File _patchinfo of Package patchinfo.26662

<patchinfo incident="26662">
  <issue tracker="cve" id="2022-43754"/>
  <issue tracker="cve" id="2022-43753"/>
  <issue tracker="cve" id="2022-31255"/>
  <issue tracker="bnc" id="1204203">'--allow-vendor-changes' parameter is not passed as expected to salt minions</issue>
  <issue tracker="bnc" id="1203599">some go packages fail to build afvter go1.18 -&gt; 1.19 transition</issue>
  <issue tracker="bnc" id="1203406">Salt formula Locale failing due to a wrong value</issue>
  <issue tracker="bnc" id="1204716">VUL-0: EMBARGOED: CVE-2022-43753: SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload</issue>
  <issue tracker="bnc" id="1202167">SALT: highstate fails in TEST mode for specific states (without TEST works correctly)</issue>
  <issue tracker="bnc" id="1201788">reposync takes much longer if not run in interactive terminal</issue>
  <issue tracker="bnc" id="1203283">spacecmd in debug mode always finishes with "Undefined return code"</issue>
  <issue tracker="bnc" id="1202785">ISSv2 import failing for CLM channels after adding new sources in project</issue>
  <issue tracker="bnc" id="1203611">Null Pointer Exception during hardware list refresh in function getDnsFqdns()  when onboarding CentOS SSH minion</issue>
  <issue tracker="bnc" id="1203564">spacewalk-hostname-rename fails to find /etc/cobbler/settings</issue>
  <issue tracker="bnc" id="1204146">Bootstrap repo build does not include venv-salt-minion (mgr-create-bootstrap-repo)</issue>
  <issue tracker="bnc" id="1203898">404 errors after applying latest patches.</issue>
  <issue tracker="bnc" id="1202729">unable to connect a pay-as-you-go instance in admin =&gt; setup wizard =&gt; pay-as-you-go... Error getting instance data: CA file</issue>
  <issue tracker="bnc" id="1204741">VUL-0: EMBARGOED: CVE-2022-43754: SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do</issue>
  <issue tracker="bnc" id="1204543">VUL-0: EMBARGOED: CVE-2022-31255: SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction</issue>
  <issue tracker="bnc" id="1199726">Hardware page shows only shows multicast DNS domain as FQDN</issue>
  <issue tracker="bnc" id="1200596">Installation of monitoring formula occasionally fails within the automatic client deployment</issue>
  <issue tracker="bnc" id="1195624">Wrong virtualization type returned for EC2 VMs</issue>
  <issue tracker="bnc" id="1197724">Newly added System Group can not be used to target salt-minions</issue>
  <issue tracker="bnc" id="1203422">Enable/disable Troubleshooting Notifications</issue>
  <issue tracker="bnc" id="1201059">SUSE Manager database password  captured in clear text by several supportconfig plugins</issue>
  <packager>juliogonzalezgil</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for release-notes-susemanager, release-notes-susemanager-proxy</summary>
  <description>This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues:

Release notes for SUSE Manager:

- Update to SUSE Manager 4.2.10
  * Apache exporter has been upgraded to version 0.11.0
  * CVEs fixed: 
    CVE-2022-43753, CVE-2022-43754, CVE-2022-31255
  * Bugs mentioned:
    bsc#1195624, bsc#1197724, bsc#1199726, bsc#1200596, bsc#1201059
    bsc#1201788, bsc#1202167, bsc#1202729, bsc#1202785, bsc#1203283
    bsc#1203406, bsc#1203422, bsc#1203564, bsc#1203599, bsc#1203611
    bsc#1203898, bsc#1204146, bsc#1204203, bsc#1195624, bsc#1197724
    bsc#1199726, bsc#1200596, bsc#1201059, bsc#1201788, bsc#1202167
    bsc#1202729, bsc#1202785, bsc#1203283, bsc#1203406, bsc#1203422
    bsc#1203564, bsc#1203599, bsc#1203611, bsc#1203898, bsc#1204146
    bsc#1204716, bsc#1204741, bsc#1204543

Release notes for SUSE Manager Proxy:

- Update to SUSE Manager 4.2.10
  * Bugs mentioned: 
    bsc#1201059, bsc#1201788, bsc#1203283
</description>
</patchinfo>
openSUSE Build Service is sponsored by