Security update for autoyast2
This update for autoyast2 to version 4.1.15 fixes the following issues:
Security issue fixed:
- CVE-2019-18905: Removed all "--gpg-auto-import-keys" options from zypper commands (bsc#1140711).
Non-security issue fixed:
- Fix desktop files updating some icons and groups (bsc#1168123).
- Restored some missing icons (bsc#1168123, bsc#1109310 and bsc#1168281).
- Service for init scripts: Try to start "network-online.target"
before starting the autoyast init scripts in order to get a working
network (bsc#1164105).
- Always re-probe storage after pre-scripts (bsc#1170082, bsc#1133045).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
-
Submitted by
Steffen Winterfeldt (snwint)
Fixed bugs
bnc#1170082
L3: Autoyast fails when on root is on iSCSI
bnc#1133045
autoyast with multipath friendly names installation fails throwing exception
bnc#1164105
L3: Autoyast executes init-scripts before Network is ready - ref:_00D1igLOd._5001iKL00A:ref
bnc#1140711
VUL-1: CVE-2019-18905: autoyast2: insecure use of --gpg-auto-import-keys?
bnc#1109310
Install yast icons with module, instead of yast-theme
bnc#1168281
Some missing icons
bnc#1168123
L3: yast -> autoyast, missing icons for the Software, Hardware, Systems, Security and Users, and Misc Groups
