# Security update for SUSE Manager 4.3.11 Release Notes Announcement ID: SUSE-SU-2024:0513-1 Rating: important References: * bsc#1170848 * bsc#1210911 * bsc#1211254 * bsc#1211560 * bsc#1211912 * bsc#1213079 * bsc#1213507 * bsc#1213738 * bsc#1213981 * bsc#1214077 * bsc#1214791 * bsc#1215166 * bsc#1215514 * bsc#1215769 * bsc#1215810 * bsc#1215813 * bsc#1215982 * bsc#1216114 * bsc#1216394 * bsc#1216437 * bsc#1216550 * bsc#1216657 * bsc#1216753 * bsc#1216781 * bsc#1216988 * bsc#1217069 * bsc#1217209 * bsc#1217588 * bsc#1217784 * bsc#1217869 * bsc#1218019 * bsc#1218074 * bsc#1218075 * bsc#1218089 * bsc#1218094 * bsc#1218146 * bsc#1218490 * bsc#1218615 * bsc#1218669 * bsc#1218849 * bsc#1219577 * bsc#1219850 * jsc#MSQA-719 Cross-References: * CVE-2023-32189 * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities, contains one feature and has 39 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager-proxy: * Update to SUSE Manager 4.3.11 * Bugs mentioned: bsc#1213738, bsc#1216657, bsc#1216781, bsc#1217209, bsc#1217588 bsc#1218615, bsc#1218849, bsc#1219577, bsc#1219850 ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.11 * Migrate from RHEL and its clones to SUSE Liberty Linux * Reboot required indication for non-SUSE distributions * SSH key rotation for enhanced security * Configure remote command execution * End of Debian 10 support * CVEs fixed: CVE-2023-32189, CVE-2024-22231, CVE-2024-22232 * Bugs mentioned: bsc#1170848, bsc#1210911, bsc#1211254, bsc#1211560, bsc#1211912 bsc#1213079, bsc#1213507, bsc#1213738, bsc#1213981, bsc#1214077 bsc#1214791, bsc#1215166, bsc#1215514, bsc#1215769, bsc#1215810 bsc#1215813, bsc#1215982, bsc#1216114, bsc#1216394, bsc#1216437 bsc#1216550, bsc#1216657, bsc#1216753, bsc#1216781, bsc#1216988 bsc#1217069, bsc#1217209, bsc#1217588, bsc#1217784, bsc#1217869 bsc#1218019, bsc#1218074, bsc#1218075, bsc#1218089, bsc#1218094 bsc#1218490, bsc#1218615, bsc#1218669, bsc#1218849, bsc#1219577 bsc#1219850, bsc#1218146 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-513=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-513=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-513=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-513=1 ## Package List: * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-proxy-4.3.11-150400.3.79.1 * release-notes-susemanager-4.3.11-150400.3.100.1 * SUSE Manager Proxy 4.3 (noarch) * release-notes-susemanager-proxy-4.3.11-150400.3.79.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * release-notes-susemanager-proxy-4.3.11-150400.3.79.1 * SUSE Manager Server 4.3 (noarch) * release-notes-susemanager-4.3.11-150400.3.100.1 ## References: * https://www.suse.com/security/cve/CVE-2023-32189.html * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1170848 * https://bugzilla.suse.com/show_bug.cgi?id=1210911 * https://bugzilla.suse.com/show_bug.cgi?id=1211254 * https://bugzilla.suse.com/show_bug.cgi?id=1211560 * https://bugzilla.suse.com/show_bug.cgi?id=1211912 * https://bugzilla.suse.com/show_bug.cgi?id=1213079 * https://bugzilla.suse.com/show_bug.cgi?id=1213507 * https://bugzilla.suse.com/show_bug.cgi?id=1213738 * https://bugzilla.suse.com/show_bug.cgi?id=1213981 * https://bugzilla.suse.com/show_bug.cgi?id=1214077 * https://bugzilla.suse.com/show_bug.cgi?id=1214791 * https://bugzilla.suse.com/show_bug.cgi?id=1215166 * https://bugzilla.suse.com/show_bug.cgi?id=1215514 * https://bugzilla.suse.com/show_bug.cgi?id=1215769 * https://bugzilla.suse.com/show_bug.cgi?id=1215810 * https://bugzilla.suse.com/show_bug.cgi?id=1215813 * https://bugzilla.suse.com/show_bug.cgi?id=1215982 * https://bugzilla.suse.com/show_bug.cgi?id=1216114 * https://bugzilla.suse.com/show_bug.cgi?id=1216394 * https://bugzilla.suse.com/show_bug.cgi?id=1216437 * https://bugzilla.suse.com/show_bug.cgi?id=1216550 * https://bugzilla.suse.com/show_bug.cgi?id=1216657 * https://bugzilla.suse.com/show_bug.cgi?id=1216753 * https://bugzilla.suse.com/show_bug.cgi?id=1216781 * https://bugzilla.suse.com/show_bug.cgi?id=1216988 * https://bugzilla.suse.com/show_bug.cgi?id=1217069 * https://bugzilla.suse.com/show_bug.cgi?id=1217209 * https://bugzilla.suse.com/show_bug.cgi?id=1217588 * https://bugzilla.suse.com/show_bug.cgi?id=1217784 * https://bugzilla.suse.com/show_bug.cgi?id=1217869 * https://bugzilla.suse.com/show_bug.cgi?id=1218019 * https://bugzilla.suse.com/show_bug.cgi?id=1218074 * https://bugzilla.suse.com/show_bug.cgi?id=1218075 * https://bugzilla.suse.com/show_bug.cgi?id=1218089 * https://bugzilla.suse.com/show_bug.cgi?id=1218094 * https://bugzilla.suse.com/show_bug.cgi?id=1218146 * https://bugzilla.suse.com/show_bug.cgi?id=1218490 * https://bugzilla.suse.com/show_bug.cgi?id=1218615 * https://bugzilla.suse.com/show_bug.cgi?id=1218669 * https://bugzilla.suse.com/show_bug.cgi?id=1218849 * https://bugzilla.suse.com/show_bug.cgi?id=1219577 * https://bugzilla.suse.com/show_bug.cgi?id=1219850 * https://jira.suse.com/browse/MSQA-719