- Uyuni Announce

IMPORTANT: Patches (including several Security fixes) for Uyuni 2024.12 Server
by Marina Latini 18 Apr '25

18 Apr '25

Hello! We released a set of security patches for Uyuni 2024.12 Server with the following fixes: * CVE-2025-24813: Potential RCE and/or information disclosure/corruption with partial PUT (bsc#1239302) * CVE-2025-23392, CVE-2025-23393: Filter user input in systems list page (bsc#1239826, bsc#1240386) You can apply the patch at the Uyuni Server and Proxy by following the instructions at: https://www.uyuni-project.org/pages/patches.html Happy hacking and have a lot of fun! -- Marina Latini Release Engineer SUSE Software Solutions Germany GmbH Frankenstr. 146, 90461 Nuernberg Germany www.suse.com Geschäftsführer: Ivo Totev, Andrew McDonald, Werner Knoblich (HRB 36809, AG Nürnberg) #ThePowerOfMany #DareToBeDifferent #HaveALotOfFun

1 0

[CANCELLED] April Uyuni community Hours
by Raúl Osuna Sánchez-Infante 15 Apr '25

15 Apr '25

Dear Community, Due to the upcoming public holidays and additional vacations, we are cancelling the April session of the Community Hours, planned for April 24th. Feel free to reach out to us in Gitter or GitHub discussions for any additional questions or clarification. See you again in May, and stay tuned for new announcements! Happy hacking and have a lot of fun, -- Kind regards, Raúl Osuna Sánchez-Infante SUSE Multi-Linux Manager and Uyuni Software Release Engineer SUSE Software Solutions Spain SL Engineering & Innovation, EMEA

1 0

Friendly reminder: polls about removing java Sonar Cloud rules
by Carlo Della Giusta 14 Apr '25

14 Apr '25

Friendly reminder to all java developers: the poll on keeping or removing 11 java Sonar Cloud rules closes Friday, April 18th 2025. Have your saying and vote for the poll! The list of the polls is available at https://github.com/uyuni-project/uyuni/issues/9878 Thanks for your participation! Carlo Della Giusta Software Engineer Security SUSE www.suse.com LinkedIn <https://www.linkedin.com/company/suse/mycompany/> | Instagram <https://www.instagram.com/suseinc/?hl=en> | <https://twitter.com/SUSE> Twitter <https://twitter.com/SUSE> | <https://twitter.com/SUSE> YouTube <https://www.youtube.com/channel/UCHTfqIzPKz4f_dri36lAQGA>

1 0

Enforcing signing for Git commits, starting today
by Julio González Gil 08 Apr '25

08 Apr '25

Dear Community, As announced in February (and with some delay) we are now starting the enforcement of signing for Git commits. As a reminder, this ensures that commit authorship is cryptographically verified, preventing impersonation and adding a layer of trust to our contributions. With commit signing, GitHub will mark your commits as "Verified", making it clear that they came from you. Setting it up is simple, and it helps keep our project safe and accountable. Check out the setup guide from GitHub: https://docs.github.com/en/authentication/managing-commit-signature-verific… You can use GPG, SSH, or S/MIME, as you can see. The following repositories will start getting signing enforcement gradually. - All repositories at https://github.com/orgs/uyuni-project/repositories - https://github.com/SUSE/salt-formulas - https://github.com/SUSE/salt-netapi-client - https://github.com/SUSE/manager-build-profiles - https://github.com/SUSE/smdba - https://github.com/openSUSE/containment-rpm-pxe - https://github.com/openSUSE/zypp-plugin-spacewalk If you have any further questions, please join the #devel channel at Gitter (https://gitter.im/uyuni-project/devel) or Matrix (https://matrix.to/#/#uyuni-project_devel:gitter.im) Happy hacking! -- Julio González Gil Engineering Manager, SUSE Multi-Linux Manager jgonzalez(a)suse.com

1 0

Database split reached master, rebase your PRs
by cbosdonnat＠suse.com 03 Apr '25

03 Apr '25

Hi all, This is a heads up that the database split pull requests have been merged in master. Since the container images have heavily changed, I would advise you to rebase your PRs now as this could be the source of errors in your testsuite or unit tests runs. Regarding development instances, if you already have one, it should be fine to keep it and develop against it, however if you deploy a new server container, make sure that mgradm is also the latest and greatest from master. Regards, -- Cedric

1 0

Recordings available - Community Hours Thursday, March 27th 2025
by Raúl Osuna Sánchez-Infante 28 Mar '25

