SUSE-SU-2023:0009-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20230009-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0009-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:0009-1
- Related
- Published
- 2023-01-02T10:42:37Z
- Modified
- 2025-05-02T04:33:50.295780Z
- Upstream
- Summary
- Security update for saphanabootstrap-formula
- Details
-
This update for saphanabootstrap-formula fixes the following issues:
Version bump 0.13.1
- revert changes to spec file to re-enable SLES RPM builds
- CVE-2022-45153: Fixed privilege escalation for arbitrary users in hana/ha_cluster.sls (bsc#1205990)
Version bump 0.13.0
- pass sid to sudoers in a SLES12 compatible way
- add location constraint to gcp_stonith
Version bump 0.12.1
- moved templates dir into hana dir in repository to be gitfs compatible
Version bump 0.12.0
- add SAPHanaSR takeover blocker
Version bump 0.11.0
- use check_cmd instead of tmp sudoers file
- make sudoers rules more secure
- migrate sudoers to template file
Version bump 0.10.1
- fix hook removal conditions
- fix majority_maker code on case grain is empty
Version bump 0.10.0
- allow to disable shared HANA basepath and rework add_hosts code (enables HANA scale-out on AWS)
- do not edit global.ini directly (if not needed)
Version bump 0.9.1
- fix majority_maker code on case grain is empty
Version bump 0.9.0
- define vip_mechanism for every provider and reorder resources (same schema for all SAP related formulas)
Version bump 0.8.1
- use multi-target Hook on HANA scale-out
Version bump 0.8.0
- add HANA scale-out support
- add idempotence to not affect a running HANA and cluster
Version bump 0.7.2
- add native fencing for microsoft-azure
fixes a not working import of dbapi in SUSE/ha-sap-terraform-deployments#703
- removes the installation and extraction of all hdbcli files in the /hana/shared/srHook directory
- fixes execution order of srTakeover/srCostOptMemConfig hook
renames and updates hook srTakeover to srCostOptMemConfig
Changing exporter stickiness to => 0 and adjusting the colocation score from +inf to -inf and changing the colocation from Master to Slave. This change fix the impact of a failed exporter in regards to the HANA DB.
Document extra_parameters in pillar.example (bsc#1185643)
Change hanadb_exporter default timeout value to 30 seconds
Set correct stickiness for the azure-lb resource The azure-lb resource receives an stickiness=0 to not influence on transitions calculations as the HANA resources have more priority
- References
Affected packages
SUSE:Linux Enterprise Module for SAP Applications 15 SP2 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/suse/saphanabootstrap-formula&distro=SUSE%20Linux%20Enterprise%20Module%20for%20SAP%20Applications%2015%20SP2
SUSE:Linux Enterprise Module for SAP Applications 15 SP3 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/suse/saphanabootstrap-formula&distro=SUSE%20Linux%20Enterprise%20Module%20for%20SAP%20Applications%2015%20SP3
SUSE:Linux Enterprise Module for SAP Applications 15 SP4 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/suse/saphanabootstrap-formula&distro=SUSE%20Linux%20Enterprise%20Module%20for%20SAP%20Applications%2015%20SP4
SUSE:Manager Server Module 4.2 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/suse/saphanabootstrap-formula&distro=SUSE%20Manager%20Server%20Module%204.2
SUSE:Manager Server Module 4.3 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/suse/saphanabootstrap-formula&distro=SUSE%20Manager%20Server%20Module%204.3
openSUSE:Leap 15.3 / saphanabootstrap-formula
Package
- Name
- saphanabootstrap-formula
- Purl
- pkg:rpm/opensuse/saphanabootstrap-formula&distro=openSUSE%20Leap%2015.3