This update fixes the following issues:
branch-network-formula:
- Update to version 0.1.1680167239.23f2fec
- Remove unnecessary import of 'salt.ext.six'
cpu-mitigations-formula:
- Update to version 0.5.0:
- Mark all SUSE Linux Enterprise 15 SP4 and newer and openSUSE 15.4 and newer as supported (bsc#1210835)
hub-xmlrpc-api:
- Do not strictly require Go 1.18 on SUSE Linux Enterprise 15 SP3 (bsc#1203599)
inter-server-sync:
- Version 0.2.8
- Correctly detect product name and product version number
- Import image channel data only when related software channel is available (bsc#1211330)
perl-Satcon:
spacecmd:
- Version 4.2.23-1
- Fix argument parsing of distribution_update (bsc#1210458)
spacewalk-backend:
- Version 4.2.28-1
- Filter CLM modular packages using release strings (bsc#1207814)
- Add package details to reposync error logging
spacewalk-certs-tools:
spacewalk-java:
- Security fixes in version 4.2.50-1:
- CVE-2023-22644: Remove web session swap secrets output in logs (bsc#1210086)
- CVE-2023-22644: Do not output URL parameters for tiny urls (bsc#1210101)
- CVE-2023-22644: Fix session information leak (bsc#1210107)
- CVE-2023-22644: Do not output Cobbler xmlrpc token in debug logs (bsc#1210162)
- CVE-2023-22644: Fix credentials and other secrets disclosure when debug log is enabled (bsc#1210154)
- CVE-2023-22644: Prevent logging formula data (bsc#1209386, bsc#1209434)
- Other non-security issues fixed in version 4.2.50-1:
- Fix misleading error message regarding SCC credentials removal (bsc#1207941)
- Fix issue with
aclChannelTypeCapable that prevented errata view in deb arch
- Refresh pillars after setting custom values via SSM (bsc#1210659)
- Report SSM power management errors in 'rhn_web_ui' (bsc#1210406)
- Filter CLM modular packages using release strings (bsc#1207814)
- Allow processing big state results...