SUSE-SU-2024:3266-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243266-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3266-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3266-1
Related
Published
2024-09-17T07:42:22Z
Modified
2024-09-17T07:42:22Z
Summary
Security update for SUSE Manager Client Tools
Details

This update fixes the following issues:

golang-github-prometheus-prometheus:

  • Security issues fixed:

    • CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038)
    • CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556)
  • Require Go > 1.20 for building

  • Migrate from disabled to manual service mode
  • Update to 2.45.6 (jsc#PED-3577):
    • Security fixes in dependencies
  • Update to 2.45.5:
    • [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback.
    • [BUGFIX] Remote write: Avoid a race condition when applying configuration.
  • Update to 2.45.4:
    • [BUGFIX] Remote read: Release querier resources before encoding the results.
  • Update to 2.45.3:
    • [BUGFIX] TSDB: Remove double memory snapshot on shutdown.
  • Update to 2.45.2:
    • [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series.
  • Update to 2.45.1:
    • [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September.
    • [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture.
    • [BUGFIX] TSDB: Handle TOC parsing failures.

rhnlib:

  • Version 5.0.4-0
    • Add the old TLS code for very old traditional clients still on python 2.7 (bsc#1228198)

spacecmd:

  • Version 5.0.9-0
    • Update translation strings

uyuni-tools:

  • Version 0.1.21-0
    • mgrpxy: Fix typo on Systemd template
  • Version 0.1.20-0
    • Update the push tag to 5.0.1
    • mgrpxy: expose port on IPv6 network (bsc#1227951)
  • Version 0.1.19-0
    • Skip updating Tomcat remote debug if conf file is not present
  • Version 0.1.18-0
    • Setup Confidential Computing container during migration (bsc#1227588)
    • Add the /etc/uyuni/uyuni-tools.yaml path to the config help
    • Split systemd config files to not loose configuration at upgrade (bsc#1227718)
    • Use the same logic for image computation in mgradm and mgrpxy (bsc#1228026)
    • Allow building with different Helm and container default registry paths (bsc#1226191)
    • Fix recursion in mgradm upgrade podman list --help
    • Setup hub xmlrpc API service in migration to Podman (bsc#1227588)
    • Setup disabled hub xmlrpc API service in all cases (bsc#1227584)
    • Clean the inspection code to make it faster
    • Properly detect IPv6 enabled on Podman network (bsc#1224349)
    • Fix the log file path generation
    • Write scripts output to uyuni-tools.log file
    • Add uyuni-hubxml-rpc to the list of values in mgradm scale --help
    • Use path in mgradm support sql file input (bsc#1227505)
    • On Ubuntu build with go1.21 instead of go1.20
    • Enforce Cobbler setup (bsc#1226847)
    • Expose port on IPv6 network (bsc#1227951)
    • show output of podman image search --list-tags command
    • Implement mgrpxy support config command
    • During migration, ignore /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf (bsc#1228183)
    • During migration, remove java.annotation,com.sun.xml.bind and UseConcMarkSweepGC settings
    • Disable node exporter port for Kubernetes
    • Fix start, stop and restart in Kubernetes
    • Increase start timeout in Kubernetes
    • Fix traefik query
    • Fix password entry usability (bsc#1226437)
    • Add --prepare option to migrate command
    • Fix random error during installation of CA certificate (bsc#1227245)
    • Clarify and fix distro name guessing when not provided (bsc#1226284)
    • Replace not working Fatal error by plain error return (bsc#1220136)
    • Allow server installation with preexisting storage volumes
    • Do not report error when purging mounted volume (bsc#1225349)
    • Preserve PAGER settings from the host for interactive sql usage (bsc#1226914)
    • Add mgrpxy command to clear the Squid cache
    • Use local images for Confidential Computing and Hub containers (bsc#1227586)
  • Version 0.1.17-0
    • Allow GPG files to be loaded from the local file (bsc#1227195)
  • Version 0.1.16-0
    • Prefer local images in all migration steps (bsc#1227244)
  • Version 0.1.15-0
    • Define --registry flag behaviour (bsc#1226793)
  • Version 0.1.14-0
    • Do not rely on hardcoded registry, remove any FQDN
  • Version 0.1.13-0
    • Fix mgradm support config tarball creation (bsc#1226759)
  • Version 0.1.12-0
    • Detection of k8s on Proxy was wrongly influenced by Server setting
References

Affected packages

SUSE:Manager Tools 12 / golang-github-prometheus-prometheus

Package

Name
golang-github-prometheus-prometheus
Purl
purl:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Tools%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.45.6-1.53.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-rhnlib": "5.0.4-21.52.1",
            "mgrctl-bash-completion": "0.1.21-1.8.1",
            "mgrctl": "0.1.21-1.8.1",
            "golang-github-prometheus-prometheus": "2.45.6-1.53.1",
            "spacecmd": "5.0.9-38.147.1",
            "mgrctl-zsh-completion": "0.1.21-1.8.1"
        }
    ]
}

SUSE:Manager Tools 12 / rhnlib

Package

Name
rhnlib
Purl
purl:rpm/suse/rhnlib&distro=SUSE%20Manager%20Tools%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.4-21.52.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-rhnlib": "5.0.4-21.52.1",
            "mgrctl-bash-completion": "0.1.21-1.8.1",
            "mgrctl": "0.1.21-1.8.1",
            "golang-github-prometheus-prometheus": "2.45.6-1.53.1",
            "spacecmd": "5.0.9-38.147.1",
            "mgrctl-zsh-completion": "0.1.21-1.8.1"
        }
    ]
}

SUSE:Manager Tools 12 / spacecmd

Package

Name
spacecmd
Purl
purl:rpm/suse/spacecmd&distro=SUSE%20Manager%20Tools%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.9-38.147.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-rhnlib": "5.0.4-21.52.1",
            "mgrctl-bash-completion": "0.1.21-1.8.1",
            "mgrctl": "0.1.21-1.8.1",
            "golang-github-prometheus-prometheus": "2.45.6-1.53.1",
            "spacecmd": "5.0.9-38.147.1",
            "mgrctl-zsh-completion": "0.1.21-1.8.1"
        }
    ]
}

SUSE:Manager Tools 12 / uyuni-tools

Package

Name
uyuni-tools
Purl
purl:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Tools%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.21-1.8.1

Ecosystem specific

{
    "binaries": [
        {
            "python2-rhnlib": "5.0.4-21.52.1",
            "mgrctl-bash-completion": "0.1.21-1.8.1",
            "mgrctl": "0.1.21-1.8.1",
            "golang-github-prometheus-prometheus": "2.45.6-1.53.1",
            "spacecmd": "5.0.9-38.147.1",
            "mgrctl-zsh-completion": "0.1.21-1.8.1"
        }
    ]
}