openSUSE-SU-2021:1162-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2021:1162-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2021:1162-1
Related
Published
2021-08-17T10:06:47Z
Modified
2021-08-17T10:06:47Z
Summary
Security update for SUSE Manager Client Tools
Details

This update fixes the following issues:

ansible:

  • The support level for ansible is l2, not l3

dracut-saltboot:

  • Force installation of libexpat.so.1 (bsc#1188846)
  • Use kernel parameters from PXE formula also for local boot

golang-github-prometheus-prometheus:

  • Provide and reload firewalld configuration only for:
    • openSUSE Leap 15.0, 15.1, 15.2
    • SUSE Linux Enterprise 15, 15 SP1, 15 SP2
  • Upgrade to upstream version 2.27.1 (jsc#SLE-18254)
    • Bugfix:
      • SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242)
      • UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659
        • TSDB: Do not panic when writing very large records to the WAL. #8790
        • TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723
        • Scaleway Discovery: Fix nil pointer dereference. #8737
        • Consul Discovery: Restart no longer required after config update with no targets. #8766
    • Features:
      • Promtool: Retroactive rule evaluation functionality.
      • Configuration: Environment variable expansion for external labels. Behind '--enable-feature=expand-external-labels' flag.
      • Add a flag '--storage.tsdb.max-block-chunk-segment-size' to control the max chunks file size of the blocks for small Prometheus instances.
      • UI: Add a dark theme.
      • AWS Lightsail Discovery: Add AWS Lightsail Discovery.
      • Docker Discovery: Add Docker Service Discovery.
      • OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used.
      • Remote Write: Send exemplars via remote write. Experimental and disabled by default.
    • Enhancements:
      • Digital Ocean Discovery: Add 'metadigitaloceanvpc' label.
      • Scaleway Discovery: Read Scaleway secret from a file.
      • Scrape: Add configurable limits for label size and count.
      • UI: Add 16w and 26w time range steps.
      • Templating: Enable parsing strings in humanize functions.
  • Update package with changes from server:monitoring (bsc#1175478) Left out removal of 'firewalld' related configuration files as SUSE Linux Enterprise 15-SP1's firewalld package does not contain 'prometheus' configuration yet.

mgr-cfg:

  • No visible impact for the user

mgr-custom-info:

  • No visible impact for the user

mgr-osad:

  • No visible impact for the user

mgr-push:

  • No visible impact for the user

mgr-virtualization:

  • No visible impact for the user

rhnlib:

  • No visible impact for the user

spacecmd:

  • Make spacecmd aware of retracted patches/packages
  • Enhance help for installation types when creating distributions (bsc#1186581)
  • Parse empty argument when nothing in between the separator

spacewalk-client-tools:

  • Update translation strings

spacewalk-koan:

  • Fix for spacewalk-koan tests after switching to the new Docker images

spacewalk-oscap:

  • No visible impact for the user

suseRegisterInfo:

  • No visible impact for the user

uyuni-common-libs:

  • Handle broken RPM packages to prevent exceptions causing fails on repository synchronization (bsc#1186650)
  • Maintainer field in debian packages are only recommended (bsc#1186508)

This update was imported from the SUSE:SLE-15:Update update project.

References

Affected packages

openSUSE:Leap 15.2 / ansible

Package

Name
ansible
Purl
pkg:rpm/opensuse/ansible&distro=openSUSE%20Leap%2015.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.9.21-lp152.2.7.1

Ecosystem specific

{
    "binaries": [
        {
            "ansible": "2.9.21-lp152.2.7.1",
            "dracut-saltboot": "0.1.1627546504.96a0b3e-lp152.2.26.1",
            "golang-github-prometheus-prometheus": "2.27.1-lp152.3.13.1",
            "ansible-doc": "2.9.21-lp152.2.7.1",
            "ansible-test": "2.9.21-lp152.2.7.1"
        }
    ]
}

openSUSE:Leap 15.2 / dracut-saltboot

Package

Name
dracut-saltboot
Purl
pkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.1627546504.96a0b3e-lp152.2.26.1

Ecosystem specific

{
    "binaries": [
        {
            "ansible": "2.9.21-lp152.2.7.1",
            "dracut-saltboot": "0.1.1627546504.96a0b3e-lp152.2.26.1",
            "golang-github-prometheus-prometheus": "2.27.1-lp152.3.13.1",
            "ansible-doc": "2.9.21-lp152.2.7.1",
            "ansible-test": "2.9.21-lp152.2.7.1"
        }
    ]
}

openSUSE:Leap 15.2 / golang-github-prometheus-prometheus

Package

Name
golang-github-prometheus-prometheus
Purl
pkg:rpm/opensuse/golang-github-prometheus-prometheus&distro=openSUSE%20Leap%2015.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.27.1-lp152.3.13.1

Ecosystem specific

{
    "binaries": [
        {
            "ansible": "2.9.21-lp152.2.7.1",
            "dracut-saltboot": "0.1.1627546504.96a0b3e-lp152.2.26.1",
            "golang-github-prometheus-prometheus": "2.27.1-lp152.3.13.1",
            "ansible-doc": "2.9.21-lp152.2.7.1",
            "ansible-test": "2.9.21-lp152.2.7.1"
        }
    ]
}