This update fixes the following issues:
hub-xmlrpc-api:
- Security fix:
- CVE-2023-29409: Restrict RSA keys in certificates to less than or equal to 8192 bits to avoid DoSing client/server
while validating signatures for extremely large RSA keys. (bsc#1213880)
- There are no direct source changes. The CVE on hub-xmlrpc-api is fixed rebuilding the sources with the patched Go
version.
spacecmd:
spacewalk-backend:
- Version 4.2.29-1
- Use a constant to get the product name in python code rather than reading rhn.conf (bsc#1212943)
- Only show missing /root/.curlrc error with log_level = 5 (bsc#1212507)
spacewalk-java:
- Version 4.2.55-1
- Set swap memory value if available
- Set primary FQDN to hostname if none is set (bsc#1209156, bsc#1214333)
- Version 4.2.54-1
- Consider venv-salt-minion package update as a Salt update to prevent backtraces on
upgrading salt with itself (bsc#1211884)
- Version 4.2.53-1
- Fix 'more then one method candidate found' for API function (bsc#1211100)
- Fixed a bug that caused the tab Autoinstallation to hide when clicking on Power
Management Management/Operations on SSM -> Provisioning
- Update copyright year (bsc#1212106)
- Disable jinja processing for the roster file (bsc#1211650)
- Version 4.2.52-1
- Update jetty-util to version 9.4.51
- Version 4.2.51-1
- Update version of Tomcat build dependencies
spacewalk-reports:
- Version 4.2.8-1
- Drop Python2 compatibility (bsc#1212589)
spacewalk-setup:
- Version 4.2.13-1
- Drop usage of salt.ext.six in embedded_diskspace_check
spacewalk-utils:
- Version 4.2.20-1
- Drop Python2 compatibility
spacewalk-web:
- Version 4.2.36-1
- Update translation
- Fix VHM CPU and RAM display when 0 (bsc#1175823)
- Fix parsing error when showing notification message details (bsc#1211469)
susemanager:
- Version 4.2.44-1
- Require LTSS channels for SUSE Linux Enterprise 15 SP1/SP2/SP3 and...