Maintenance update for SUSE Manager 4.3.8 Release Notes
| Announcement ID: |
SUSE-SU-2023:3885-1 |
| Rating: |
important |
| References: |
|
|
Cross-References:
|
|
| CVSS scores: |
-
CVE-2023-20897
(
SUSE
):
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
-
CVE-2023-20897
(
NVD
):
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
-
CVE-2023-20898
(
SUSE
):
4.2
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
-
CVE-2023-20898
(
NVD
):
4.2
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
-
CVE-2023-29409
(
SUSE
):
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
-
CVE-2023-29409
(
NVD
):
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
|
| Affected Products: |
- openSUSE Leap 15.4
- SUSE Manager Proxy 4.3
- SUSE Manager Retail Branch Server 4.3
- SUSE Manager Server 4.3
|
An update that solves six vulnerabilities, contains seven features and has 74 security fixes can now be installed.
Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3
Description:
This update fixes the following issues:
release-notes-susemanager-proxy:
- Update to SUSE Manager 4.3.8
- Bugs mentioned
bsc#1208692, bsc#1211525, bsc#1212856, bsc#1212943, bsc#1213445, bsc#1213675
Security update for SUSE Manager Server 4.3
Description:
This update fixes the following issues:
release-notes-susemanager:
- Update to SUSE Manager 4.3.8
- Important Salt minion update
- SUSE Manager Pay-as-you-go (PAYG)
- Automated RHUI credential update
- Monitoring: Prometheus upgraded to 2.45.0
- Monitoring: Apache exporter updated to version 1.0.0
- Expose lastBuildDate property (last build/promote date of an
environment) through contentlifecycle API (jsc#SUMA-280)
- Add saltboot redeploy and repartition based on pillars (jsc#SUMA-158)
- Security CVE issues fixed:
CVE-2023-29409, CVE-2023-20897, CVE-2023-20898
- Bugs mentioned
bsc#1207330, bsc#1208692, bsc#1210935, bsc#1211525, bsc#1211874
bsc#1211884, bsc#1212246, bsc#1212730, bsc#1212814, bsc#1212827
bsc#1212856, bsc#1212943, bsc#1213009, bsc#1213077, bsc#1213288
bsc#1213445, bsc#1213675, bsc#1213716, bsc#1213880, bsc#1214002
bsc#1214121, bsc#1214124, bsc#1214187, bsc#1214266, bsc#1214280
bsc#1214889, bsc#1214982, bsc#1215352, bsc#1215362, bsc#1215497
bsc#1193948, bsc#1214797, bsc#1213441, bsc#1214796, bsc#1213469
bsc#1215413, bsc#1215756
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3885=1
-
SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2023-3885=1
-
SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2023-3885=1
-
SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2023-3885=1
Package List:
-
openSUSE Leap 15.4 (noarch)
- release-notes-susemanager-proxy-4.3.8-150400.3.61.2
- release-notes-susemanager-4.3.8-150400.3.77.1
-
SUSE Manager Proxy 4.3 (noarch)
- release-notes-susemanager-proxy-4.3.8-150400.3.61.2
-
SUSE Manager Retail Branch Server 4.3 (noarch)
- release-notes-susemanager-proxy-4.3.8-150400.3.61.2
-
SUSE Manager Server 4.3 (noarch)
- release-notes-susemanager-4.3.8-150400.3.77.1
References: