SUSE-SU-2024:3267-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243267-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3267-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3267-1
Related
Published
2024-09-17T07:43:02Z
Modified
2024-09-17T07:43:02Z
Summary
Security update for SUSE Manager Client Tools
Details

This update fixes the following issues:

golang-github-prometheus-prometheus:

  • Security issues fixed:

    • CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038)
    • CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556)
  • Require Go > 1.20 for building

  • Migrate from disabled to manual service mode
  • Update to 2.45.6 (jsc#PED-3577):
    • Security fixes in dependencies
  • Update to 2.45.5:
    • [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback.
    • [BUGFIX] Remote write: Avoid a race condition when applying configuration.
  • Update to 2.45.4:
    • [BUGFIX] Remote read: Release querier resources before encoding the results.
  • Update to 2.45.3:
    • [BUGFIX] TSDB: Remove double memory snapshot on shutdown.
  • Update to 2.45.2:
    • [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series.
  • Update to 2.45.1:
    • [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September.
    • [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture.
    • [BUGFIX] TSDB: Handle TOC parsing failures.

rhnlib:

  • Version 5.0.4-0
    • Add the old TLS code for very old traditional clients still on python 2.7 (bsc#1228198)

spacecmd:

  • Version 5.0.9-0
    • Update translation strings

uyuni-tools:

  • Version 0.1.21-0
    • mgrpxy: Fix typo on Systemd template
  • Version 0.1.20-0
    • Update the push tag to 5.0.1
    • mgrpxy: expose port on IPv6 network (bsc#1227951)
  • Version 0.1.19-0
    • Skip updating Tomcat remote debug if conf file is not present
  • Version 0.1.18-0
    • Setup Confidential Computing container during migration (bsc#1227588)
    • Add the /etc/uyuni/uyuni-tools.yaml path to the config help
    • Split systemd config files to not loose configuration at upgrade (bsc#1227718)
    • Use the same logic for image computation in mgradm and mgrpxy (bsc#1228026)
    • Allow building with different Helm and container default registry paths (bsc#1226191)
    • Fix recursion in mgradm upgrade podman list --help
    • Setup hub xmlrpc API service in migration to Podman (bsc#1227588)
    • Setup disabled hub xmlrpc API service in all cases (bsc#1227584)
    • Clean the inspection code to make it faster
    • Properly detect IPv6 enabled on Podman network (bsc#1224349)
    • Fix the log file path generation
    • Write scripts output to uyuni-tools.log file
    • Add uyuni-hubxml-rpc to the list of values in mgradm scale --help
    • Use path in mgradm support sql file input (bsc#1227505)
    • On Ubuntu build with go1.21 instead of go1.20
    • Enforce Cobbler setup (bsc#1226847)
    • Expose port on IPv6 network (bsc#1227951)
    • show output of podman image search --list-tags command
    • Implement mgrpxy support config command
    • During migration, ignore /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf (bsc#1228183)
    • During migration, remove java.annotation,com.sun.xml.bind and UseConcMarkSweepGC settings
    • Disable node exporter port for Kubernetes
    • Fix start, stop and restart in Kubernetes
    • Increase start timeout in Kubernetes
    • Fix traefik query
    • Fix password entry usability (bsc#1226437)
    • Add --prepare option to migrate command
    • Fix random error during installation of CA certificate (bsc#1227245)
    • Clarify and fix distro name guessing when not provided (bsc#1226284)
    • Replace not working Fatal error by plain error return (bsc#1220136)
    • Allow server installation with preexisting storage volumes
    • Do not report error when purging mounted volume (bsc#1225349)
    • Preserve PAGER settings from the host for interactive sql usage (bsc#1226914)
    • Add mgrpxy command to clear the Squid cache
    • Use local images for Confidential Computing and Hub containers (bsc#1227586)
  • Version 0.1.17-0
    • Allow GPG files to be loaded from the local file (bsc#1227195)
  • Version 0.1.16-0
    • Prefer local images in all migration steps (bsc#1227244)
  • Version 0.1.15-0
    • Define --registry flag behaviour (bsc#1226793)
  • Version 0.1.14-0
    • Do not rely on hardcoded registry, remove any FQDN
  • Version 0.1.13-0
    • Fix mgradm support config tarball creation (bsc#1226759)
  • Version 0.1.12-0
    • Detection of k8s on Proxy was wrongly influenced by Server setting
References

