SUSE-SU-2021:0906-1

This update fixes the following issues:

cobbler:

• Fix string replacement for @@xyz@@
• Better performing string replacements

grafana-formula:

• Set supported to false for unsupported systems (bsc#1182001)
• Add SLES 15 SP3 and openSUSE Leap 15.3 to supported versions

mgr-libmod:

• Fix 'list_modules' JSON serialization (bsc#1182492)

mgr-osad:

• Adapt to new SSL implementation of rhnlib (bsc#1181807)

prometheus-exporters-formula:

• Add Ubuntu support for Prometheus exporters' reverse proxy

prometheus-formula:

• Set server hostname from pillar data (bsc#1180439)

py26-compat-salt:

• Do not crash when unexpected cmd output at listing patches (bsc#1181290)

rhnlib:

• Change SSL implementation to python ssl for better SAN and hostname matching support (bsc#1181807)

smdba:

• Do not remove the database if there is no backup and deal with manifest

spacewalk-backend:

• Open repomd files as binary (bsc#1173893)
• Fix requesting Release file in debian repos (bsc#1182006)
• Reposync: Fixed Kickstart functionality.
• Reposync: Fixed URLGrabber error handling.
• Reposync: Fix modular data handling for cloned channels (bsc#1177508)

spacewalk-client-tools:

• Adapt to new SSL implementation of rhnlib (bsc#1181807)

spacewalk-config:

• Increase apache ssl logs to include response code and process time

spacewalk-java:

• Homogenizes style in filter buttons, facilitating testability
• Cleanup sessions via SQL query instead of SQL function (bsc#1180224)
• Rebuild and improve rendering of error pages 404 and 500 pages (bsc#1181228)
• Fix user creation with pam auth and no password (bsc#1179579)
• Fix action chains for saltssh minions (bsc#1182200)
• FIX: Slow response of 'Software > Install' in Ubuntu minions (bsc#1181165)
• Do not call page decorator in HEAD requests (bsc#1181228)
• Add 'mgr_origin_server' to Salt pillar data (bsc#1180439)
• Ensure new files are synced just after writing them (bsc#1175660)
• Enable openscap auditing for salt systems in SSM (bsc#1157711)
• Detect debian products (bsc#1181416)
• Show packages from channels assigned to the targeted system (bsc#1181423)
• Add an API endpoint to allow/disallow scheduling irrelevant patches (bsc#1180757)
• Open raw output in new tab for ScriptRunAction (bsc#1180547)
• Default to preferred items per page in content lifecycle lists (bsc#1180558)
• Fix modular data handling for cloned channels (bsc#1177508)
• Fix: login gets an ISE when SSO is enabled (bsc#1181048)

spacewalk-utils:

• Fix modular data handling for cloned channels (bsc#1177508)

spacewalk-web:

• Replace CRLF in ssh priv key when bootstrapping (bsc#1182685)
• Upgrade immer to fix CVE-2020-28477
• Default to preferred items per page in content lifecycle lists (bsc#1180558)
• Fix sorting in content lifecycle projects and cluster tables (bsc#1180558)

susemanager:

• Add SLE 15 SP3 bootstrap repository definitions (bsc#1182008)
• Python3-dbus-python and dependencies not installed by default on JeOS SLE15 images, add them to the bootstrap repository list of packages for traditional (bsc#1182071)

susemanager-doc-indexes:

• Updated Command Line Registration with Salt section in the Client Configuration Guide for clarity.
• Adds openSUSE Leap SP migration to the SP migration section of the Client Configuration Guide
• Adds note that bootstrap procedure for selecting a parent channel is optional in Client Configuration Guide (bsc#1181635)
• Adds note about checking for valid UUIDs in fstab when backing up (bsc#1181814)
• Updated command for running configure proxy script when replacing a proxy
• Fixed bad SUSE Customer Center URL

susemanager-docs_en:

• Updated Command Line Registration with Salt section in the Client Configuration Guide for clarity.
• Adds openSUSE Leap SP migration to the SP migration section of the Client Configuration Guide
• Adds note that bootstrap procedure for selecting a parent channel is optional in Client Configuration Guide (bsc#1181635)
• Adds note about checking for valid UUIDs in fstab when backing up (bsc#1181814)
• Updated command for running configure proxy script when replacing a proxy
• Fixed bad SUSE Customer Center URL

susemanager-schema:

• Drop 'pxt_session_cleanup' function (bsc#1180224)
• Enable openscap auditing for salt systems in SSM (bsc#1157711)

susemanager-sls:

• Ubuntu 18 has version of apt which does not correctly support auth.conf.d directory. Detect the working version and use this feature only when we have a higher version installed

xstream:

Upgrade to 1.4.15

• fixes bsc#1180146, CVE-2020-26258 and bsc#1180145, CVE-2020-26259
• fixes bsc#1180994, CVE-2020-26217

subscription-matcher:

• Update the xstream dependency to 1.4.15

How to apply this update:

1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service: spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service: spacewalk-service start