Security update for rmt-server
This update for rmt-server to version 2.5.2 fixes the following issues:
Security issue fixed:
- CVE-2019-18904: Fixed a denial of service in the offline migration (bsc#1160922).
Non-security issue fixed:
- Relaxed systemd units dependencies (bsc#1160673)
- Added more verbose error reporting for SCC API errors (bsc#1157119)
- Fixed system listing when architecture is not well referenced (bsc#1141122)
This update was imported from the SUSE:SLE-15-SP1:Update update project.
-
Submitted by
Jens Mammen (jmammen)
Fixed bugs
bnc#1157119
[RMT] There are some errors when sync from SCC
bnc#1141122
`rmt-cli systems list` dies with traceback
bnc#1160673
systemd unit dependencies are too strict
bnc#1160922
VUL-0: CVE-2019-18904: rmt: Offline migrations endpoint eats up all of the CPU
