \n accurate (bsc#1200096)\n- Version 4.2.26-1\n * Add 'none' matcher to CLM AppStream filters (bsc#1206817)\n * Increase cron_expr varchar length to 120 in suseRecurringAction\n table (bsc#1205040)\n * Keep older module metadata files in database (bsc#1201893)\n * Fix setting of last modified date in channel clone procedure\n\nsusemanager-sls:\n\n- Version 4.2.30-1\n * Flush uyuni roster cache if the config has changed\n * Implement uyuni roster module for Salt (bsc#1200096)\n- Version 4.2.30-1\n * Fix dnf plugin path calculation when using Salt Bundle (bsc#1208335)\n- Version 4.2.29-1\n * Improve _mgractionchains.conf logs\n * Prevent possible errors from 'mgractionschains' module when there is no action chain to resume.\n * Fix mgrnet custom module to be compatible with old Python 2.6 (bsc#1206979) (bsc#1206981)\n * Fix custom 'mgrcompat.module_run' state module to work with Salt 3005.1\n * filter out libvirt engine events (bsc#1206146)\n * Optimize the number of salt calls on minion startup (bsc#1203532)\n * Updated logrotate configuration (bsc#1206470)\n * Make libvirt-events.conf path depend on what minion is used (bsc#1205920)\n * Fix kiwi inspect regexp to allow image names with '-' (bsc#1204541)\n * Avoid installing recommended packages from assigned products (bsc#1204330)\n * Manager reboot in transactional update action chain (bsc#1201476)\n * Use the actual sudo user home directory for salt ssh\n clients on bootstrap and clean up (bsc#1202093)\n * Perform refresh with packages.pkgupdate state (bsc#1203884)\n\nuyuni-common-libs:\n\n- Version 4.2.9-1\n * Fix crash due missing 'context_manager' when running salt-secrets-config service (bsc#1200096)\n- Version 4.2.8-1\n * some i18n functions moved to new module which needs to be loaded\n (bsc#1201142)\n\nvirtual-host-gatherer:\n\n- Version 1.0.24-1\n * Report total memory of a libvirt hypervisor\n * Improve interoperability with other Python projects\n\nwoodstox:\n\n- CVE-2022-40152: Fixed stack overflow in XML serialization. (bsc#1203521)\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager Server.\n2. Stop the Spacewalk service:\n`spacewalk-service stop`\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\n`spacewalk-service start`\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-592,SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2023-592,SUSE-SLE-Module-SUSE-Manager-Server-4.2-2023-592", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0592-1.json", }, { category: "self", summary: "URL for SUSE-SU-2023:0592-1", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20230592-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:0592-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018012.html", }, { category: "self", summary: "SUSE Bug 1188191", url: "https://bugzilla.suse.com/1188191", }, { category: "self", summary: "SUSE Bug 1195979", url: "https://bugzilla.suse.com/1195979", }, { category: "self", summary: "SUSE Bug 1197027", url: "https://bugzilla.suse.com/1197027", }, { category: "self", summary: "SUSE Bug 1200096", url: "https://bugzilla.suse.com/1200096", }, { category: "self", summary: "SUSE Bug 1200169", url: "https://bugzilla.suse.com/1200169", }, { category: "self", summary: "SUSE Bug 1201142", url: "https://bugzilla.suse.com/1201142", }, { category: "self", summary: "SUSE Bug 1201476", url: "https://bugzilla.suse.com/1201476", }, { category: "self", summary: "SUSE Bug 1201893", url: "https://bugzilla.suse.com/1201893", }, { category: "self", summary: "SUSE Bug 1202093", url: "https://bugzilla.suse.com/1202093", }, { category: "self", summary: "SUSE Bug 1202217", url: "https://bugzilla.suse.com/1202217", }, { category: "self", summary: "SUSE Bug 1203287", url: "https://bugzilla.suse.com/1203287", }, { category: "self", summary: "SUSE Bug 1203288", url: "https://bugzilla.suse.com/1203288", }, { category: "self", summary: "SUSE Bug 1203521", url: "https://bugzilla.suse.com/1203521", }, { category: "self", summary: "SUSE Bug 1203532", url: "https://bugzilla.suse.com/1203532", }, { category: "self", summary: "SUSE Bug 1203588", url: "https://bugzilla.suse.com/1203588", }, { category: "self", summary: "SUSE Bug 1203633", url: "https://bugzilla.suse.com/1203633", }, { category: "self", summary: "SUSE Bug 1203698", url: "https://bugzilla.suse.com/1203698", }, { category: "self", summary: "SUSE Bug 1203826", url: "https://bugzilla.suse.com/1203826", }, { category: "self", summary: "SUSE Bug 1203884", url: "https://bugzilla.suse.com/1203884", }, { category: "self", summary: "SUSE Bug 1203886", url: "https://bugzilla.suse.com/1203886", }, { category: "self", summary: "SUSE Bug 1204029", url: "https://bugzilla.suse.com/1204029", }, { category: "self", summary: "SUSE Bug 1204032", url: "https://bugzilla.suse.com/1204032", }, { category: "self", summary: "SUSE Bug 1204186", url: "https://bugzilla.suse.com/1204186", }, { category: "self", summary: "SUSE Bug 1204208", url: "https://bugzilla.suse.com/1204208", }, { category: "self", summary: "SUSE Bug 1204330", url: "https://bugzilla.suse.com/1204330", }, { category: "self", summary: "SUSE Bug 1204437", url: "https://bugzilla.suse.com/1204437", }, { category: "self", summary: "SUSE Bug 1204517", url: "https://bugzilla.suse.com/1204517", }, { category: "self", summary: "SUSE Bug 1204519", url: "https://bugzilla.suse.com/1204519", }, { category: "self", summary: "SUSE Bug 1204541", url: "https://bugzilla.suse.com/1204541", }, { category: "self", summary: "SUSE Bug 1204651", url: "https://bugzilla.suse.com/1204651", }, { category: "self", summary: "SUSE Bug 1204699", url: "https://bugzilla.suse.com/1204699", }, { category: "self", summary: "SUSE Bug 1204712", url: "https://bugzilla.suse.com/1204712", }, { category: "self", summary: "SUSE Bug 1204879", url: "https://bugzilla.suse.com/1204879", }, { category: "self", summary: "SUSE Bug 1205012", url: "https://bugzilla.suse.com/1205012", }, { category: "self", summary: "SUSE Bug 1205040", url: "https://bugzilla.suse.com/1205040", }, { category: "self", summary: "SUSE Bug 1205523", url: "https://bugzilla.suse.com/1205523", }, { category: "self", summary: "SUSE Bug 1205663", url: "https://bugzilla.suse.com/1205663", }, { category: "self", summary: "SUSE Bug 1205759", url: "https://bugzilla.suse.com/1205759", }, { category: "self", summary: "SUSE Bug 1205920", url: "https://bugzilla.suse.com/1205920", }, { category: "self", summary: "SUSE Bug 1205943", url: "https://bugzilla.suse.com/1205943", }, { category: "self", summary: "SUSE Bug 1206146", url: "https://bugzilla.suse.com/1206146", }, { category: "self", summary: "SUSE Bug 1206168", url: "https://bugzilla.suse.com/1206168", }, { category: "self", summary: "SUSE Bug 1206249", url: "https://bugzilla.suse.com/1206249", }, { category: "self", summary: "SUSE Bug 1206375", url: "https://bugzilla.suse.com/1206375", }, { category: "self", summary: "SUSE Bug 1206470", url: "https://bugzilla.suse.com/1206470", }, { category: "self", summary: "SUSE Bug 1206613", url: "https://bugzilla.suse.com/1206613", }, { category: "self", summary: "SUSE Bug 1206817", url: "https://bugzilla.suse.com/1206817", }, { category: "self", summary: "SUSE Bug 1206861", url: "https://bugzilla.suse.com/1206861", }, { category: "self", summary: "SUSE Bug 1206932", url: "https://bugzilla.suse.com/1206932", }, { category: "self", summary: "SUSE Bug 1206933", url: "https://bugzilla.suse.com/1206933", }, { category: "self", summary: "SUSE Bug 1206963", url: "https://bugzilla.suse.com/1206963", }, { category: "self", summary: "SUSE Bug 1206979", url: "https://bugzilla.suse.com/1206979", }, { category: "self", summary: "SUSE Bug 1206981", url: "https://bugzilla.suse.com/1206981", }, { category: "self", summary: "SUSE Bug 1207141", url: "https://bugzilla.suse.com/1207141", }, { category: "self", summary: "SUSE Bug 1208335", url: "https://bugzilla.suse.com/1208335", }, { category: "self", summary: "SUSE Bug 1208418", url: "https://bugzilla.suse.com/1208418", }, { category: "self", summary: "SUSE Bug 1208499", url: "https://bugzilla.suse.com/1208499", }, { category: "self", summary: "SUSE CVE CVE-2021-42740 page", url: "https://www.suse.com/security/cve/CVE-2021-42740/", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, { category: "self", summary: "SUSE CVE CVE-2022-1415 page", url: "https://www.suse.com/security/cve/CVE-2022-1415/", }, { category: "self", summary: "SUSE CVE CVE-2022-31129 page", url: "https://www.suse.com/security/cve/CVE-2022-31129/", }, { category: "self", summary: "SUSE CVE CVE-2022-40152 page", url: "https://www.suse.com/security/cve/CVE-2022-40152/", }, ], title: "Security update for SUSE Manager Server 4.2", tracking: { current_release_date: "2023-03-02T08:32:44Z", generator: { date: "2023-03-02T08:32:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:0592-1", initial_release_date: "2023-03-02T08:32:44Z", revision_history: [ { date: "2023-03-02T08:32:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", product_id: "inter-server-sync-0.2.7-150300.8.28.2.aarch64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.aarch64", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.aarch64", product: { name: "smdba-1.7.11-0.150300.3.12.2.aarch64", product_id: "smdba-1.7.11-0.150300.3.12.2.aarch64", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.aarch64", product: { name: "susemanager-4.2.40-150300.3.49.1.aarch64", product_id: "susemanager-4.2.40-150300.3.49.1.aarch64", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", product_id: "susemanager-tools-4.2.40-150300.3.49.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cobbler-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "cobbler-tests-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-tests-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-tests-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "cobbler-web-3.1.2-150300.5.19.1.noarch", product: { name: "cobbler-web-3.1.2-150300.5.19.1.noarch", product_id: "cobbler-web-3.1.2-150300.5.19.1.noarch", }, }, { category: "product_version", name: "drools-7.17.0-150300.4.9.2.noarch", product: { name: "drools-7.17.0-150300.4.9.2.noarch", product_id: "drools-7.17.0-150300.4.9.2.noarch", }, }, { category: "product_version", name: "grafana-formula-0.8.1-150300.3.9.2.noarch", product: { name: "grafana-formula-0.8.1-150300.3.9.2.noarch", product_id: "grafana-formula-0.8.1-150300.3.9.2.noarch", }, }, { category: "product_version", name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product: { name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product_id: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "mgr-osad-4.2.9-150300.2.12.2.noarch", product: { name: "mgr-osad-4.2.9-150300.2.12.2.noarch", product_id: "mgr-osad-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "prometheus-formula-0.7.0-150300.3.17.2.noarch", product: { name: "prometheus-formula-0.7.0-150300.3.17.2.noarch", product_id: "prometheus-formula-0.7.0-150300.3.17.2.noarch", }, }, { category: "product_version", name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", product: { name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", product_id: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", }, }, { category: "product_version", name: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "python2-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", product: { name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", product_id: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", }, }, { category: "product_version", name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", product: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", product_id: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product_id: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", product: { name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", product_id: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", }, }, { category: "product_version", name: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", product: { name: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", product_id: "salt-netapi-client-javadoc-0.21.0-150300.3.12.4.noarch", }, }, { category: "product_version", name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", product: { name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", product_id: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", }, }, { category: "product_version", name: "spacecmd-4.2.21-150300.4.33.2.noarch", product: { name: "spacecmd-4.2.21-150300.4.33.2.noarch", product_id: "spacecmd-4.2.21-150300.4.33.2.noarch", }, }, { category: "product_version", name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", product: { name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", product_id: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", }, }, { category: "product_version", name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-cdn-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", product: { name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", product_id: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", }, }, { category: "product_version", name: "spacewalk-base-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", product_id: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, }, { category: "product_version", name: "spacewalk-check-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-check-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-check-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", product_id: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, }, { category: "product_version", name: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-dobby-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-html-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-html-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", product: { name: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", product_id: "spacewalk-html-debug-4.2.32-150300.3.36.4.noarch", }, }, { category: "product_version", name: "spacewalk-java-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-apidoc-sources-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", product: { name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", product_id: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", product: { name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", product_id: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", }, }, { category: "product_version", name: "spacewalk-search-4.2.9-150300.3.15.2.noarch", product: { name: "spacewalk-search-4.2.9-150300.3.15.2.noarch", product_id: "spacewalk-search-4.2.9-150300.3.15.2.noarch", }, }, { category: "product_version", name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", product: { name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", product_id: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", }, }, { category: "product_version", name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", product: { name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", product_id: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", product: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", product_id: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, }, { category: "product_version", name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", product: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", product_id: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, }, { category: "product_version", name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", product: { name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", product_id: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-4.2-150300.12.39.2.noarch", product: { name: "susemanager-docs_en-4.2-150300.12.39.2.noarch", product_id: "susemanager-docs_en-4.2-150300.12.39.2.noarch", }, }, { category: "product_version", name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", product: { name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", product_id: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", }, }, { category: "product_version", name: "susemanager-schema-4.2.27-150300.3.35.1.noarch", product: { name: "susemanager-schema-4.2.27-150300.3.35.1.noarch", product_id: "susemanager-schema-4.2.27-150300.3.35.1.noarch", }, }, { category: "product_version", name: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", product: { name: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", product_id: "susemanager-schema-sanity-4.2.27-150300.3.35.1.noarch", }, }, { category: "product_version", name: "susemanager-sls-4.2.31-150300.3.43.1.noarch", product: { name: "susemanager-sls-4.2.31-150300.3.43.1.noarch", product_id: "susemanager-sls-4.2.31-150300.3.43.1.noarch", }, }, { category: "product_version", name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", product: { name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", product_id: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Libvirt-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", product: { name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", product_id: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", }, }, { category: "product_version", name: "woodstox-4.4.2-150300.3.6.2.noarch", product: { name: "woodstox-4.4.2-150300.3.6.2.noarch", product_id: "woodstox-4.4.2-150300.3.6.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", product_id: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.ppc64le", product: { name: "smdba-1.7.11-0.150300.3.12.2.ppc64le", product_id: "smdba-1.7.11-0.150300.3.12.2.ppc64le", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.ppc64le", product: { name: "susemanager-4.2.40-150300.3.49.1.ppc64le", product_id: "susemanager-4.2.40-150300.3.49.1.ppc64le", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", product_id: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.s390x", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.s390x", product_id: "inter-server-sync-0.2.7-150300.8.28.2.s390x", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.s390x", product: { name: "smdba-1.7.11-0.150300.3.12.2.s390x", product_id: "smdba-1.7.11-0.150300.3.12.2.s390x", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.s390x", product: { name: "susemanager-4.2.40-150300.3.49.1.s390x", product_id: "susemanager-4.2.40-150300.3.49.1.s390x", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.s390x", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.s390x", product_id: "susemanager-tools-4.2.40-150300.3.49.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", product: { name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", product_id: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", }, }, { category: "product_version", name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product: { name: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product_id: "python2-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, }, { category: "product_version", name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", product_id: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, }, { category: "product_version", name: "smdba-1.7.11-0.150300.3.12.2.x86_64", product: { name: "smdba-1.7.11-0.150300.3.12.2.x86_64", product_id: "smdba-1.7.11-0.150300.3.12.2.x86_64", }, }, { category: "product_version", name: "susemanager-4.2.40-150300.3.49.1.x86_64", product: { name: "susemanager-4.2.40-150300.3.49.1.x86_64", product_id: "susemanager-4.2.40-150300.3.49.1.x86_64", }, }, { category: "product_version", name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", product: { name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", product_id: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Manager Proxy Module 4.2", product: { name: "SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-proxy:4.2", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.2", product: { name: "SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "mgr-osad-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", }, product_reference: "mgr-osad-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osad-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, product_reference: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64 as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.21-150300.4.33.