Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP2:Update
patchinfo.15495
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.15495
<patchinfo incident="15495"> <issue tracker="bnc" id="1169207">logrotate drop-in config fails to restart cobblerd</issue> <issue tracker="bnc" id="722445">perl-Bootloader uses quotes in the boot field to break autoinstall</issue> <issue tracker="bnc" id="1128754">Error calling cobbler (invalid token)</issue> <issue tracker="bnc" id="763610">VUL-0: CVE-2012-2395: cobbler: remote code execution flaw</issue> <issue tracker="bnc" id="1151875">Error in Autoinstallation Profiles after Upgrade SUSE Manager 3.2 to SUSE Manager 4.0.2</issue> <issue tracker="bnc" id="671212">rccobblerd symlink missing</issue> <issue tracker="bnc" id="796773">cobbler autoescape feature destroy GPG keys included in kickstart profiles</issue> <issue tracker="bnc" id="986978">pxe tftp install of sles12sp1 on suse manager is not working. /images/sles12sp1ppc64_1_SUSE/linux: Not a valid ELF image</issue> <issue tracker="bnc" id="1134588">cobbler profile rename throws traceback</issue> <issue tracker="bnc" id="973418">cobbler check and cobbler get-loaders fails with multiple errors</issue> <issue tracker="bnc" id="976826">cobbler does not rotate logfiles</issue> <issue tracker="bnc" id="969538">build-compare: cobbler contains build time</issue> <issue tracker="bnc" id="811025">install para virt XEN using python-virtinst does not change bootloader after install</issue> <issue tracker="bnc" id="722443">perl-Bootloader replaces initrd making booting to old install broken</issue> <issue tracker="bnc" id="1169779">/var/lib/cobbler/snippets/pre_install_network_config causes errors during "cobbler system get-autoinstall" ref:_00D1igLOd._5001iN6U8r:ref</issue> <issue tracker="bnc" id="1128926">Error in cobbler tasks log related to non-existing /etc/genders file</issue> <issue tracker="bnc" id="924118">provivision of a VM on sle12 XEN host fails</issue> <issue tracker="bnc" id="1149075">Autoyast and kickstart profiles gone after postgresql migration to v10 and SP upgrade from SP3 to SP4</issue> <issue tracker="bnc" id="1090205">Autoinstallation error</issue> <issue tracker="bnc" id="1075014">Cobbler import of SLES 15 iso is failing</issue> <issue tracker="bnc" id="1104190">VUL-0: cobbler: Incorrect Authentication</issue> <issue tracker="bnc" id="952844">TP1: Cobbler installation error</issue> <issue tracker="bnc" id="846580">Cobbler man page has wrong parameter for --ip</issue> <issue tracker="bnc" id="1159010">SUMA 4.0 cobbler import ubuntu-18.04-bionic-x86_64 fail [ ref:_00D1igLOd._5001iIwxfw:ref ] ref:_00D1igLOd._5001iLhl2M:ref</issue> <issue tracker="bnc" id="1101670">cobbler buildiso: kernel options are rendered in wrong format</issue> <issue tracker="bnc" id="1170462">Cobbler mechanism for engine selection broken [ ref:_00D1igLOd._5001iOBGFy:ref ]</issue> <issue tracker="bnc" id="1074594">VUL-0: CVE-2017-1000469: cobbler: command injection vulnerability in the "add repo" component</issue> <issue tracker="bnc" id="687891">Change Cobbler s390x default kernel settings to SUSE ones</issue> <issue tracker="bnc" id="1048183">[Autoinstallation Xen] autoinstallation from ISO seems to start a PXE provisioning instead</issue> <issue tracker="bnc" id="869371">Rendering problems of Cheetah template</issue> <issue tracker="bnc" id="660126">allows remote authenticated administrators to execute arbitrary code</issue> <issue tracker="bnc" id="984998">regression: cobbler setting wrong kernel option for textmode</issue> <issue tracker="bnc" id="812948">unable to deploy a new AutoYAST image to a SLES10 SP4 server</issue> <issue tracker="bnc" id="1081739">[TRACKER BUG] Remove wodim from SLE-15</issue> <issue tracker="bnc" id="714618">cobbler: use of /var/lock/subsys unsupported</issue> <issue tracker="bnc" id="966622">Autoinstallation of ppc</issue> <issue tracker="bnc" id="1020376">cobbler/atftpd not working with uefi</issue> <issue tracker="bnc" id="973413">Cobbler Buildiso has wrong install= parm in isolinux.cfg</issue> <issue tracker="bnc" id="988889">LOCALBOOT