Overview

File _patchinfo of Package patchinfo.35962

<patchinfo incident="35962">
  <category>security</category>
  <rating>critical</rating>
  <packager>deneb_alpha</packager>
  <summary>Maintenance update for SUSE Manager 4.3 Release Notes</summary>
  <description>Maintenance update for SUSE Manager 4.3 Release Notes:

This is a codestream only update
</description>
  <releasetarget project="SUSE:SLE-15-SP4:Update"/>
  <issue tracker="ijsc" id="MSQA-863"/>
  <issue tracker="bnc" id="1146701">"spacecmd system_listevents" unhandled internal exception</issue>
  <issue tracker="bnc" id="1211899">Support SUSE Manager Server Product in mgr bootstrap script when we are in a SUMA Hub Setup</issue>
  <issue tracker="bnc" id="1212985">FileNotFoundError: [Errno 2] No such file or directory: '/var/run/salt-minion.pid'</issue>
  <issue tracker="bnc" id="1217003">Attempts to sync suse-packagehub-15-sp5-backports-pool-x86_64 fail because of gpgkey</issue>
  <issue tracker="bnc" id="1217338">Required network ports documentation changes</issue>
  <issue tracker="bnc" id="1217978">In case of updating salt packages the software profile refresh could fail</issue>
  <issue tracker="bnc" id="1218090">Wrong OS minor number in table 1 on the openSUSE Leap Clients page</issue>
  <issue tracker="bnc" id="1219450">Cobbler operations (API calls) are slow</issue>
  <issue tracker="bnc" id="1219645">Cobbler doesn't remove system profile after Autoinstallation</issue>
  <issue tracker="bnc" id="1219887">Cobbler not functional in 5.0 beta 1</issue>
  <issue tracker="bnc" id="1221435">Documentation Lacks Warning about PackageHub on SUMA</issue>
  <issue tracker="bnc" id="1221505">ISS (version 1) is syncing channels much slower than normal in a particular region</issue>
  <issue tracker="bnc" id="1223312">Clients can not be deleted from SUSE Manager</issue>
  <issue tracker="bnc" id="1223988">The "GPG key URL" is hardcoded and does not work via proxy clients</issue>
  <issue tracker="bnc" id="1224108">'system_checkin_threshold' not found within the satellite configuration error on Sytems Overview page</issue>
  <issue tracker="bnc" id="1224209">Unable to attempt a Product migration on minions having unused, not up-to-date, OS Salt packages installed</issue>
  <issue tracker="bnc" id="1225603">Salt Bootstrapping from UI and CLI: Errors while script generating &amp; executing on multiple environments.</issue>
  <issue tracker="bnc" id="1225619">Promote within the CLM project takes longer than 24 hours for 12sp5 channels</issue>
  <issue tracker="bnc" id="1225960">Repo sync of Ubuntu repos runs forever</issue>
  <issue tracker="bnc" id="1226090">Cloud detection via salt grains not working anymore in AWS</issue>
  <issue tracker="bnc" id="1226439">vmlinuz can not be found within the tree during the autoinstallation</issue>
  <issue tracker="bnc" id="1226461">Migration 12SP5 =&gt; 15SPx fails due to duplicate IP addresses reported by cobbler</issue>
  <issue tracker="bnc" id="1226478">Failing task "Update Reporting Default" / "mgr-update-reporting-bunch"</issue>
  <issue tracker="bnc" id="1226687">Outdated info about AppStreams in CLM</issue>
  <issue tracker="bnc" id="1226917">When using SSM to add Live Patching the "confirm" button is red and cannot be selected</issue>
  <issue tracker="bnc" id="1227133">CentOS 7 with SLL7: Package List Refresh always fails</issue>
  <issue tracker="bnc" id="1227334">5.0 proxy cannot be a monitored host</issue>
  <issue tracker="bnc" id="1227406">SLM 6.0: Missing yellow reboot warning on top after package installation</issue>
  <issue tracker="bnc" id="1227526">old mirrorlist urls for centos 7 stopped working</issue>
  <issue tracker="bnc" id="1227543">"lastBuildDate" return for the contentmanagement API should be in "dateTime.iso8601" format</issue>
  <issue tracker="bnc" id="1227599">Using PAM authentication with SUMA does not allow the use of the "#" character</issue>
  <issue tracker="bnc" id="1227606">How to avoid Generating package cache while trying to remove packages through spacecmd</issue>
  <issue tracker="bnc" id="1227746">[openSCAP] - libopenscap8 non-existent - it is not possible to run openSCAP against Debian hosts</issue>
  <issue tracker="bnc" id="1228036">Unable to schedule salt state in Maintenance Window</issue>
  <issue tracker="bnc" id="1228101">minion_master.pub not being removed</issue>
  <issue tracker="bnc" id="1228130">Bootstrapping a SLES 15 SP6 system fails with a dependency for python3-zypp-plugin and python3-ply</issue>
  <issue tracker="bnc" id="1228147">PKGLIST15_TRAD is missing for SLE15 SP6</issue>
  <issue tracker="bnc" id="1228286">Monitoring formula - jinja rendering error on unsupported OSes for SLES 15 SP6</issue>
  <issue tracker="bnc" id="1228326">Switch from Liberty 7 to Liberty 7 LTSS channel via webUI</issue>
  <issue tracker="bnc" id="1228345">DMZ clients (Push via SSH tunnel) can not switch channels correctly</issue>
  <issue tracker="bnc" id="1228412">System search in webUI using specific string fails with internal server error</issue>
  <issue tracker="bnc" id="1228545">SQL syntax error while doing Import data with ISS v2</issue>
  <issue tracker="bnc" id="1228638">Subscription Matching - NullPointerException at MatcherJsonIO.java:189</issue>
  <issue tracker="bnc" id="1228851">Server can't connect to Jabber (Server does not support TLS)</issue>
  <issue tracker="bnc" id="1228945">AUDIT-FIND: spacewalk-utils: Sensitive information disclosure in backup file</issue>
  <issue tracker="bnc" id="1229079">mgr_ssl_cert_setup authorityKeyIdentifier parse problem</issue>
  <issue tracker="bnc" id="1229178">Missing URL in required network ports documentation</issue>
  <issue tracker="bnc" id="1229260">Downloading a package gives 404 even though file exists</issue>
  <issue tracker="bnc" id="1229339">Leap 15.5 sle-update repo key expires soon</issue>
  <issue tracker="bnc" id="1231332">VUL-0: CVE-2024-47533: cobbler: Authentication Exploit</issue>
  <issue tracker="bnc" id="1231852">VUL-0: CVE-2024-49502: spacewalk-web: Reflected XSS in Setup Wizard, HTTP Proxy credentials pane</issue>
  <issue tracker="bnc" id="1231900">VUL-0: arbitrary log messages in API can lead to a denial of service (either causing disk space exhaustion or server crash)</issue>
  <issue tracker="bnc" id="1231922">VUL-0: CVE-2024-49503: spacewalk-web: Reflected XSS in Setup Wizard, Organization Credentials</issue>
  <issue tracker="cve" id="2024-47533"/>
  <issue tracker="cve" id="2024-49502"/>
  <issue tracker="cve" id="2024-49503"/>
</patchinfo>
openSUSE Build Service is sponsored by
Places