SUSE-SU-2017:0475-1

Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170475-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0475-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:0475-1
Related
Published
2017-02-16T00:19:16Z
Modified
2017-02-16T00:19:16Z
Summary
Security update for susestudio
Details

This update provides SUSE Studio Runner 1.3.14, which brings fixes for the following issues:

  • bsc#968797: 11 SP3 appliance gets invalid distribution upgrade from SLMS.
  • bsc#947225: Second build of appliance will not register to SLMS, wrong product name.
  • bsc#983404: UEFI boot missing for SLE11 SP4.
  • bsc#972406: Kiwi export config.sh script has /build-custom out of order.
  • bsc#981095: Add user 'ldap' to default_users list for assigning owners for overlay files.
  • bsc#972425: Runlevel 3 is being ignored in appliance configuration.
  • bsc#983999: SLES 12 appliance build does not include gpg keys from base product.
  • bsc#979110: SLES 12 will not build for EC2.
  • bsc#929102: Plaintext Password Local Disclosure in rubygem-rest-client. (CVE-2015-3448)
  • bsc#963741: Security fixes for Rails v3.2.22. (CVE-2015-7576, CVE-2015-7577, CVE-2016-0751, CVE-2016-0752)
References

Affected packages

SUSE:Studio Onsite 1.3 / libjansson

Package

Name
libjansson
Purl
purl:rpm/suse/libjansson&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.1-0.9.11.6

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite 1.3 / qemu-ext2

Package

Name
qemu-ext2
Purl
purl:rpm/suse/qemu-ext2&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.1-0.9.4.19

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite 1.3 / rubygem-bundler19

Package

Name
rubygem-bundler19
Purl
purl:rpm/suse/rubygem-bundler19&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0-0.13.10

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite 1.3 / studio-help

Package

Name
studio-help
Purl
purl:rpm/suse/studio-help&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.20-0.6.9

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite 1.3 / susestudio

Package

Name
susestudio
Purl
purl:rpm/suse/susestudio&distro=SUSE%20Studio%20Onsite%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.14-52.1

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite Runner 1.3 / libjansson

Package

Name
libjansson
Purl
purl:rpm/suse/libjansson&distro=SUSE%20Studio%20Onsite%20Runner%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.1-0.9.11.6

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite Runner 1.3 / qemu-ext2

Package

Name
qemu-ext2
Purl
purl:rpm/suse/qemu-ext2&distro=SUSE%20Studio%20Onsite%20Runner%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.1-0.9.4.19

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite Runner 1.3 / rubygem-bundler19

Package

Name
rubygem-bundler19
Purl
purl:rpm/suse/rubygem-bundler19&distro=SUSE%20Studio%20Onsite%20Runner%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.7.0-0.13.10

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite Runner 1.3 / studio-help

Package

Name
studio-help
Purl
purl:rpm/suse/studio-help&distro=SUSE%20Studio%20Onsite%20Runner%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.20-0.6.9

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}

SUSE:Studio Onsite Runner 1.3 / susestudio

Package

Name
susestudio
Purl
purl:rpm/suse/susestudio&distro=SUSE%20Studio%20Onsite%20Runner%201.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.14-52.1

Ecosystem specific

{
    "binaries": [
        {
            "rubygem-bundler19": "1.7.0-0.13.10",
            "susestudio-ui-server": "1.3.14-52.1",
            "qemu-ext2": "0.1.1-0.9.4.19",
            "susestudio-common": "1.3.14-52.1",
            "susestudio": "1.3.14-52.1",
            "libjansson4": "2.2.1-0.9.11.6",
            "susestudio-sid": "1.3.14-52.1",
            "susestudio-runner": "1.3.14-52.1",
            "libcontainment-insomnia": "0.1.1-0.9.4.19",
            "studio-help": "1.3.20-0.6.9",
            "susestudio-bundled-packages": "1.3.14-52.1"
        }
    ]
}