not working in cobbler for systems with grub2</issue> <issue tracker="bnc" id="695955">Virtual systems don't get restarted on restart of host</issue> <issue tracker="bnc" id="1169553">Fail to delete client - follow up issue regarding "managers.isc vs manage_isc" ref:_00D1igLOd._5001iN679m:ref</issue> <issue tracker="bnc" id="969541">Creating VM, provisioning of a virtual machine failed Koan error.: unsupported format character with SLES 12 SP1 KVM Host</issue> <issue tracker="bnc" id="1104189">VUL-0: cobbler: Persistent XSS</issue> <issue tracker="bnc" id="968406">Autoinstallation of ppc</issue> <issue tracker="bnc" id="783671">grubby-compat searched at the wrong place</issue> <issue tracker="bnc" id="1081714">cobbler sync fails sporadically when run after a cobbler system add</issue> <issue tracker="bnc" id="790545">script within <ask> -> There are errors in your autoinstallation template</issue> <issue tracker="bnc" id="1029276">Autoinstallation Snippets: cheetah template networking.xml iteration failure</issue> <issue tracker="bnc" id="1113747">cobbler logs are not being lograted</issue> <issue tracker="bnc" id="1104287">VUL-1: CVE-2018-10931: cobbler: CobblerXMLRPCInterface exports all its methods over XMLRPC</issue> <issue tracker="bnc" id="956264">cobbler_web apache config uses old syntax</issue> <issue tracker="bnc" id="967523">Kickstart fails with Koan error: command failed (1) with SLES 12 SP1 XEN Host</issue> <issue tracker="bnc" id="980577">"cobbler get-loaders" doesn't resolve www.clobberd.org</issue> <issue tracker="bnc" id="966841">"systemctl status cobblerd.service" is giving an error, but cobbler works</issue> <issue tracker="bnc" id="757062">VUL-0: CVE-2011-4953: cobbler: privilege escalation flaw / local root</issue> <issue tracker="bnc" id="682665">can not create i386 virtual machines on x86_64</issue> <issue tracker="bnc" id="1130658">ISE from IPMI settings saved on latest 3.1.11 MU</issue> <issue tracker="bnc" id="1105440">VUL-0: CVE-2018-1000226: cobbler: contains a Incorrect Access Control vulnerability in XMLRPC api</issue> <issue tracker="bnc" id="672471">Replace 'grubby' with call to perl-Bootloader</issue> <issue tracker="bnc" id="1156574">cobbler buildiso fails with error missing class</issue> <issue tracker="bnc" id="1097733">Running cobbler sync creates a broken symlink</issue> <issue tracker="bnc" id="842699">Cobbler doesn't provide subnet within autoinstall variable</issue> <issue tracker="bnc" id="884051">Releasing syslinux-x86_64 on SLES 11-SP3 s390x</issue> <issue tracker="bnc" id="1105442">VUL-0: CVE-2018-1000225: cobbler: vulnerable contains a Cross Site Scripting (XSS) vulnerability in cobbler-web</issue> <issue tracker="cve" id="2018-1000226"/> <issue tracker="cve" id="2018-10931"/> <issue tracker="cve" id="2012-2395"/> <issue tracker="cve" id="2017-1000469"/> <issue tracker="cve" id="2011-4953"/> <issue tracker="cve" id="2018-1000225"/> <issue tracker="fate" id="312397"/> <packager>SchoolGuy</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for cobbler</summary> <description>This update for cobbler fixes the following issues: - Add cobbler-tests subpackage for unit testing for openSUSE/SLE - Adds LoadModule definitions for openSUSE/SLE - Switch to new refactored auth module. - use systemctl to restart cobblerd on logfile rotation (boo#1169207) Mainline logrotate conf file uses already /sbin/service instead of outdated: /etc/init.d/cobblerd - Fix cobbler sync for DHCP or DNS (boo#1169553) Fixed mainline by commit 2d6cfe42da - Signatures file now uses "default_autoinstall" which fixes import problem happening with some distributions (boo#1159010) - Fix for kernel and initrd detection (boo#1159010) - New: * For the distro there is now a parameter remote_boot_initrd and remote_boot_kernel () * For the profile there is now a parameter filename for DHCP. (#2280) * Signatures for ESXi 6 and 7 (#2308) * The hardlink command is now detected more dynamically and thus more error resistant (#2297) * HTTPBoot will now work in some cases out of the bug. (#2295) * Additional DNS query for a