File _patchinfo of Package patchinfo.26662
<patchinfo incident="26662">
<issue tracker="cve" id="2022-43754"/>
<issue tracker="cve" id="2022-43753"/>
<issue tracker="cve" id="2022-31255"/>
<issue tracker="bnc" id="1204203">'--allow-vendor-changes' parameter is not passed as expected to salt minions</issue>
<issue tracker="bnc" id="1203599">some go packages fail to build afvter go1.18 -> 1.19 transition</issue>
<issue tracker="bnc" id="1203406">Salt formula Locale failing due to a wrong value</issue>
<issue tracker="bnc" id="1204716">VUL-0: EMBARGOED: CVE-2022-43753: SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload</issue>
<issue tracker="bnc" id="1202167">SALT: highstate fails in TEST mode for specific states (without TEST works correctly)</issue>
<issue tracker="bnc" id="1201788">reposync takes much longer if not run in interactive terminal</issue>
<issue tracker="bnc" id="1203283">spacecmd in debug mode always finishes with "Undefined return code"</issue>
<issue tracker="bnc" id="1202785">ISSv2 import failing for CLM channels after adding new sources in project</issue>
<issue tracker="bnc" id="1203611">Null Pointer Exception during hardware list refresh in function getDnsFqdns() when onboarding CentOS SSH minion</issue>
<issue tracker="bnc" id="1203564">spacewalk-hostname-rename fails to find /etc/cobbler/settings</issue>
<issue tracker="bnc" id="1204146">Bootstrap repo build does not include venv-salt-minion (mgr-create-bootstrap-repo)</issue>
<issue tracker="bnc" id="1203898">404 errors after applying latest patches.</issue>
<issue tracker="bnc" id="1202729">unable to connect a pay-as-you-go instance in admin => setup wizard => pay-as-you-go... Error getting instance data: CA file</issue>
<issue tracker="bnc" id="1204741">VUL-0: EMBARGOED: CVE-2022-43754: SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do</issue>
<issue tracker="bnc" id="1204543">VUL-0: EMBARGOED: CVE-2022-31255: SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction</issue>
<issue tracker="bnc" id="1199726">Hardware page shows only shows multicast DNS domain as FQDN</issue>
<issue tracker="bnc" id="1200596">Installation of monitoring formula occasionally fails within the automatic client deployment</issue>
<issue tracker="bnc" id="1195624">Wrong virtualization type returned for EC2 VMs</issue>
<issue tracker="bnc" id="1197724">Newly added System Group can not be used to target salt-minions</issue>
<issue tracker="bnc" id="1203422">Enable/disable Troubleshooting Notifications</issue>
<issue tracker="bnc" id="1201059">SUSE Manager database password captured in clear text by several supportconfig plugins</issue>
<packager>juliogonzalezgil</packager>
<rating>critical</rating>
<category>security</category>
<summary>Security update for release-notes-susemanager, release-notes-susemanager-proxy</summary>
<description>This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:
Release notes for SUSE Manager:
- Update to SUSE Manager 4.2.10
* Apache exporter has been upgraded to version 0.11.0
* CVEs fixed:
CVE-2022-43753, CVE-2022-43754, CVE-2022-31255
* Bugs mentioned:
bsc#1195624, bsc#1197724, bsc#1199726, bsc#1200596, bsc#1201059
bsc#1201788, bsc#1202167, bsc#1202729, bsc#1202785, bsc#1203283
bsc#1203406, bsc#1203422, bsc#1203564, bsc#1203599, bsc#1203611
bsc#1203898, bsc#1204146, bsc#1204203, bsc#1195624, bsc#1197724
bsc#1199726, bsc#1200596, bsc#1201059, bsc#1201788, bsc#1202167
bsc#1202729, bsc#1202785, bsc#1203283, bsc#1203406, bsc#1203422
bsc#1203564, bsc#1203599, bsc#1203611, bsc#1203898, bsc#1204146
bsc#1204716, bsc#1204741, bsc#1204543
Release notes for SUSE Manager Proxy:
- Update to SUSE Manager 4.2.10
* Bugs mentioned:
bsc#1201059, bsc#1201788, bsc#1203283
</description>
</patchinfo>