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", }, product_reference: "spacecmd-4.2.21-150300.4.33.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-check-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-check-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", }, product_reference: "spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", }, product_reference: "spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Proxy Module 4.2", product_id: "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Proxy Module 4.2", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.1.2-150300.5.19.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", }, product_reference: "cobbler-3.1.2-150300.5.19.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "drools-7.17.0-150300.4.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", }, product_reference: "drools-7.17.0-150300.4.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "grafana-formula-0.8.1-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", }, product_reference: "grafana-formula-0.8.1-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "inter-server-sync-0.2.7-150300.8.28.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", }, product_reference: "inter-server-sync-0.2.7-150300.8.28.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, product_reference: "mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "prometheus-formula-0.7.0-150300.3.17.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", }, product_reference: "prometheus-formula-0.7.0-150300.3.17.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", }, product_reference: "py27-compat-salt-3000.3-150300.7.7.29.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", }, product_reference: "python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-rhnlib-4.2.7-150300.4.12.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", }, product_reference: "python3-rhnlib-4.2.7-150300.4.12.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", }, product_reference: "python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "salt-netapi-client-0.21.0-150300.3.12.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", }, product_reference: "salt-netapi-client-0.21.0-150300.3.12.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", }, product_reference: "saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "smdba-1.7.11-0.150300.3.12.2.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", }, product_reference: "smdba-1.7.11-0.150300.3.12.2.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacecmd-4.2.21-150300.4.33.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", }, product_reference: "spacecmd-4.2.21-150300.4.33.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-admin-4.2.13-150300.3.18.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", }, product_reference: "spacewalk-admin-4.2.13-150300.3.18.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", }, product_reference: "spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", }, product_reference: "spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", }, product_reference: "spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-html-4.2.32-150300.3.36.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", }, product_reference: "spacewalk-html-4.2.32-150300.3.36.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-config-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-search-4.2.9-150300.3.15.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", }, product_reference: "spacewalk-search-4.2.9-150300.3.15.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", }, product_reference: "spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", }, product_reference: "supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", }, product_reference: "susemanager-4.2.40-150300.3.49.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", }, product_reference: "susemanager-4.2.40-150300.3.49.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-4.2.40-150300.3.49.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", }, product_reference: "susemanager-4.2.40-150300.3.49.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", }, product_reference: "susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", }, product_reference: "susemanager-doc-indexes-4.2-150300.12.39.4.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-4.2-150300.12.39.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", }, product_reference: "susemanager-docs_en-4.2-150300.12.39.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", }, product_reference: "susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-schema-4.2.27-150300.3.35.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", }, product_reference: "susemanager-schema-4.2.27-150300.3.35.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-sls-4.2.31-150300.3.43.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", }, product_reference: "susemanager-sls-4.2.31-150300.3.43.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.ppc64le", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.s390x as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.s390x", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "susemanager-tools-4.2.40-150300.3.49.1.x86_64 as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", }, product_reference: "susemanager-tools-4.2.40-150300.3.49.1.x86_64", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", }, product_reference: "uyuni-config-modules-4.2.31-150300.3.43.1.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", }, product_reference: "virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, { category: "default_component_of", full_product_name: { name: "woodstox-4.4.2-150300.3.6.2.noarch as component of SUSE Manager Server Module 4.2", product_id: "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", }, product_reference: "woodstox-4.4.2-150300.3.6.2.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-42740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-42740", }, ], notes: [ { category: "general", text: "The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to support Windows drive letters. If the output of this package is passed to a real shell as a quoted argument to a command with exec(), an attacker can inject arbitrary commands. This is because the Windows drive letter regex character class is {A-z] instead of the correct {A-Za-z]. Several shell metacharacters exist in the space between capital letter Z and lower case letter a, such as the backtick character.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-42740", url: "https://www.suse.com/security/cve/CVE-2021-42740", }, { category: "external", summary: "SUSE Bug 1203287 for CVE-2021-42740", url: "https://bugzilla.suse.com/1203287", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "critical", }, ], title: "CVE-2021-42740", }, { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "important", }, ], title: "CVE-2022-0860", }, { cve: "CVE-2022-1415", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1415", }, ], notes: [ { category: "general", text: "A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-1415", url: "https://www.suse.com/security/cve/CVE-2022-1415", }, { category: "external", summary: "SUSE Bug 1204879 for CVE-2022-1415", url: "https://bugzilla.suse.com/1204879", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "moderate", }, ], title: "CVE-2022-1415", }, { cve: "CVE-2022-31129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-31129", }, ], notes: [ { category: "general", text: "moment is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Affected versions of moment were found to use an inefficient parsing algorithm. Specifically using string-to-date parsing in moment (more specifically rfc2822 parsing, which is tried by default) has quadratic (N^2) complexity on specific inputs. Users may notice a noticeable slowdown is observed with inputs above 10k characters. Users who pass user-provided strings without sanity length checks to moment constructor are vulnerable to (Re)DoS attacks. The problem is patched in 2.29.4, the patch can be applied to all affected versions with minimal tweaking. Users are advised to upgrade. Users unable to upgrade should consider limiting date lengths accepted from user input.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-31129", url: "https://www.suse.com/security/cve/CVE-2022-31129", }, { category: "external", summary: "SUSE Bug 1203288 for CVE-2022-31129", url: "https://bugzilla.suse.com/1203288", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "important", }, ], title: "CVE-2022-31129", }, { cve: "CVE-2022-40152", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-40152", }, ], notes: [ { category: "general", text: "Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-40152", url: "https://www.suse.com/security/cve/CVE-2022-40152", }, { category: "external", summary: "SUSE Bug 1203521 for CVE-2022-40152", url: "https://bugzilla.suse.com/1203521", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Manager Proxy Module 4.2:mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-mgr-osad-4.2.9-150300.2.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Proxy Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-check-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-setup-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-broker-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-common-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-installer-4.2.11-150300.3.14.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-management-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-package-manager-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-redirect-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:spacewalk-proxy-salt-4.2.13-150300.3.24.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Proxy Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:cobbler-3.1.2-150300.5.19.1.noarch", "SUSE Manager Server Module 4.2:drools-7.17.0-150300.4.9.2.noarch", "SUSE Manager Server Module 4.2:grafana-formula-0.8.1-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.ppc64le", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.s390x", "SUSE Manager Server Module 4.2:inter-server-sync-0.2.7-150300.8.28.2.x86_64", "SUSE Manager Server Module 4.2:mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:prometheus-formula-0.7.0-150300.3.17.2.noarch", "SUSE Manager Server Module 4.2:py27-compat-salt-3000.3-150300.7.7.29.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-common-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-mgr-osa-dispatcher-4.2.9-150300.2.12.2.noarch", "SUSE Manager Server Module 4.2:python3-rhnlib-4.2.7-150300.4.12.2.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:python3-spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.ppc64le", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.s390x", "SUSE Manager Server Module 4.2:python3-uyuni-common-libs-4.2.9-150300.3.14.1.x86_64", "SUSE Manager Server Module 4.2:salt-netapi-client-0.21.0-150300.3.12.4.noarch", "SUSE Manager Server Module 4.2:saltboot-formula-0.1.1676908681.e90e0b1-150300.3.15.1.noarch", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.ppc64le", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.s390x", "SUSE Manager Server Module 4.2:smdba-1.7.11-0.150300.3.12.2.x86_64", "SUSE Manager Server Module 4.2:spacecmd-4.2.21-150300.4.33.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-admin-4.2.13-150300.3.18.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-app-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-applet-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-common-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-config-files-tool-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-iss-export-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-package-push-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-server-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-sql-postgresql-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-tools-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xml-export-libs-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-backend-xmlrpc-4.2.26-150300.4.35.6.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-base-minimal-config-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-certs-tools-4.2.19-150300.3.27.