SUSE-SU-2020:2292-1

This update fixes the following issues:

bind-formula:

• Remove wrong default for bind options preventing correct upload of bind options using XMLRPC (bsc#1150657)

branch-network-formula:

• Make branch formula to assign home directory to ftp and tftp users (bsc#1162391)

py26-compat-salt:

• Do not make py26-compat-salt to require python-tornado on SLE15 (all SPs)
• Backport saltutil state module to 2016.11 codebase (bsc#1167556)
• Add new custom SUSE capability for saltutil state module

python-susemanager-retail:

• Allow bind options to be stored to and edited by retail_yaml (bsc#1150657)

release-notes-susemanager:

• Update to 3.2.15
• Bugs mentioned bsc#1150657, bsc#1162391, bsc#1167556, bsc#1174965, bsc#1170331, bsc#1159184, bsc#1168227, bsc#1172831, bsc#1173073, bsc#1167871, bsc#1169109, bsc#1159202, bsc#1168227, bsc#1153578, bsc#1141663, bsc#1174768, bsc#1173946, bsc#1174167, bsc#1169865, bsc#1155794

spacewalk-backend:

• Fix issues importing RPM packages with long RPM headers (bsc#1174965)
• Do not make mgr-inter-sync to crash if there are non-ASCII characters on an exception message (bsc#1170331)
• Validate cached package entries on ISS slave (bsc#1159184)

spacewalk-client-tools:

• Do not crash 'mgr-update-status' because 'long' type is not defined in Python 3

spacewalk-java:

• Skip upgrades when the target has not the same amount of products as the installed set (bsc#1168227)
• Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
• Prevent deadlock on suseusernotification (bsc#1173073)
• Avoid multiple base channels when onboarding minions (bsc#1167871)
• Hide message about changed Update Tag change (bsc#1169109)
• Refresh pillar after channel change
• Use 'changes' field if 'pchanges' field doesn't exist (bsc#1159202)
• Skip migration targets when they do not have the same amount of products as the installed set (bsc#1168227)

spacewalk-utils:

• Add FQDN resolver for spacewalk-manage-channel-lifecycle (bsc#1153578)
• Fixes SSL hostname matching (bsc#1141663)

spacewalk-web:

• Fix saving of formulas (bsc#1174768)
• Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)

susemanager:

• Use python2-uyuni-common-libs and python3-uyuni-common-libs for bootstrap repositories (bsc#1173946)
• Add 'python-singledispatch' to SLE12 (all SPs) and RES7 bootstrap repos. (bsc#1174700)
• Add SLE 15 LTSS Product ID to SLE15 bootstrap repositories, as it is required to get python3-M2crypto (bsc#1174167)
• Require python3-tornado only for SLE15/SLE15SP1 (bsc#1169865)
• Use python3-M2Crypto for all SLE15 versions and openSUSE Leap 15.1 bootstrap repositories
• Add dbus-1-glib to SLE12SP5 x86_64 to allow onboarding of AWS Cloud SLE12SP5 clients (they do not have it by defaul anymore)

susemanager-frontend-libs:

• Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831)

susemanager-schema:

• Prevent a deadlock error involving delete_server and update_needed_cache (bsc#1173073)

susemanager-sls:

• Avoid traceback error due lazy loading which_bin (bsc#1155794)
• Using new module path for which_bin to get rid of DeprecationWarning

How to apply this update:

1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service: spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema: spacewalk-schema-upgrade
5. Start the Spacewalk service: spacewalk-service start