Affected packages

SUSE:Manager Client Tools 15 / golang-github-prometheus-prometheus

Package

Name
golang-github-prometheus-prometheus
Purl
pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.45.6-150000.3.56.1

Ecosystem specific

{
    "binaries": [
        {
            "mgrctl-bash-completion": "0.1.21-150000.1.8.2",
            "mgrctl": "0.1.21-150000.1.8.2",
            "golang-github-prometheus-prometheus": "2.45.6-150000.3.56.1",
            "mgrctl-lang": "0.1.21-150000.1.8.2",
            "mgrctl-zsh-completion": "0.1.21-150000.1.8.2",
            "firewalld-prometheus-config": "0.1-150000.3.56.1",
            "spacecmd": "5.0.9-150000.3.124.1",
            "python3-rhnlib": "5.0.4-150000.3.46.1"
        }
    ]
}

SUSE:Manager Client Tools 15 / rhnlib

Package

Name
rhnlib
Purl
pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.4-150000.3.46.1

Ecosystem specific

{
    "binaries": [
        {
            "mgrctl-bash-completion": "0.1.21-150000.1.8.2",
            "mgrctl": "0.1.21-150000.1.8.2",
            "golang-github-prometheus-prometheus": "2.45.6-150000.3.56.1",
            "mgrctl-lang": "0.1.21-150000.1.8.2",
            "mgrctl-zsh-completion": "0.1.21-150000.1.8.2",
            "firewalld-prometheus-config": "0.1-150000.3.56.1",
            "spacecmd": "5.0.9-150000.3.124.1",
            "python3-rhnlib": "5.0.4-150000.3.46.1"
        }
    ]
}

SUSE:Manager Client Tools 15 / spacecmd

Package

Name
spacecmd
Purl
pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.9-150000.3.124.1

Ecosystem specific

{
    "binaries": [
        {
            "mgrctl-bash-completion": "0.1.21-150000.1.8.2",
            "mgrctl": "0.1.21-150000.1.8.2",
            "golang-github-prometheus-prometheus": "2.45.6-150000.3.56.1",
            "mgrctl-lang": "0.1.21-150000.1.8.2",
            "mgrctl-zsh-completion": "0.1.21-150000.1.8.2",
            "firewalld-prometheus-config": "0.1-150000.3.56.1",
            "spacecmd": "5.0.9-150000.3.124.1",
            "python3-rhnlib": "5.0.4-150000.3.46.1"
        }
    ]
}

SUSE:Manager Client Tools 15 / uyuni-tools

Package

Name
uyuni-tools
Purl
pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.21-150000.1.8.2

Ecosystem specific

{
    "binaries": [
        {
            "mgrctl-bash-completion": "0.1.21-150000.1.8.2",
            "mgrctl": "0.1.21-150000.1.8.2",
            "golang-github-prometheus-prometheus": "2.45.6-150000.3.56.1",
            "mgrctl-lang": "0.1.21-150000.1.8.2",
            "mgrctl-zsh-completion": "0.1.21-150000.1.8.2",
            "firewalld-prometheus-config": "0.1-150000.3.56.1",
            "spacecmd": "5.0.9-150000.3.124.1",
            "python3-rhnlib": "5.0.4-150000.3.46.1"
        }
    ]
}

SUSE:Manager Client Tools for SLE Micro 5 / uyuni-tools

Package

Name
uyuni-tools
Purl
pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.21-150000.1.8.2

Ecosystem specific

{
    "binaries": [
        {
            "mgrctl-bash-completion": "0.1.21-150000.1.8.2",
            "mgrctl": "0.1.21-150000.1.8.2",
            "mgrctl-lang": "0.1.21-150000.1.8.2",
            "mgrctl-zsh-completion": "0.1.21-150000.1.8.2"
        }
    ]
}

openSUSE:Leap 15.5 / spacecmd

Package

Name
spacecmd
Purl
pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.9-150000.3.124.1

Ecosystem specific

{
    "binaries": [
        {
            "spacecmd": "5.0.9-150000.3.124.1"
        }
    ]
}

openSUSE:Leap 15.6 / spacecmd

Package

Name
spacecmd
Purl
pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.9-150000.3.124.1

Ecosystem specific

{
    "binaries": [
        {
            "spacecmd": "5.0.9-150000.3.124.1"
        }
    ]
}