SUSE-SU-2020:14538-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-202014538-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:14538-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:14538-1
Related
Published
2020-11-06T15:59:37Z
Modified
2020-11-06T15:59:37Z
Summary
Security update for SUSE Manager Client Tools
Details

This update fixes the following issues:

cobbler:

  • Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)

mgr-daemon:

  • Update translation strings

salt:

  • Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)

spacecmd:

  • Python3 fixes for errata in spacecmd (bsc#1169664)
  • Added support for i18n of user-facing strings
  • Python3 fix for sorted usage (bsc#1167907)

spacewalk-client-tools:

  • Remove RH references in Python/Ruby localization and use the product name instead
References

Affected packages

SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / cobbler

Package

Name
cobbler
Purl
purl:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.2-0.68.12.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / mgr-daemon

Package

Name
mgr-daemon
Purl
purl:rpm/suse/mgr-daemon&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.3-5.20.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2016.11.10-43.63.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / spacecmd

Package

Name
spacecmd
Purl
purl:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.8-18.72.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / spacewalk-client-tools

Package

Name
spacewalk-client-tools
Purl
purl:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.7-27.38.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / cobbler

Package

Name
cobbler
Purl
purl:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.2-0.68.12.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / mgr-daemon

Package

Name
mgr-daemon
Purl
purl:rpm/suse/mgr-daemon&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.3-5.20.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / salt

Package

Name
salt
Purl
purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2016.11.10-43.63.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / spacecmd

Package

Name
spacecmd
Purl
purl:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.8-18.72.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}

SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / spacewalk-client-tools

Package

Name
spacewalk-client-tools
Purl
purl:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.1.7-27.38.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-spacewalk-client-tools": "4.1.7-27.38.1",
            "spacewalk-client-setup": "4.1.7-27.38.1",
            "mgr-daemon": "4.1.3-5.20.1",
            "koan": "2.2.2-0.68.12.1",
            "spacewalk-check": "4.1.7-27.38.1",
            "salt": "2016.11.10-43.63.1",
            "python2-spacewalk-check": "4.1.7-27.38.1",
            "python2-spacewalk-client-setup": "4.1.7-27.38.1",
            "salt-doc": "2016.11.10-43.63.1",
            "spacewalk-client-tools": "4.1.7-27.38.1",
            "salt-minion": "2016.11.10-43.63.1",
            "spacecmd": "4.1.8-18.72.1"
        }
    ]
}