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-client-tools-4.2.22-150300.4.30.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-html-4.2.32-150300.3.36.4.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-config-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-lib-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-java-postgresql-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:spacewalk-search-4.2.9-150300.3.15.2.noarch", "SUSE Manager Server Module 4.2:spacewalk-taskomatic-4.2.47-150300.3.58.1.noarch", "SUSE Manager Server Module 4.2:supportutils-plugin-susemanager-4.2.5-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:susemanager-build-keys-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-build-keys-web-15.3.6-150300.3.6.2.noarch", "SUSE Manager Server Module 4.2:susemanager-doc-indexes-4.2-150300.12.39.4.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-docs_en-pdf-4.2-150300.12.39.2.noarch", "SUSE Manager Server Module 4.2:susemanager-schema-4.2.27-150300.3.35.1.noarch", "SUSE Manager Server Module 4.2:susemanager-sls-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.ppc64le", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.s390x", "SUSE Manager Server Module 4.2:susemanager-tools-4.2.40-150300.3.49.1.x86_64", "SUSE Manager Server Module 4.2:uyuni-config-modules-4.2.31-150300.3.43.1.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Kubernetes-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-Nutanix-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-VMware-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:virtual-host-gatherer-libcloud-1.0.24-150300.3.9.2.noarch", "SUSE Manager Server Module 4.2:woodstox-4.4.2-150300.3.6.2.noarch", ], }, ], threats: [ { category: "impact", date: "2023-03-02T08:32:44Z", details: "moderate", }, ], title: "CVE-2022-40152", }, ], }
opensuse-su-2024:11904-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
cobbler-3.3.2.0+git.9044aa99-1.1 on GA media
Notes
Title of the patch
cobbler-3.3.2.0+git.9044aa99-1.1 on GA media
Description of the patch
These are all security issues fixed in the cobbler-3.3.2.0+git.9044aa99-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11904
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "cobbler-3.3.2.0+git.9044aa99-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the cobbler-3.3.2.0+git.9044aa99-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11904", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11904-1.json", }, { category: "self", summary: "SUSE CVE CVE-2022-0860 page", url: "https://www.suse.com/security/cve/CVE-2022-0860/", }, ], title: "cobbler-3.3.2.0+git.9044aa99-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11904-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", product: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", product_id: "cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", }, }, { category: "product_version", name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", product: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", product_id: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", product: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", product_id: "cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", }, }, { category: "product_version", name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", product: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", product_id: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cobbler-3.3.2.0+git.9044aa99-1.1.s390x", product: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.s390x", product_id: "cobbler-3.3.2.0+git.9044aa99-1.1.s390x", }, }, { category: "product_version", name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", product: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", product_id: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", product: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", product_id: "cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", }, }, { category: "product_version", name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", product: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", product_id: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", }, product_reference: "cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", }, product_reference: "cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.s390x", }, product_reference: "cobbler-3.3.2.0+git.9044aa99-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-3.3.2.0+git.9044aa99-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", }, product_reference: "cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", }, product_reference: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", }, product_reference: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", }, product_reference: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", }, product_reference: "cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0860", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0860", }, ], notes: [ { category: "general", text: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0860", url: "https://www.suse.com/security/cve/CVE-2022-0860", }, { category: "external", summary: "SUSE Bug 1197027 for CVE-2022-0860", url: "https://bugzilla.suse.com/1197027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-3.3.2.0+git.9044aa99-1.1.x86_64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.aarch64", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.ppc64le", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.s390x", "openSUSE Tumbleweed:cobbler-tests-3.3.2.0+git.9044aa99-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2022-0860", }, ], }
ghsa-mcg6-h362-cmq5
Vulnerability from github
Published
2022-03-11 20:52
Modified
2024-11-18 16:26
Severity ?
8.2 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
6.7 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
6.7 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
Summary
Improper Authorization in cobbler
Details
Impact
If PAM is correctly configured and a user account is set to expired, the expired user-account is still able to successfully log into Cobbler in all places (Web UI, CLI & XMLRPC-API).
The same applies to user accounts with passwords set to be expired.
Patches
There is a patch for the latest Cobbler 3.3.2 available, however a backport will be done for 3.2.x.
Workarounds
- Delete expired accounts which are able to access Cobbler via PAM.
- Use
chage -l <username>to lock the account. If the account has SSH-Keys attached then remove them completely.
