SUSE-SU-2023:0353-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20230353-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0353-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:0353-1
- Upstream
- Related
- Published
- 2023-02-10T14:12:55Z
- Modified
- 2025-05-02T04:33:12.509786Z
- Summary
- Security update for SUSE Manager Client Tools
- Details
-
This update fixes the following issues:
dracut-saltboot:
- Update to version 0.1.1673279145.e7616bd
- Add failsafe stop file when salt-minion does not stop (bsc#1172110)
- Copy existing wicked config instead of generating new (bsc#1205599)
grafana:
- Update to version 8.5.15 (jsc#PED-2617):
- CVE-2022-39306: Fix for privilege escalation (bsc#1205225)
- CVE-2022-39307: Omit error from http response when user does not exists (bsc#1205227)
- Update to version 8.5.14:
- CVE-2022-39201: Fix do not forward login cookie in outgoing requests (bsc#1204303)
- CVE-2022-31130: Make proxy endpoints not leak sensitive HTTP headers (bsc#1204305)
- CVE-2022-31123: Fix plugin signature bypass (bsc#1204302)
- CVE-2022-39229: Fix blocknig other users from signing in (bsc#1204304)
mgr-osad:
- Version 4.3.7-1
- Updated logrotate configuration (bsc#1206470)
mgr-push:
- Version 4.3.5-1
- Update translation strings
rhnlib:
- Version 4.3.5-1
- Don't get stuck at the end of SSL transfers (bsc#1204032)
spacecmd:
- Version 4.3.18-1
- Add python-dateutil dependency, required to process date values in spacecmd api calls
- Version 4.3.17-1
- Remove python3-simplejson dependency
- Correctly understand 'ssm' keyword on scap scheduling
- Add vendoradvisory information to erratadetails call (bsc#1205207)
- Added two missing options to schedule product migration: allow-vendor-change and remove-products-without-successor (bsc#1204126)
- Changed schedule product migration to use the correct API method
- Change default port of 'Containerized Proxy configuration' 8022
spacewalk-client-tools:
- Version 4.3.14-1
- Update translation strings
uyuni-common-libs:
- Version 4.3.7-1
- unify user notification code on java side
- Update to version 0.1.1673279145.e7616bd
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20230353-1/
- https://bugzilla.suse.com/1172110
- https://bugzilla.suse.com/1204032
- https://bugzilla.suse.com/1204126
- https://bugzilla.suse.com/1204302
- https://bugzilla.suse.com/1204303
- https://bugzilla.suse.com/1204304
- https://bugzilla.suse.com/1204305
- https://bugzilla.suse.com/1205207
- https://bugzilla.suse.com/1205225
- https://bugzilla.suse.com/1205227
- https://bugzilla.suse.com/1205599
- https://bugzilla.suse.com/1206470
- https://www.suse.com/security/cve/CVE-2022-31123
- https://www.suse.com/security/cve/CVE-2022-31130
- https://www.suse.com/security/cve/CVE-2022-39201
- https://www.suse.com/security/cve/CVE-2022-39229
- https://www.suse.com/security/cve/CVE-2022-39306
- https://www.suse.com/security/cve/CVE-2022-39307
Affected packages
openSUSE:Leap 15.4
dracut-saltboot
spacecmd
SUSE:Manager Client Tools 15
dracut-saltboot
Package
- Name
- dracut-saltboot
- Purl
- pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.1.1673279145.e7616bd-150000.1.44.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}grafana
Package
- Name
- grafana
- Purl
- pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.5.15-150000.1.39.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}mgr-osad
Package
- Name
- mgr-osad
- Purl
- pkg:rpm/suse/mgr-osad&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.7-150000.1.42.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}mgr-push
Package
- Name
- mgr-push
- Purl
- pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.5-150000.1.24.2
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}rhnlib
Package
- Name
- rhnlib
- Purl
- pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.5-150000.3.40.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}spacecmd
Package
- Name
- spacecmd
- Purl
- pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.18-150000.3.92.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}spacewalk-client-tools
Package
- Name
- spacewalk-client-tools
- Purl
- pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.14-150000.3.74.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}uyuni-common-libs
Package
- Name
- uyuni-common-libs
- Purl
- pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Client%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.7-150000.1.30.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.14-150000.3.74.1",
"python3-uyuni-common-libs": "4.3.7-150000.1.30.1",
"grafana": "8.5.15-150000.1.39.1",
"spacewalk-client-setup": "4.3.14-150000.3.74.1",
"spacewalk-check": "4.3.14-150000.3.74.1",
"python3-spacewalk-client-tools": "4.3.14-150000.3.74.1",
"mgr-osad": "4.3.7-150000.1.42.1",
"python3-mgr-osa-common": "4.3.7-150000.1.42.1",
"python3-spacewalk-client-setup": "4.3.14-150000.3.74.1",
"python3-mgr-push": "4.3.5-150000.1.24.2",
"dracut-saltboot": "0.1.1673279145.e7616bd-150000.1.44.1",
"spacewalk-client-tools": "4.3.14-150000.3.74.1",
"python3-mgr-osad": "4.3.7-150000.1.42.1",
"python3-rhnlib": "4.3.5-150000.3.40.1",
"mgr-push": "4.3.5-150000.1.24.2",
"spacecmd": "4.3.18-150000.3.92.1"
}
]
}