28 Mar '25

Hello folks! If you missed the last Uyuni Community Hours that took place on March 27th, check out the recording at https://youtu.be/Qbk0j1o6dk8 Please bear in mind that the HD version of the recording might still being processed, and it could take up to a couple of hours till it is ready. Remember, you can find all the information about the Community hours, included updated agenda and link for the meeting, at https://github.com/uyuni-project/uyuni/wiki/Uyuni-Community-Hours Happy hacking and have a lot of fun! Raúl & Marina -- Kind regards, Raúl Osuna Sánchez-Infante SUSE Multi-Linux Manager and Uyuni Software Release Engineer SUSE Software Solutions Spain SL Engineering & Innovation, EMEA

1 0

Community Hours on Thursday 27th, at 16.00 CET / 15.00 UTC
by Raúl Osuna Sánchez-Infante 26 Mar '25

26 Mar '25

Hello folks! Like every last Thursday of each month, we'll be having on Thursday 27th (tomorrow) a session of the Uyuni Community Hours. The agenda is: - Uyuni 2025.0x: What’s next? - VEX Consumption in Uyuni - Uyuni SonarCloud error reduction The link to the Jitsi meeting can be found here: https://meet.jit.si/moderated/08658cae0e2eefa6e84ef2229a34e339e1b3b473449ae… Remember you can find all the information about the Community hours, including updated agenda and link for the meeting at https://github.com/uyuni-project/uyuni/wiki/Uyuni-Community-Hours See you there! -- Kind regards, Raúl Osuna Sánchez-Infante SUSE Multi-Linux Manager and Uyuni Software Release Engineer SUSE Software Solutions Spain SL Engineering & Innovation, EMEA

1 0

Welcome Pablo Cáceres as Student Intern
by Abid Mehmood 24 Mar '25

24 Mar '25

Hi folks, I am excited to introduce Pablo Cáceres from the University of Córdoba in Spain. He is joining us temporarily to work on his final degree project within the context of Uyuni. Pablo has chosen to focus on supporting a new file format, VEX, for managing vulnerability data. He has already started working on an implementation while his RFC (Request for Comments) is under discussion. You can follow the progress here: - Project issue: https://github.com/uyuni-project/uyuni/issues/9606 - RFC: https://github.com/uyuni-project/uyuni-rfc/pull/102 You can find Pablo at our Gitter devel channel (https://gitter.im/uyuni-project/devel <https://gitter.im/uyuni-project/devel>) to say hello. Here is a quick introduction by himself: ---- Hi! I'm Pablo Cáceres, but you can find me online with the username naibu3. I'm 22 and I'm in my last year studying IT engineering in Spain. I will join SUSE to develop my degree final project contributing to Uyuni with an enhancement for the CVE scanner. My passion is cybersecurity, collaborating with the Network and Cybersecurity Aula at my university and spending weekends playing CTF competitions with my team, Caliphal Hounds. We even reached the top 2 of Spain last year. Apart from competing, I have a blog where I post writeups and interesting stuff and projects. My other big hobby is basketball. I used to play in a local team, but for the moment I'm a referee in the first regional category. I'm glad to have the opportunity to work with you all. I feel it could be a great opportunity to get started with a real-world development environment, outside university projects. Anyone who wants to contact me can do it by Gitter (@naibu3:gitter.im) or by mail(pablocaceregaitan(a)gmail.com). Excited to collaborate with you all, Pablo C -- Kind regards, Abid

1 0

RESULT: Poll about the new host Operating System for Uyuni
by Raúl Osuna Sánchez-Infante 03 Mar '25

03 Mar '25

Dear Community, with a tight result of 26 votes for openSUSE Tumbleweed and 24 votes for openSUSE MicroOS, the former has been chosen by the Community as the host OS for the upcoming versions of Uyuni (only meaning that this is the OS in which the product will be validated, nothing more, nothing less, Community is still encouraged to test and use the containers in the OS of their choice and, if possible, help us document how to use such OS). We will be adapting the sources and the documentation, in addition to providing a migration path before the next release of Uyuni. -- Kind regards, Raúl Osuna Sánchez-Infante SUSE Multi-Linux Manager and Uyuni Software Release Engineer SUSE Software Solutions Spain SL Engineering & Innovation, EMEA

1 0

Recordings available - Community Hours Thursday, February 27th 2025
by Raúl Osuna Sánchez-Infante 28 Feb '25

28 Feb '25

Hello folks! If you missed the last Uyuni Community Hours that took place on February 27th, check out the recording at https://youtu.be/Vo6d7fhhFd8 Please bear in mind that the HD version of the recording might still being processed, and it could take up to a couple of hours till it is ready. Remember, you can find all the information about the Community hours, included updated agenda and link for the meeting, at https://github.com/uyuni-project/uyuni/wiki/Uyuni-Community-Hours Happy hacking and have a lot of fun! Raúl & Marina -- Kind regards, Raúl Osuna Sánchez-Infante SUSE Multi-Linux Manager and Uyuni Software Release Engineer SUSE Software Solutions Spain SL Engineering & Innovation, EMEA

1 0