case where the wrong record was queried in the nsupdate system case (#2285) - Changes: * Enabled a lot of tests, removed some and implemented new. (#2202) * Removed not used files from the codebase. (#2302) * Exchanged mkisofs to xorrisofs. (#2296) * Removed duplicate code. (#2224) * Removed unreachable code. (#2223) * Snippet creation and deletion now works again via xmlrpc. (#2244) * Replace createrepo with createrepo_c. (#2266) * Enable Kerberos through having a case sensitive users.conf. (#2272) - Bugfixes: * General various Bugfixes (#2331, ) * Makefile usage and commands. (#2344, #2304) * Fix the dhcp template. (#2314) * Creation of the management classes and gPXE. (#2310) * Fix the scm_track module. (#2275, #2279) * Fix passing the netdevice parameter correctly to the linuxrc. (#2263) * powerstatus from cobbler now works thanks to a wrapper for ipmitool. (#2267) * In case the LDAP is used for auth, it now works with ADs. (#2274) * Fix passthru authentication. (#2271) - Other: * Add Codecov. (#2229) * Documentation updates. (#2333, #2326, #2305, #2249, #2268) * Buildprocess: * Recreation and cleanup of Grub2. (#2278) * Fix small errors for openSUSE Leap. (#2233) * Fix rpmlint errors. (#2237) * Maximum compatibility for debbuild package creation. (#2255, #2292, #2242, #2300) * Fixes related to our CI Pipeline (#2254, #2269) * Internal Code cleanup (#2273, #2270) - Breaking Changes: * Hash handling in users.digest file. (#2299) - Updated to version 3.1.1. * Introduce new packaging from upstream * Changelog see below - New: * We are now having a cross-distro specfile which can be build in the OBS (#2220) - before rewritten it was improved by #2144 & #2174 * Grub Submenu for net-booting machines (#2217) * Building the Cent-OS RPMs in Docker (#2190 #2189) * Reintroduced manpage build in setup.py (#2185) * mgmt_parameters are now passed to the dhcp template (#2182) * Using the standard Pyhton3 logger instead of a custom one (#2160 #2139 #2151) * Script for converting the settings file from 3.0.0 to 3.0.1 (#2154) * Docs now inside the repo instead of cobbler.github.io and improved with sphinx (#2117) - Changes: * The default tftpboot directory is now /var/lib/tftpboot instead of previously /srv/tftpboot (#2220) * Distro signatures were adjusted where necessary (#2219 #2134) * Removed requirements.txt and placed the requirements in setup.py (#2204) * Display only entries in grub which are from the same arch (#2191 #2216) * Change the name of the cobbler manpage form cobbler-cli to cobbler back and move it to section 8 (#2188 #2186) - Bugfixes: * Incremented Version to 3.1.1 from 3.0.1 * S390 Support was cleaned up (#2207 #2178) * PowerPC Support was cleaned up (#2178) * Added a missing import while importing a distro with cobbler import (#2201) * Fixed a case where a stacktrace would be produced so pass none instead (#2203) * Rename of suse_kopts_textmode_overwrite to kops_overwrite to utils (#2143 #2200) * Fix rsync subprocess call (#2199 #2179) * Fixed an error where the template rendering did not work (#2176) * Fixed some cobbler import errors (#2172) * Wrong shebang in various scripts (#2148) * Fix some imports which fixes errors introduced by the remodularization (#2150 #2153) - Other: * Issue Templates for Github (#2187) - Update to latest git HEAD code base This version (from mainline so for quite a while already) also includes fixes for "boo#1149075" and boo#1151875 - Fix for cobbler import and buildiso (boo#1156574) - Adjusted manpage creation (needs sphinx as BuildRequires) - Fix cobbler sync for dhcp and dns enabled due to latest module renaming patches - Update to latest git HEAD - Fixes permission denied in apache2 context when trying to write cobbler log - Fixes a bad import in import_signature (item) - Fixes bad shebang bash path in mkgrub.sh (used in post section) - Now track Github master branch WARNING: This release contains breaking changes for your settings file! * Notable changes: - Now using standard python logger - Updated dhcpd.template - Removed fix_shebang.patch: now in upstream. - added -s parameter to fdupes