References
- Originally discovered by @ysf at https://www.huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d/
How to test if my Cobbler instance is affected?
The following pytest test assumes that your PAM setup is correct. In case the added user is not able to login, this test does not make sense to be executed.
```python def test_pam_login_with_expired_user(): # Arrange # create pam testuser test_username = "expired_user" test_password = "password" test_api = CobblerAPI() subprocess_1 = subprocess.run( ["perl", "-e", "'print crypt(\"%s\", \"%s\")'" % (test_username, test_password)], stdout=subprocess.PIPE ) subprocess.run(["useradd", "-p", subprocess_1.stdout, test_username]) # change user to be expired subprocess.run(["chage", "-E0", test_username])
# Act
result = pam.authenticate(test_api, test_username, test_password)
# Assert - login should fail
assert not result
```
For more information
If you have any questions or comments about this advisory: * Open an issue in the Cobbler repository * Ask in the Gitter/Matrix Chat * Email us at cobbler.project@gmail.com
{ affected: [ { package: { ecosystem: "PyPI", name: "cobbler", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "3.3.2", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2022-0860", ], database_specific: { cwe_ids: [ "CWE-285", "CWE-863", ], github_reviewed: true, github_reviewed_at: "2022-03-11T20:52:04Z", nvd_published_at: "2022-03-11T13:15:00Z", severity: "MODERATE", }, details: "### Impact\n\nIf PAM is correctly configured and a user account is set to expired, the expired user-account is still able to successfully log into Cobbler in all places (Web UI, CLI & XMLRPC-API).\n\nThe same applies to user accounts with passwords set to be expired.\n\n### Patches\n\nThere is a patch for the latest Cobbler `3.3.2` available, however a backport will be done for `3.2.x`.\n\n### Workarounds\n\n- Delete expired accounts which are able to access Cobbler via PAM.\n- Use `chage -l <username>` to lock the account. If the account has SSH-Keys attached then remove them completely.\n\n### References\n\n- Originally discovered by @ysf at https://www.huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d/\n\n### How to test if my Cobbler instance is affected?\n\nThe following `pytest` test assumes that your PAM setup is correct. In case the added user is not able to login, this test does not make sense to be executed.\n\n```python\ndef test_pam_login_with_expired_user():\n # Arrange\n # create pam testuser\n test_username = \"expired_user\"\n test_password = \"password\"\n test_api = CobblerAPI()\n subprocess_1 = subprocess.run(\n [\"perl\", \"-e\", \"'print crypt(\\\"%s\\\", \\\"%s\\\")'\" % (test_username, test_password)],\n stdout=subprocess.PIPE\n )\n subprocess.run([\"useradd\", \"-p\", subprocess_1.stdout, test_username])\n # change user to be expired\n subprocess.run([\"chage\", \"-E0\", test_username])\n\n # Act\n result = pam.authenticate(test_api, test_username, test_password)\n\n # Assert - login should fail\n assert not result\n```\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [the Cobbler repository](https://github.com/cobbler/cobbler/issues/new/choose)\n* Ask in the [Gitter/Matrix Chat](https://gitter.im/cobbler/community)\n* Email us at [cobbler.project@gmail.com](mailto:cobbler.project@gmail.com)\n", id: "GHSA-mcg6-h362-cmq5", modified: "2024-11-18T16:26:19Z", published: "2022-03-11T20:52:04Z", references: [ { type: "WEB", url: "https://github.com/cobbler/cobbler/security/advisories/GHSA-mcg6-h362-cmq5", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-0860", }, { type: "WEB", url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-mcg6-h362-cmq5", }, { type: "PACKAGE", url: "https://github.com/cobbler/cobbler", }, { type: "WEB", url: "https://github.com/pypa/advisory-database/tree/main/vulns/cobbler/PYSEC-2022-177.yaml", }, { type: "WEB", url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY", }, { type: "WEB", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U", type: "CVSS_V4", }, ], summary: "Improper Authorization in cobbler", }
wid-sec-w-2022-1867
Vulnerability from csaf_certbund
Published
2022-03-13 23:00
Modified
2024-02-26 23:00
Summary
cobbler: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cobbler ist ein Linux Installationsserver, welcher die schnelle Einrichtung von Netzwerk-Installationsumgebungen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cobbler ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Cobbler ist ein Linux Installationsserver, welcher die schnelle Einrichtung von Netzwerk-Installationsumgebungen ermöglicht.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cobbler ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1867 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1867.json", }, { category: "self", summary: "WID-SEC-2022-1867 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1867", }, { category: "external", summary: "GitHub Advisory Database vom 2022-03-13", url: "https://github.com/advisories/GHSA-mcg6-h362-cmq5", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3750-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012690.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1832-1 vom 2023-05-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014723.