November 2020 - Uyuni Announce - openSUSE Mailing Lists

Uyuni 2020.11 is released!
by Julio González Gil 26 Nov '20

26 Nov '20

Hello everyone! We are happy to announce the immediate availability of Uyuni 2020.11 At https://www.uyuni-project.org/pages/stable-version.html you will find all the resources you need to start working with Uyuni 2020.11, including the release notes, documentation, requirements and setup instructions. IMPORTANT: Keep in mind Uyuni 2020.07 changed the base OS to openSUSE Leap 15.2, so a special procedure is needed if you are not upgrading from 2020.07 but from a previous version! Check the release notes and the documentation for all the details This is the list of highlights for this release: * Recent Salt CVEs remediation * CentOS 7/8 ppc64le support * Prometheus Exporter Exporter for CentOS, Oracle and RHEL 7 and 8 * Node Exporter updated to version 1.0.1 for most operating systems * Web UI themes * Prometheus Exporter Exporter * XML-RPC power management API * Third-party errata information on vendor channels * Bootstrap repositories no longer flushed by default * DNSSEC enabled by default by bind update * Virtualization: Creation of virtual machines with Yomi, KickStart or AutoYaST profiles * Japanese translation Please check the release notes for full details. Remember that Uyuni will follow a rolling release planning, so the next version will contain bugfixes for this one and any new features. There will be no maintenance of 2020.11 As always, we hope you will enjoy Uyuni 2020.11 and we invite everyone of you to send us your feedback [2] and of course your patches, if you can contribute. Happy hacking! [2] https://www.uyuni-project.org/pages/contact.html -- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez(a)suse.com

1 0

Uyuni Community Hours 27.11.2020
by Pau Garcia 20 Nov '20

20 Nov '20

** Please note we are moving the time of the Uyuni Community Hours this month ** Agenda: 1. Uyuni Server on CentOS: status update (Stephan Bluhm, community) 2. Uyuni 2020.11 (Pau Garcia, SUSE) ________________________________________________________________________________ Microsoft Teams meeting Join on your computer or mobile app Click here to join the meeting<https://teams.microsoft.com/l/meetup-join/19%3ameeting_NWNjZGY1NjEtNjgxYS00…> Or call in (audio only) +34 917 94 59 77,,531061056#<tel:+34917945977,,531061056#> Spain, Madrid Phone Conference ID: 531 061 056# Find a local number<https://dialin.teams.microsoft.com/58c3986f-4c3a-4b77-b4e8-f431171ef66d?id=…> | Reset PIN<https://mysettings.lync.com/pstnconferencing> Learn More<https://aka.ms/JoinTeamsMeeting> | Meeting options<https://teams.microsoft.com/meetingOptions/?organizerId=83d1ce03-a2c8-4530-…> ________________________________________________________________________________

1 0

IMPORTANT: Recent changes for the mailing lists
by Julio González Gil 16 Nov '20

16 Nov '20

Hi everyone, As part of the openSUSE Migration of the mailing lists [1], we have a few new things that you need to be aware of: 1. The lists addresses are now: announce(a)lists.uyuni-project.org devel(a)lists.uyuni-project.org users(a)lists.uyuni-project.org translation(a)lists.uyuni-project.org 2. The old addresses will be working for some unspecified time, but we recommend you start using the new addresses. 3. To avoid some problems DMARC authentication [2], the lists (among other things) will not add prefixes such as "[uyuni-user]" to the subject, and will not alter the body adding any links to the mailing lists. 4. As a consequence: If you used the subject to filter emails, please change your filters to start using email headers(check the openSUSE Migration page for details [1]) 5. The new system uses mailman v3 and hyperkitty, so now all management can be done via webUI at https://lists.uyuni-project.org or https://lists.opensuse.org 6. Your subscription should remain unchanged. We would like to thank the openSUSE Heroes [3] for the migration, as the change from mlmmj to mailman+hyperkitty is a big step forward making life easier for both users and mailing list administrators. Best regards. [1] https://en.opensuse.org/openSUSE:Mailing_Lists_Migration [2] https://dmarc.org/ [2] https://en.opensuse.org/openSUSE:Heroes -- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez(a)suse.com

1 0

[uyuni-announce] Special update for CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592
by Pau Garcia 06 Nov '20

06 Nov '20

Hello Today we have released an unscheduled update for Uyuni 2020.09, for 3 security issues affecting the Salt master and minions: CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592. First, a small warning. The current salt on openSUSE Leap 15.1/15.2 fixes the CVEs already, but contains a regression that breaks onboarding from WebUI and salt ssh managed minions. A fix for this is already in the openSUSE queue and should be released soon. Server ====== Please make sure you are on the most recent release (2020.09) and use the following commands on the Uyuni server: # zypper addrepo https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable… # zypper refresh # spacewalk-service stop # zypper update # spacewalk-service start This will download the required spacewalk-java and py26-compat-salt packages, as well as salt from openSUSE Leap 15.2 Proxies and Clients =================== Just sync your channels on the Uyuni Server for all operating systems, and that will get the updated salt packages. Then apply the updates to all your clients as you would do for any other security updates. More information ================ https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclo… https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16846/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25592/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17490/ Thank you Pau Garcia Quiles SUSE Manager Product Owner & Technical Project Manager SUSE Software Solutions Spain

1 0

[uyuni-announce] Special update for CVE-2020-8028 (bsc#1175884)
by Julio González Gil 06 Nov '20

06 Nov '20

Dear lists, Today we released an unscheduled release on top of Uyuni 2020.09, for CVE-2020-16846, CVE-2020-17490 and CVE-2020-25592 that affect salt master and clients. First, a small warning. The current salt on openSUSE Leap 15.2/15.2 fixes the CVEs already, but contains a regression that breaks onboarding from WebUI and salt ssh manage minions. A fix for this is already in the openSUSE queue and should be released soon. Server ====== Please make sure you are on the most recent release (2020.09) and use the following commands on the Uyuni server: zypper addrepo https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable… zypper refresh spacewalk-service stop zypper update spacewalk-service start This will download the required spacewalk-java and py26-compat-salt packages and packages, as well as salt from openSUSE Leap 15.2 Proxies and Clients =================== Just sync your channels on the Uyuni Server for all operating systems, and that will get the updated salt packages. Then apply the updates to all your clients as you would do for any other security updates. More information ================ https://www.saltstack.com/blog/on-november-3-2020-saltstack-publicly-disclo… https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16846/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25592/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17490/ -- Julio González Gil Release Engineer, SUSE Manager and Uyuni jgonzalez(a)suse.com

1 1