SUSE-SU-2017:0475-1
- Source
- https://www.suse.com/support/update/announcement/2017/suse-su-20170475-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0475-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:0475-1
- Related
- Published
- 2017-02-16T00:19:16Z
- Modified
- 2017-02-16T00:19:16Z
- Summary
- Security update for susestudio
- Details
-
This update provides SUSE Studio Runner 1.3.14, which brings fixes for the following issues:
- bsc#968797: 11 SP3 appliance gets invalid distribution upgrade from SLMS.
- bsc#947225: Second build of appliance will not register to SLMS, wrong product name.
- bsc#983404: UEFI boot missing for SLE11 SP4.
- bsc#972406: Kiwi export config.sh script has /build-custom out of order.
- bsc#981095: Add user 'ldap' to default_users list for assigning owners for overlay files.
- bsc#972425: Runlevel 3 is being ignored in appliance configuration.
- bsc#983999: SLES 12 appliance build does not include gpg keys from base product.
- bsc#979110: SLES 12 will not build for EC2.
- bsc#929102: Plaintext Password Local Disclosure in rubygem-rest-client. (CVE-2015-3448)
- bsc#963741: Security fixes for Rails v3.2.22. (CVE-2015-7576, CVE-2015-7577, CVE-2016-0751, CVE-2016-0752)
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20170475-1/
- https://bugzilla.suse.com/870697
- https://bugzilla.suse.com/887489
- https://bugzilla.suse.com/929102
- https://bugzilla.suse.com/942185
- https://bugzilla.suse.com/947225
- https://bugzilla.suse.com/963741
- https://bugzilla.suse.com/968797
- https://bugzilla.suse.com/969322
- https://bugzilla.suse.com/972406
- https://bugzilla.suse.com/972425
- https://bugzilla.suse.com/974130
- https://bugzilla.suse.com/979110
- https://bugzilla.suse.com/979124
- https://bugzilla.suse.com/981095
- https://bugzilla.suse.com/983404
- https://bugzilla.suse.com/983999
- https://www.suse.com/security/cve/CVE-2015-3448
- https://www.suse.com/security/cve/CVE-2015-7576
- https://www.suse.com/security/cve/CVE-2015-7577
- https://www.suse.com/security/cve/CVE-2016-0751
- https://www.suse.com/security/cve/CVE-2016-0752
Affected packages
SUSE:Studio Onsite 1.3 / libjansson
Package
- Name
- libjansson
- Purl
- purl:rpm/suse/libjansson&distro=SUSE%20Studio%20Onsite%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.1-0.9.11.6
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite 1.3 / qemu-ext2
Package
- Name
- qemu-ext2
- Purl
- purl:rpm/suse/qemu-ext2&distro=SUSE%20Studio%20Onsite%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.1.1-0.9.4.19
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite 1.3 / rubygem-bundler19
Package
- Name
- rubygem-bundler19
- Purl
- purl:rpm/suse/rubygem-bundler19&distro=SUSE%20Studio%20Onsite%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0-0.13.10
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite 1.3 / studio-help
Package
- Name
- studio-help
- Purl
- purl:rpm/suse/studio-help&distro=SUSE%20Studio%20Onsite%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.20-0.6.9
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite 1.3 / susestudio
Package
- Name
- susestudio
- Purl
- purl:rpm/suse/susestudio&distro=SUSE%20Studio%20Onsite%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.14-52.1
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite Runner 1.3 / libjansson
Package
- Name
- libjansson
- Purl
- purl:rpm/suse/libjansson&distro=SUSE%20Studio%20Onsite%20Runner%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.1-0.9.11.6
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite Runner 1.3 / qemu-ext2
Package
- Name
- qemu-ext2
- Purl
- purl:rpm/suse/qemu-ext2&distro=SUSE%20Studio%20Onsite%20Runner%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.1.1-0.9.4.19
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite Runner 1.3 / rubygem-bundler19
Package
- Name
- rubygem-bundler19
- Purl
- purl:rpm/suse/rubygem-bundler19&distro=SUSE%20Studio%20Onsite%20Runner%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.7.0-0.13.10
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite Runner 1.3 / studio-help
Package
- Name
- studio-help
- Purl
- purl:rpm/suse/studio-help&distro=SUSE%20Studio%20Onsite%20Runner%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.20-0.6.9
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}
SUSE:Studio Onsite Runner 1.3 / susestudio
Package
- Name
- susestudio
- Purl
- purl:rpm/suse/susestudio&distro=SUSE%20Studio%20Onsite%20Runner%201.3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.3.14-52.1
Ecosystem specific
{
"binaries": [
{
"rubygem-bundler19": "1.7.0-0.13.10",
"susestudio-ui-server": "1.3.14-52.1",
"qemu-ext2": "0.1.1-0.9.4.19",
"susestudio-common": "1.3.14-52.1",
"susestudio": "1.3.14-52.1",
"libjansson4": "2.2.1-0.9.11.6",
"susestudio-sid": "1.3.14-52.1",
"susestudio-runner": "1.3.14-52.1",
"libcontainment-insomnia": "0.1.1-0.9.4.19",
"studio-help": "1.3.20-0.6.9",
"susestudio-bundled-packages": "1.3.14-52.1"
}
]
}