call to prevent hardlink across partititons - Update to latest v3.0.0 cobbler release - Add previouly added patch: exclude_get-loaders_command.patch to the list of patches to apply. - Fix log file world readable (as suggested by Matthias Gerstner) and change file attributes via attr in spec file - Do not allow get-loaders command (download of third party provided network boot loaders we do not trust) - Mainline fixes: 3172d1df9b9cc8 Add missing help text in redhat_management_key field c8f5490e507a72 Set default interface if cobbler system add has no --interface= param 31a1aa31d26c4a Remove apache IfVersion tags from apache configs - Integrated fixes that came in from mainline from other products (to calm down obs regression checker): CVE-2011-4953, fate#312397, boo#660126, boo#671212, boo#672471, boo#682665 boo#687891, boo#695955, boo#722443, boo#722445, boo#757062, boo#763610 boo#783671, boo#790545, boo#796773, boo#811025, boo#812948, boo#842699 boo#846580, boo#869371, boo#884051, boo#976826, boo#984998 Some older bugs need boo# references as well: boo#660126, boo#671212, boo#672471, boo#682665 boo#687891, boo#695955, boo#722443, boo#722445, boo#757062, boo#763610 boo#783671, boo#790545, boo#796773, boo#811025, boo#812948, boo#842699 boo#846580, boo#869371, boo#884051 - Fix for redhat_management_key not being listed as a choice during profile rename (boo#1134588) - Added: * rhn-mngmnt-key-field-fix.diff - Fixes distribution detection in setup.py for SLESo - Added: * changes-detection-to-distro-like-for-suse-distributions.diff - Moving to pytest and adding Docker test integration - Added: * add-docker-integration-testing.diff * refactor-unittest-to-pytest.diff - Additional compatability changes for old Koan versions. - Modified: * renamed-methods-alias-part2.patch - Old Koan versions not only need method aliases, but also need compatible responses - Added: * renamed-methods-alias-part2.patch - Add the redhat_managment_* fields again to enable templating in SUMA. - Added: * revert-redhat-management-removal.patch - Changes return of last_modified_time RPC to float - Added: * changes-return-to-float.diff - provide old name aliases for all renamed methods: - get_distro_for_koan => get_distro_as_rendered - get_profile_for_koan => get_profile_as_rendered - get_system_for_koan => get_system_as_rendered - get_repo_for_koan => get_repo_as_rendered - get_image_for_koan => get_image_as_rendered - get_mgmtclass_for_koan => get_mgmtclass_as_rendered - get_package_for_koan => get_package_as_rendered - get_file_for_koan => get_file_as_rendered - Renamed: get_system_for_koan.patch => renamed-methods-alias.patch - provide renamed method "get_system_for_koan" under old name for old clients. - Added: * get_system_for_koan.patch - Bring back power_system method in the XML-RPC API - Changed lanplus option to lanplus=true in fence_ipmitool.template - Added: * power_system_xmlrpc_api.patch - Changed: * fence_ipmitool.template - Disables nsupdate_enabled by default - Added: * disable_nsupdate_enabled_by_default.diff - Fixes issue in distribution detection with "lower" function call. - Modified: * remodeled-distro-detection.diff - Adds imporoved distribution detection. Since now all base products get detected correctly, we no longer need the SUSE Manager patch. - Added: * remodeled-distro-detection.diff - fix grub directory layout - Added: * create-system-directory-at-the-correct-place.patch - fix HTTP status code of XMLRPC service - Added: * fix-http-status-code.patch - touch /etc/genders when it not exists (boo#1128926) - Add patches to fix logging - Added: * return-the-name-of-the-unknown-method.patch * call-with-logger-where-possible.patch - Switching version schema from 3.0 to 3.0.0 - Fixes case where distribution detection returns None (boo#1130658) - Added: * fixes-distro-none-case.diff - Removes newline from token, which caused authentication error (boo#1128754) - Added: * remove-newline-from-token.diff - Added a patch which fixes an exception when login in with a non-root user. - Added: * fix-login-error.patch - Added a patch which fixes an exception