Overview

File _patchinfo of Package patchinfo.24610

<patchinfo incident="24610">
  <issue tracker="cve" id="2022-21952"/>
  <issue tracker="cve" id="2022-31248"/>
  <issue tracker="cve" id="2022-21724"/>
  <issue tracker="cve" id="2022-26520"/>
  <issue tracker="bnc" id="1198356">spacewalk-setup-cobbler contains wrong info for apache2 ref:_00D1igLOd._5001itAgUW:ref</issue>
  <issue tracker="bnc" id="1194447">sync of channel results in: TypeError: must be str, not float</issue>
  <issue tracker="bnc" id="1193032">Package lock mechanism UI is hard to use</issue>
  <issue tracker="bnc" id="1194909">Customer cannot register Push via Salt SSH using CLI, but working from the webUI.</issue>
  <issue tracker="bnc" id="1199142">Debian 11 reposync issue when using a mirror</issue>
  <issue tracker="bnc" id="1192850">/usr/share/susemanager/modules/pillar/suma_minion.py:373: YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated</issue>
  <issue tracker="bnc" id="1199528">Test VM does not appear on Traditional Virtualization Hosts in the UI and cannot be managed</issue>
  <issue tracker="bnc" id="1196702">We miss SUMA 4.3 Proxy in bootstrap repo definitions</issue>
  <issue tracker="bnc" id="1199677">Reactivation Salt SSH client as the minion</issue>
  <issue tracker="bnc" id="1190535">SES6: Customer is requesting a PTF fix for https://github.com/prometheus/node_exporter/issues/1892</issue>
  <issue tracker="bnc" id="1195561">VUL-0: CVE-2022-21724: postgresql-jdbc: unchecked class instantiation when loading plugins based on class names</issue>
  <issue tracker="bnc" id="1199512">VUL-0: CVE-2022-21952: SUMA unauthenticated remote DoS via resource exhaustion</issue>
  <issue tracker="bnc" id="1197488">L3-Question: mgr-sync refresh failing with 500 error</issue>
  <issue tracker="bnc" id="1189501">Salt DEBUG logging parsing IP addresses is confusing</issue>
  <issue tracker="bnc" id="1199149">Prometheus (in SLE) and Prometheus Exporter formula (All distros) failed to apply states in all SSH Minions</issue>
  <issue tracker="bnc" id="1197356">VUL-0: CVE-2022-26520: postgresql-jdbc: Arbitrary File Write Vulnerability</issue>
  <issue tracker="bnc" id="1196704">Reposync error for rhel8-epel-modular</issue>
  <issue tracker="bnc" id="1199888">Autoinstallation grub entries create unresolvable 'install=' URL for all Provisioning</issue>
  <issue tracker="bnc" id="1199036">provisioning through proxy with 'useonlinerepo' option does not use proxy FQDN for 'self_update'</issue>
  <issue tracker="bnc" id="1199629">VUL-0: CVE-2022-31248: SUMA user enumeration via weak error message</issue>
  <issue tracker="bnc" id="1194262">openscap fails on centos 7 because of wrong element</issue>
  <issue tracker="bnc" id="1193238">spacewalk-repo-sync --show-packages broken</issue>
  <issue tracker="bnc" id="1194594">Dealing with slightly missformated Metadata in vendor repository for Ubuntu/Debian</issue>
  <issue tracker="bnc" id="1197438">Can't create bootstrap repository for sle 15 sp4</issue>
  <issue tracker="bnc" id="1198686">Removal of multiple packages via SSM not successful although reported as successful</issue>
  <issue tracker="bnc" id="1196338">VUL-0: CVE-2022-21698: rook,golang-github-prometheus-alertmanager,golang-github-prometheus-node_exporter,golang-github-prometheus-prometheus: prometheus/client_golang: Denial of service using InstrumentHandlerCounter</issue>
  <issue tracker="bnc" id="1193707">Server Error whenever adding new products in the SUSE Manager WebUI</issue>
  <issue tracker="bnc" id="1182742">mgr-sync throws error when duplicate lines exist in rhn.conf</issue>
  <issue tracker="bnc" id="1196407">Mass configuration when converting from SLEPOS to SUSE manager for Retail</issue>
  <issue tracker="bnc" id="1198221">sles 15 sp3 minion does not bootstrap without bundle</issue>
  <issue tracker="bnc" id="1198914">A Config State version compare leads to Permission Error</issue>
  <issue tracker="bnc" id="1197429">auto patch corrupts minion patch state when activated for non patched minions in SSM</issue>
  <packager>jordimassaguerpla</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Recommended update for SUSE Manager 4.1.15 Release Notes</summary>
  <description>This update for SUSE Manager 4.1.15 Release Notes provides the following additions:

Release notes for SUSE Manager:

- Update to 4.1.15
  * Salt has been upgraded to 3004 version
  * Grafana has been upgraded to 8.3.5
  * Postgres exporter has been upgraded to 0.10.0
  * Alertmanager has been upgraded to 0.23.0
  * Node exporter has been upgraded 1.3.0
  * CVEs fixed: CVE-2022-21724, CVE-2022-21952, CVE-2022-31248, CVE-2022-26520
  * Bugs mentioned:
    bsc#1182742, bsc#1189501, bsc#1190535, bsc#1192850, bsc#1193032
    bsc#1193238, bsc#1193707, bsc#1194262, bsc#1194447, bsc#1194594
    bsc#1194909, bsc#1195561, bsc#1196338, bsc#1196407, bsc#1196702
    bsc#1196704, bsc#1197356, bsc#1197429, bsc#1197438, bsc#1197488
    bsc#1198221, bsc#1198356, bsc#1198686, bsc#1198914, bsc#1199036
    bsc#1199142, bsc#1199149, bsc#1199512, bsc#1199528, bsc#1199629
    bsc#1199677, bsc#1199888

Release notes for SUSE Manager proxy:

- Update to 4.1.15
  * Salt has been upgraded to 3004 version
  * Bugs mentioned:
    bsc#1190535, bsc#1193238, bsc#1194447, bsc#1194594, bsc#1194909
    bsc#1196338, bsc#1196704, bsc#1199142, bsc#1199528
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places