SUSE-SU-2023:0812-1
- Source
- https://www.suse.com/support/update/announcement/2023/suse-su-20230812-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:0812-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2023:0812-1
- Related
- Published
- 2023-03-20T15:32:26Z
- Modified
- 2023-03-20T15:32:26Z
- Summary
- Security update for SUSE Manager Client Tools
- Details
-
This update fixes the following issues:
dracut-saltboot:
- Update to verion 0.1.1674034019.a93ff61
- Install copied wicked config as client.xml (bsc#1205599)
- Update to version 0.1.1673279145.e7616bd
grafana:
- CVE-2022-46146: Fix basic authentication bypass by updating the exporter toolkit to version 0.7.3 (bsc#1208065,)
- CVE-2022-41723: Require Go 1.19 or newer (bsc#1208293)
- Update to version 8.5.20:
- CVE-2022-23552: Security: SVG: Add dompurify preprocessor step (bsc#1207749)
- CVE-2022-39324: Security: Snapshots: Fix originalUrl spoof security issue (bsc#1207750)
- Security: Omit error from http response
- Bug fix: Email and username trimming and invitation validation
spacecmd:
- Version 4.3.19-1
- Fix spacecmd not showing any output for softwarechanneldiff and softwarechannelerrata_diff (bsc#1207352)
- Prevent string api parameters to be parsed as dates if not in ISO-8601 format (bsc#1205759)
spacewalk-client-tools:
- Version 4.3.15-1
- Update translation strings
supportutils-plugin-salt:
- Update to version 1.2.2
- Remove possible passwords from Salt configuration files (bsc#1201059)
uyuni-proxy-systemd-services:
- Version 4.3.8-1
- Allow using container images from different registry paths
- Update to verion 0.1.1674034019.a93ff61
- References
-
- https://www.suse.com/support/update/announcement/2023/suse-su-20230812-1/
- https://bugzilla.suse.com/1201059
- https://bugzilla.suse.com/1205599
- https://bugzilla.suse.com/1205759
- https://bugzilla.suse.com/1207352
- https://bugzilla.suse.com/1207749
- https://bugzilla.suse.com/1207750
- https://bugzilla.suse.com/1208065
- https://bugzilla.suse.com/1208293
- https://www.suse.com/security/cve/CVE-2022-23552
- https://www.suse.com/security/cve/CVE-2022-39324
- https://www.suse.com/security/cve/CVE-2022-41723
- https://www.suse.com/security/cve/CVE-2022-46146
Affected packages
SUSE:Manager Tools 15 / dracut-saltboot
Package
- Name
- dracut-saltboot
- Purl
- purl:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.1.1674034019.a93ff61-150000.1.47.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools 15 / grafana
Package
- Name
- grafana
- Purl
- purl:rpm/suse/grafana&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.5.20-150000.1.42.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools 15 / spacecmd
Package
- Name
- spacecmd
- Purl
- purl:rpm/suse/spacecmd&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.19-150000.3.95.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools 15 / spacewalk-client-tools
Package
- Name
- spacewalk-client-tools
- Purl
- purl:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.15-150000.3.77.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools 15 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.2.2-150000.3.13.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools 15 / uyuni-proxy-systemd-services
Package
- Name
- uyuni-proxy-systemd-services
- Purl
- purl:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Tools%2015
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.3.8-150000.1.12.1
Ecosystem specific
{
"binaries": [
{
"python3-spacewalk-check": "4.3.15-150000.3.77.1",
"dracut-saltboot": "0.1.1674034019.a93ff61-150000.1.47.1",
"supportutils-plugin-salt": "1.2.2-150000.3.13.1",
"spacewalk-client-setup": "4.3.15-150000.3.77.1",
"uyuni-proxy-systemd-services": "4.3.8-150000.1.12.1",
"spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacewalk-check": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-setup": "4.3.15-150000.3.77.1",
"python3-spacewalk-client-tools": "4.3.15-150000.3.77.1",
"spacecmd": "4.3.19-150000.3.95.1",
"grafana": "8.5.20-150000.1.42.1"
}
]
}
SUSE:Manager Tools for SLE Micro 5 / dracut-saltboot
Package
- Name
- dracut-saltboot
- Purl
- purl:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Tools%20for%20SLE%20Micro%205
SUSE:Manager Tools for SLE Micro 5 / uyuni-proxy-systemd-services
Package
- Name
- uyuni-proxy-systemd-services
- Purl
- purl:rpm/suse/uyuni-proxy-systemd-services&distro=SUSE%20Manager%20Tools%20for%20SLE%20Micro%205
SUSE:Linux Enterprise Module for Basesystem 15 SP4 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS
SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS
SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
SUSE:Linux Enterprise Real Time 15 SP3 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
SUSE:Linux Enterprise Server 15 SP1-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS
SUSE:Linux Enterprise Server 15 SP2-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
SUSE:Linux Enterprise Server 15 SP3-LTSS / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS
SUSE:Linux Enterprise Server for SAP Applications 15 SP1 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1
SUSE:Linux Enterprise Server for SAP Applications 15 SP2 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2
SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
SUSE:Manager Proxy 4.2 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Proxy%204.2
SUSE:Manager Server 4.2 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Server%204.2
SUSE:Enterprise Storage 7 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Enterprise%20Storage%207
SUSE:Enterprise Storage 7.1 / supportutils-plugin-salt
Package
- Name
- supportutils-plugin-salt
- Purl
- purl:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Enterprise%20Storage%207.1
openSUSE:Leap 15.4 / dracut-saltboot
Package
- Name
- dracut-saltboot
- Purl
- purl:rpm/suse/dracut-saltboot&distro=openSUSE%20Leap%2015.4
openSUSE:Leap 15.4 / spacecmd
Package
- Name
- spacecmd
- Purl
- purl:rpm/suse/spacecmd&distro=openSUSE%20Leap%2015.4