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6475-1 vom 2023-11-15", url: "https://ubuntu.com/security/notices/USN-6475-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1831-1 vom 2024-02-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018015.html", }, ], source_lang: "en-US", title: "cobbler: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen", tracking: { current_release_date: "2024-02-26T23:00:00.000+00:00", generator: { date: "2024-08-15T17:37:08.166+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1867", initial_release_date: "2022-03-13T23:00:00.000+00:00", revision_history: [ { date: "2022-03-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-03-23T23:00:00.000+00:00", number: "2", summary: "Referenz(en) aufgenommen: FEDORA-2022-AD2B0AD61B, FEDORA-2022-224E71968F, FEDORA-2022-445EC90E7C", }, { date: "2022-10-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-04T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-11-14T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-02-26T23:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "6", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< 3.3.2", product: { name: "Open Source cobbler < 3.3.2", product_id: "T022320", }, }, ], category: "product_name", name: "cobbler", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0860", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in cobbler. Der Fehler besteht in der Möglichkeit, dass ein abgelaufenes Benutzerkonto immer noch in der Lage ist, sich an allen Stellen (Web UI, CLI & XMLRPC-API) erfolgreich anzumelden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.", }, ], product_status: { known_affected: [ "T002207", "T000126", ], }, release_date: "2022-03-13T23:00:00.000+00:00", title: "CVE-2022-0860", }, ], }
WID-SEC-W-2022-1867
Vulnerability from csaf_certbund
Published
2022-03-13 23:00
Modified
2024-02-26 23:00
Summary
cobbler: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cobbler ist ein Linux Installationsserver, welcher die schnelle Einrichtung von Netzwerk-Installationsumgebungen ermöglicht.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cobbler ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- UNIX
- Linux
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Cobbler ist ein Linux Installationsserver, welcher die schnelle Einrichtung von Netzwerk-Installationsumgebungen ermöglicht.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in cobbler ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", title: "Angriff", }, { category: "general", text: "- UNIX\n- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-1867 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1867.json", }, { category: "self", summary: "WID-SEC-2022-1867 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1867", }, { category: "external", summary: "GitHub Advisory Database vom 2022-03-13", url: "https://github.com/advisories/GHSA-mcg6-h362-cmq5", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:3750-1 vom 2022-10-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-October/012690.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1832-1 vom 2023-05-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014723.html", }, { category: "external", summary: "Ubuntu Security Notice USN-6475-1 vom 2023-11-15", url: "https://ubuntu.com/security/notices/USN-6475-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1831-1 vom 2024-02-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/018015.html", }, ], source_lang: "en-US", title: "cobbler: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen", tracking: { current_release_date: "2024-02-26T23:00:00.000+00:00", generator: { date: "2024-08-15T17:37:08.166+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-1867", initial_release_date: "2022-03-13T23:00:00.000+00:00", revision_history: [ { date: "2022-03-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-03-23T23:00:00.000+00:00", number: "2", summary: "Referenz(en) aufgenommen: FEDORA-2022-AD2B0AD61B, FEDORA-2022-224E71968F, FEDORA-2022-445EC90E7C", }, { date: "2022-10-26T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-04T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-11-14T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2024-02-26T23:00:00.000+00:00", number: "6", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "6", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< 3.3.2", product: { name: "Open Source cobbler < 3.3.2", product_id: "T022320", }, }, ], category: "product_name", name: "cobbler", }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0860", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in cobbler. Der Fehler besteht in der Möglichkeit, dass ein abgelaufenes Benutzerkonto immer noch in der Lage ist, sich an allen Stellen (Web UI, CLI & XMLRPC-API) erfolgreich anzumelden. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.", }, ], product_status: { known_affected: [ "T002207", "T000126", ], }, release_date: "2022-03-13T23:00:00.000+00:00", title: "CVE-2022-0860", }, ], }
fkie_cve-2022-0860
Vulnerability from fkie_nvd
Published
2022-03-11 13:15
Modified
2024-11-21 06:39
Severity ?
Summary
Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cobbler_project | cobbler | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*", matchCriteriaId: "17C04986-BDCA-44A7-8FF7-52E8A5BABFC9", versionEndExcluding: "3.3.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2.", }, { lang: "es", value: "Una Autorización Inapropiada en el repositorio GitHub cobbler/cobbler versiones anteriores a 3.3.2", }, ], id: "CVE-2022-0860", lastModified: "2024-11-21T06:39:32.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "security@huntr.dev", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-03-11T13:15:07.937", references: [ { source: "security@huntr.dev", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { source: "security@huntr.dev", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { source: "security@huntr.dev", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { source: "security@huntr.dev", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { source: "security@huntr.dev", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/", }, ], sourceIdentifier: "security@huntr.dev", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-285", }, ], source: "security@huntr.dev", type: "Primary", }, { description: [ { lang: "en", value: "CWE-863", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.