SUSE-SU-2020:14538-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:14538-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:14538-1
- Related
- Published
- 2020-11-06T15:59:37Z
- Modified
- 2020-11-06T15:59:37Z
- Summary
- Security update for SUSE Manager Client Tools
- Details
-
This update fixes the following issues:
cobbler:
- Fix parsing cobbler dictionary options with values containing '=', e.g. kernel params containing '=' (bsc#1176978)
mgr-daemon:
- Update translation strings
salt:
- Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Added support for i18n of user-facing strings
- Python3 fix for sorted usage (bsc#1167907)
spacewalk-client-tools:
- Remove RH references in Python/Ruby localization and use the product name instead
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-202014538-1/
- https://bugzilla.suse.com/1167907
- https://bugzilla.suse.com/1169664
- https://bugzilla.suse.com/1176978
- https://bugzilla.suse.com/1178319
- https://bugzilla.suse.com/1178361
- https://bugzilla.suse.com/1178362
- https://www.suse.com/security/cve/CVE-2020-16846
- https://www.suse.com/security/cve/CVE-2020-17490
- https://www.suse.com/security/cve/CVE-2020-25592
Affected packages
SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / cobbler
Package
- Name
- cobbler
- Purl
- purl:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.2-0.68.12.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / mgr-daemon
Package
- Name
- mgr-daemon
- Purl
- purl:rpm/suse/mgr-daemon&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.3-5.20.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / salt
Package
- Name
- salt
- Purl
- purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2016.11.10-43.63.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / spacecmd
Package
- Name
- spacecmd
- Purl
- purl:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.8-18.72.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-CLIENT-TOOLS / spacewalk-client-tools
Package
- Name
- spacewalk-client-tools
- Purl
- purl:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.7-27.38.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / cobbler
Package
- Name
- cobbler
- Purl
- purl:rpm/suse/cobbler&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.2.2-0.68.12.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / mgr-daemon
Package
- Name
- mgr-daemon
- Purl
- purl:rpm/suse/mgr-daemon&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.3-5.20.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / salt
Package
- Name
- salt
- Purl
- purl:rpm/suse/salt&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2016.11.10-43.63.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / spacecmd
Package
- Name
- spacecmd
- Purl
- purl:rpm/suse/spacecmd&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.8-18.72.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4-CLIENT-TOOLS / spacewalk-client-tools
Package
- Name
- spacewalk-client-tools
- Purl
- purl:rpm/suse/spacewalk-client-tools&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-CLIENT-TOOLS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.1.7-27.38.1
Ecosystem specific
{
"binaries": [
{
"python2-spacewalk-client-tools": "4.1.7-27.38.1",
"spacewalk-client-setup": "4.1.7-27.38.1",
"mgr-daemon": "4.1.3-5.20.1",
"koan": "2.2.2-0.68.12.1",
"spacewalk-check": "4.1.7-27.38.1",
"salt": "2016.11.10-43.63.1",
"python2-spacewalk-check": "4.1.7-27.38.1",
"python2-spacewalk-client-setup": "4.1.7-27.38.1",
"salt-doc": "2016.11.10-43.63.1",
"spacewalk-client-tools": "4.1.7-27.38.1",
"salt-minion": "2016.11.10-43.63.1",
"spacecmd": "4.1.8-18.72.1"
}
]
}