This update fixes the following issues:
hub-xmlrpc-api:
- Security fix:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
- There are no direct source changes. The CVE on hub-xmlrpc-api is fixed rebuilding the sources with the patched Go
version.
spacecmd:
spacewalk-backend:
- Version 4.2.29-1
- Use a constant to get the product name in python code rather than reading rhn.conf (bsc#1212943)
- Only show missing /root/.curlrc error with log_level = 5 (bsc#1212507)
spacewalk-java:
- Version 4.2.55-1
- Set swap memory value if available
- Set primary FQDN to hostname if none is set (bsc#1209156, bsc#1214333)
- Version 4.2.54-1
- Consider venv-salt-minion package update as a Salt update to prevent backtraces on
upgrading salt with itself (bsc#1211884)
- Version 4.2.53-1
- Fix 'more then one method candidate found' for API function (bsc#1211100)
- Fixed a bug that caused the tab Autoinstallation to hide when clicking on Power
Management Management/Operations on SSM -> Provisioning
- Update copyright year (bsc#1212106)
- Disable jinja processing for the roster file (bsc#1211650)
- Version 4.2.52-1
- Update jetty-util to version 9.4.51
- Version 4.2.51-1
- Update version of Tomcat build dependencies
spacewalk-reports:
- Version 4.2.8-1
- Drop Python2 compatibility (bsc#1212589)
spacewalk-setup:
- Version 4.2.13-1
- Drop usage of salt.ext.six in embedded_diskspace_check
spacewalk-utils:
- Version 4.2.20-1
- Drop Python2 compatibility
spacewalk-web:
- Version 4.2.36-1
- Update translation
- Fix VHM CPU and RAM display when 0 (bsc#1175823)
- Fix parsing error when showing notification message details (bsc#1211469)
susemanager:
- Version 4.2.44-1
- Require LTSS channels for SUSE Linux Enterprise 15 SP1/SP2/SP3 and SUSE Manager Proxy 4.2 (bsc#1214187)
- Version 4.2.43-1
- Add missing Salt 3006.0 dependencies to bootstrap repo definitions (bsc#1212700)
- Make mgr-salt-ssh to properly fix HOME environment to avoid issues with gitfs (bsc#1210994)
susemanager-doc-indexes:
- Typo correction for Cobbler buildiso command in Client Configuration Guide
- Replaced plain text with dedicated attribute for AutoYaST
- Added a note about Oracle Unbreakable Linux Network mirroring requirements in
Client Configuration Guide (bsc#1212032)
- Added SUSE Linux Enterprise 15 SP5 and openSUSE Leap 15.5
as supported clients in the Client Configuration Guide
- Fixed missing tables of content in the Reference Guide (bsc#1208577)
- Fixed instruction for Single sign-on implementation example in the Administration Guide (bsc#1210103)
- Removed reference to non-exitent files in Reference Guide (bsc#1208528)
susemanager-docs_en:
- Typo correction for Cobbler buildiso command in Client Configuration Guide
- Replaced plain text with dedicated attribute for AutoYaST
- Added a note about Oracle Unbreakable Linux Network mirroring
requirements in Client Configuration Guide (bsc#1212032)
- Added SUSE Linux Enterprise 15 SP5 and openSUSE Leap 15.5
as supported clients in the Client Configuration Guide
- Fixed missing tables of content in the Reference Guide (bsc#1208577)
- Fixed instruction for Single sign-on implementation example in the Administration Guide (bsc#1210103)
- Removed reference to non-exitent files in Reference Guide (bsc#1208528)
susemanager-schema:
- Version 4.2.29-1
- Add schema directory for susemanager-schema-4.2.29
susemanager-sls:
- Version 4.2.35-1
- Do not disable salt-minion on salt-ssh managed clients
- Use venv-salt-minion instead of salt for docker states (bsc#1212416)
How to apply this update:
- Log in as root user to the SUSE Manager Server.
- Stop the Spacewalk service:
spacewalk-service stop
- Apply the patch using either zypper patch or YaST Online Update.
- Start the Spacewalk service:
spacewalk-service start