when login in with a non-root user. - Added: * fix-login-error.patch - Remove patch merged at upstream: * 0001-return-token-as-string.patch - change grub2-x86_64-efi dependency to Recommends - grub2-i386pc is not really required. Changed to recommended to allow building for architectures other than x86_64 - Use cdrtools starting with SLE-15 and Leap-15 again. (boo#1081739) - Update cobbler loaders server hostname (boo#980577) - Update outdated apache config (boo#956264) - Replace builddate with changelog date to fix build-compare (boo#969538) - LOCKFILE usage removed on openSUSE (boo#714618) - Power management subsystem completely re-worked to prevent command-injection (CVE-2012-2395) - Removed patch merged at upstream: * cobblerd_needs_apache2_service_started.patch - Checking bug fixes of released products are in latest develop pkg: - remove fix-nameserver-search.fix; bug is invalid (boo#1029276) -> not needed anymore - fix cobbler yaboot handling (boo#968406, boo#966622) -> no yaboot support anymore - support UEFI boot with cobbler generated tftp tree (boo#1020376) -> upstream - Enabling PXE grub2 support for PowerPC (boo#986978) -> We have grub2 support for ppc64le - (boo#1048183) fix missing args and location for xen -> is in - no koan support anymore: boo#969541, boo#924118, boo#967523 - not installed (boo#966841) works. - These still have to be looked at: SUSE system as systemd only (boo#952844) handle list value for kernel options correctly (boo#973413) entry in pxe menu (boo#988889) - This still has to be switched off (at least in internal cobbler versions): Disabling 'get-loaders' command and 'check' fixed. boo#973418 - Add explicity require to tftp, so it is used for both SLE and openSUSE (originally from jgonzalez@suse.com) - Moved Recommends according to spec_cleaner - Require latest apache2-mod_wsgi-python3 package This fixes interface to http://localhost/cblr/svc/... - Use latest github cobbler/cobbler master branch in _service file - cobblerd_needs_apache2_service_started.patch reverted, that is mainline now: - Only recommend grub2-arm and grub2-ppc packages or we might not be able to build on factory where arm/ppc might not be built - Remove genders package requires. A genders file is generated, but we do not need/use the genders package. - Update to latest cobbler version 3.0 mainline git HEAD version and remove already integrated or not needed anymore patches. - Serial console support added, did some testing already Things should start to work as expected - Add general grub2 support - Put mkgrub.* into mkgrub.sh - Add git date and commit to version string for now - Add grub2 mkimage scripts: mkgrub.i386-pc mkgrub.powerpc-ieee1275 mkgrub.x86_64-efi mkgrub.arm64-efi and generate grub executables with them in the %post section - build server wants explicite package in BuildRequires; use tftp - require tftp(server) instead of atftp - cleanup: cobbler is noarch, so arch specific requires do not make sense - SLES15 is using /etc/os-release instead of /etc/SuSE-release, use this one for checking also - add sles15 distro profile (boo#1090205) - fix signature for SLES15 (boo#1075014) - fix signature for SLES15 (boo#1075014) - fix koan wait parameter initialization - Fix koan shebang - Escape shell parameters provided by the user for the reposync action (CVE-2017-1000469) (boo#1074594) - detect if there is already another instance of "cobbler sync" running and exit with failure if so (boo#1081714) - do not try to hardlink to a symlink. The result will be a dangling symlink in the general case (boo#1097733) - fix service restart after logrotate for cobblerd (boo#1113747) - rotate cobbler logs at higher frequency to prevent disk fillup (boo#1113747) - Forbid exposure of private methods in the API (CVE-2018-10931) (CVE-2018-1000225) (boo#1104287) (boo#1104189) (boo#1105442) - Check access token when calling 'modify_setting' API endpoint (boo#1104190) (boo#1105440) (CVE-2018-1000226) This update was imported from the openSUSE:Leap:15.2:Update update project.</description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor