Oval Definition:oval:org.opensuse.security:def:83855
Revision Date:2018-08-30Version:1
Title:Security update for cobbler (Important)
Description:

This update for cobbler fixes the following issues:

Security issues fixed:

* - Forbid exposure of private methods in the API (CVE-2018-10931, CVE-2018-1000225, bsc#1104287, bsc#1104189, bsc#1105442) - Check access token when calling 'modify_setting' API endpoint (bsc#1104190, bsc#1105440, CVE-2018-1000226)

Other bugs fixed:

- Do not try to hardlink to a symlink. The result will be a dangling symlink in the general case. (bsc#1097733) - fix kernel options when generating bootiso (bsc#1101670)
Family:unixClass:patch
Status:Reference(s):1097733
1101670
1104189
1104190
1104287
1105440
1105442
CVE-2018-1000225
CVE-2018-1000226
CVE-2018-10931
SUSE-SU-2018:2561-1
Platform(s):SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND cobbler-2.6.6-49.14.1 is installed
    • BACK