SUSE-SU-2020:3251-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203251-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3251-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3251-1
Related
Published
2020-11-06T16:03:37Z
Modified
2020-11-06T16:03:37Z
Summary
Security update for SUSE Manager 3.2
Details

This security update for SUSE Manager 3.2 fixes the following issues:

py26-compat-salt:

  • Properly validate eauth credentials and tokens on SSH calls made by Salt API (bsc#1178319, bsc#1178362, bsc#1178361, CVE-2020-25592, CVE-2020-17490, CVE-2020-16846)

spacewalk-java:

  • Use correct eauth module and credentials for Salt SSH calls (bsc#1178319, CVE-2020-25592)
References

Affected packages

SUSE:Manager Server 3.2 / py26-compat-salt

Package

Name
py26-compat-salt
Purl
purl:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%203.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2016.11.10-6.41.1

Ecosystem specific

{
    "binaries": [
        {
            "spacewalk-java-postgresql": "2.8.78.31-3.56.1",
            "spacewalk-taskomatic": "2.8.78.31-3.56.1",
            "py26-compat-salt": "2016.11.10-6.41.1",
            "spacewalk-java-oracle": "2.8.78.31-3.56.1",
            "spacewalk-java-config": "2.8.78.31-3.56.1",
            "spacewalk-java-lib": "2.8.78.31-3.56.1",
            "spacewalk-java": "2.8.78.31-3.56.1"
        }
    ]
}

SUSE:Manager Server 3.2 / spacewalk-java

Package

Name
spacewalk-java
Purl
purl:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.78.31-3.56.1

Ecosystem specific

{
    "binaries": [
        {
            "spacewalk-java-postgresql": "2.8.78.31-3.56.1",
            "spacewalk-taskomatic": "2.8.78.31-3.56.1",
            "py26-compat-salt": "2016.11.10-6.41.1",
            "spacewalk-java-oracle": "2.8.78.31-3.56.1",
            "spacewalk-java-config": "2.8.78.31-3.56.1",
            "spacewalk-java-lib": "2.8.78.31-3.56.1",
            "spacewalk-java": "2.8.78.31-3.56.1"
        }
    ]
}