SUSE-SU-2022:0225-1

This update fixes the following issues:

hibernate5:

• Fix potential SQL injection CVE-2020-25638 (bsc#1193832)

mgr-libmod:

• Version 4.1.10-1
  • require python macros for building

mgr-osad:

• Version 4.1.6-1
  • require python macros for building

prometheus-formula:

• Version 0.3.5
  • Add support for new Uyuni SD in Prometheus >= 2.31

py27-compat-salt:

• Fix tmpfiles.d configuration for salt to not use legacy paths (bsc#1173103)
• Remove wrong _parse_cpe_name from grains.core
• Fix file.find tracebacks with non utf8 file names (bsc#1190114)
• Fix ip6_interface grain to not leak secondary IPv4 aliases (bsc#1191412)
• Added Python2 build possibility for RHEL8
• Do not consider skipped targets as failed for ansible.playbooks state (bsc#1190446)
• Fix traceback.*_exc() calls
• Fix the regression of docker_container state module (bsc#1191285)

spacecmd:

• Version 4.1.16-1
  • require python macros for building

spacewalk-admin:

• Version 4.1.11-1
  • add service to update configfile and introduce a backup scc user

spacewalk-backend:

• Version 4.1.30-1
  • Add headers to update proxy auth token in listChannels (bsc#1193585)
  • require python macros for building
  • Fix the IS_SUSE variable in spacewalk-debug
  • exchange zypp-plugin dependency to use the python3 version (bsc#1192514)
  • Minor spec update.
  • Added RHN config parameter httpd_config_dir.

spacewalk-certs-tools:

• Version 4.1.20-1
  • Make bootstrap script to use bash when called with a different interpreter (bsc#1191656)

spacewalk-client-tools:

• Version 4.1.11-1
  • require python macros for building

spacewalk-java:

• Version 4.1.43-1
  • Fix stack overflow when building a CLM project from modular sources (bsc#1194990)
  • Avoid using RPM tags when filtering modular packages in CLM (bsc#1192487)
  • fix XML syntax in cobbler snippets (bsc#1193694)
  • Fix stripping module metadata when cloning channels in CLM (bsc#1193008)
  • Fix system information forwarding to SCC (bsc#1188900)
  • forward registration data to SUSE Customer Center
  • Run Prometheus JMX exporter as Java agent (bsc#1184617)
  • Fix calling wrong XMLRPC bootstrap method (bsc#1192736)
  • Fix package update action with shared channels (bsc#1191313)
  • fix issue with empty action chains getting deleted too early (bsc#1191377)
  • switch to best repo auth item for contentsources (bsc#1191442)
  • Set product name and version in the User-Agent header when connecting to SCC
  • update last boot time of SSH Minions after bootstrapping (bsc#1191899)
  • Mark SSH minion actions when they're picked up (bsc#1188505)
  • Add compressed flag to image pillars when kiwi image is compressed (bsc#1191702)
  • mgr-sync refresh logs when a vendor channel is expired and shows how to remove it (bsc#1191222)
• Readable error when 'mgr-sync add channel' is called with a non-existing label (bsc#1173143)

spacewalk-reports:

• Version 4.1.5-1
  • Fixes query for system-history report to prevent more than one row returned by a subquery with rhnxccdftestresult.identifier (bsc#1191192)

spacewalk-setup:

• Version 4.1.10-1
  • Increase 'max_event_size' value for the Salt master (bsc#1191340)
  • Leave Cobbler bootloader directory at the default (bsc#1187708)
  • Don't delete cobbler.conf contents.
  • Fixed FileNotFoundError on cobbler setup.
  • cobbler20-setup was removed
  • spacewalk-setup-cobbler was reimplemented in Python
  • Config files for Cobbler don't get edited in place anymore, thus the original ones are saved with a '.backup' suffix

spacewalk-utils:

• Version 4.1.19-1
  • require python macros for building

spacewalk-web:

• Version 4.1.31-1
  • Update Web UI version to 4.1.13

suseRegisterInfo:

• Version 4.1.4-1
  • require python macros for building

susemanager:

• Version 4.1.32-1
  • add additional default config values for forwarding registrations to SCC

susemanager-doc-indexes:

• In the Troubleshooting section of the Client Configuration Guide, SUSE Linux Enterprise Server 11 clients also require previous SSL versions installed on the server

susemanager-docs_en:

• In the Troubleshooting section of the Client Configuration Guide, SUSE Linux Enterprise Server 11 clients also require previous SSL versions installed on the server

susemanager-schema:

• Version 4.1.24-1
  • Fix rhnChannelNewestPackageView in case there are duplicates (bsc#1193612)
  • DB schema to support forwarding data to SCC

susemanager-sls:

• Version 4.1.32-1
  • Run Prometheus JMX exporter as Java agent (bsc#1184617)
  • Fix problem installing/removing packages using action chains in transactional systems
  • Don't create skeleton /srv/salt/top.sls
  • Add missing compressed_hash value from Kiwi inspect (bsc#1191702)

uyuni-common-libs:

• Version 4.1.10-1
  • Read modularity data from DISTTAG tag as fallback (bsc#1192487)
  • require python macros for building

How to apply this update:

1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service: spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service: spacewalk-service start