Hello everyone!
We are happy to announce the immediate availability of Uyuni 2020.11
At https://www.uyuni-project.org/pages/stable-version.html you will find all
the resources you need to start working with Uyuni 2020.11, including the
release notes, documentation, requirements and setup instructions.
IMPORTANT: Keep in mind Uyuni 2020.07 changed the base OS to openSUSE Leap
15.2, so a special procedure is needed if you are not upgrading from 2020.07
but from a previous version! Check the release notes and the documentation for
all the details
This is the list of highlights for this release:
* Recent Salt CVEs remediation
* CentOS 7/8 ppc64le support
* Prometheus Exporter Exporter for CentOS, Oracle and RHEL 7 and 8
* Node Exporter updated to version 1.0.1 for most operating systems
* Web UI themes
* Prometheus Exporter Exporter
* XML-RPC power management API
* Third-party errata information on vendor channels
* Bootstrap repositories no longer flushed by default
* DNSSEC enabled by default by bind update
* Virtualization: Creation of virtual machines with Yomi, KickStart or
AutoYaST profiles
* Japanese translation
Please check the release notes for full details.
Remember that Uyuni will follow a rolling release planning, so the next
version will contain bugfixes for this one and any new features. There will be
no maintenance of 2020.11
As always, we hope you will enjoy Uyuni 2020.11 and we invite everyone of you
to send us your feedback [2] and of course your patches, if you can
contribute.
Happy hacking!
[2] https://www.uyuni-project.org/pages/contact.html
--
Julio González Gil
Release Engineer, SUSE Manager and Uyuni
jgonzalez(a)suse.com
Hi everyone,
As part of the openSUSE Migration of the mailing lists [1], we have a few new
things that you need to be aware of:
1. The lists addresses are now:
announce(a)lists.uyuni-project.org
devel(a)lists.uyuni-project.org
users(a)lists.uyuni-project.org
translation(a)lists.uyuni-project.org
2. The old addresses will be working for some unspecified time, but we
recommend you start using the new addresses.
3. To avoid some problems DMARC authentication [2], the lists (among other
things) will not add prefixes such as "[uyuni-user]" to the subject, and will
not alter the body adding any links to the mailing lists.
4. As a consequence: If you used the subject to filter emails, please change
your filters to start using email headers(check the openSUSE Migration page
for details [1])
5. The new system uses mailman v3 and hyperkitty, so now all management can be
done via webUI at https://lists.uyuni-project.org or
https://lists.opensuse.org
6. Your subscription should remain unchanged.
We would like to thank the openSUSE Heroes [3] for the migration, as the
change from mlmmj to mailman+hyperkitty is a big step forward making life
easier for both users and mailing list administrators.
Best regards.
[1] https://en.opensuse.org/openSUSE:Mailing_Lists_Migration
[2] https://dmarc.org/
[2] https://en.opensuse.org/openSUSE:Heroes
--
Julio González Gil
Release Engineer, SUSE Manager and Uyuni
jgonzalez(a)suse.com
Hello
Today we have released an unscheduled update for Uyuni 2020.09, for 3 security issues affecting the Salt master and minions:
CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592.
First, a small warning. The current salt on openSUSE Leap 15.1/15.2 fixes the
CVEs already, but contains a regression that breaks onboarding from WebUI and
salt ssh managed minions.
A fix for this is already in the openSUSE queue and should be released soon.
Server
======
Please make sure you are on the most recent release (2020.09) and use the
following commands on the Uyuni server:
# zypper addrepo https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable…
# zypper refresh
# spacewalk-service stop
# zypper update
# spacewalk-service start
This will download the required spacewalk-java and py26-compat-salt packages, as well as salt from openSUSE Leap 15.2
Proxies and Clients
===================
Just sync your channels on the Uyuni Server for all operating systems, and that
will get the updated salt packages.
Then apply the updates to all your clients as you would do for any other
security updates.
More information
================
https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclo…https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16846/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25592/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17490/
Thank you
Pau Garcia Quiles
SUSE Manager Product Owner & Technical Project Manager
SUSE Software Solutions Spain
Dear lists,
Today we released an unscheduled release on top of Uyuni 2020.09, for
CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592 that affect salt master and
clients.
First, a small warning. The current salt on openSUSE Leap 15.2/15.2 fixes the
CVEs already, but contains a regression that breaks onboarding from WebUI and
salt ssh manage minions.
A fix for this is already in the openSUSE queue and should be released soon.
Server
======
Please make sure you are on the most recent release (2020.09) and use the
following commands on the Uyuni server:
zypper addrepo https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable…
zypper refresh
spacewalk-service stop
zypper update
spacewalk-service start
This will download the required spacewalk-java and py26-compat-salt packages
and packages, as well as salt from openSUSE Leap 15.2
Proxies and Clients
===================
Just sync your channels on the Uyuni Server for all operating systems, and that
will get the updated salt packages.
Then apply the updates to all your clients as you would do for any other
security updates.
More information
================
https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclo…https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16846/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25592/https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17490/
--
Julio González Gil
Release Engineer, SUSE Manager and Uyuni
jgonzalez(a)suse.com