Security update for SUSE Manager Server 4.1 (Moderate)
Description:
This update fixes the following issues:
image-sync-formula:
- Send image_synced event to master
postgresql-jdbc:
- Address CVE-2020-13692 (bsc#1172079)
pxe-yomi-image-sle15:
- Update config.sh based on last JeOS template - Update JEOS_LOCALE to en_US.UTF-8 - Support config{_url}{_name} for user provided configuration
python-susemanager-retail:
- Handle organizations in retail_create_delta
saltboot-formula:
- Support older SLE11 cryptsetup (bsc#1172287) - Use images with 'synced' flag
spacecmd:
- Fix: make spacecmd build on Debian
spacewalk-admin:
- Use the license macro to mark the LICENSE in the package so that when installing without docs, it does install the LICENSE file - Prevent javax.net.ssl.SSLHandshakeException after upgrading from SUSE Manager 3.2 (bsc#1177435)
spacewalk-backend:
- Fix missing `LiteServer.add_suse_products` method (bsc#1178704) - Do not raise TypeError when processing SUSE products (bsc#1178704) - Fix spacewalk-repo-sync to successfully manage and sync ULN repositories - Fix errors in spacewalk-debug and align postgresql queries to new DB version - ISS: Differentiate packages with same nevra but different checksum in the same channel (bsc#1178195) - Re-enables possibility to use local repos with repo-sync (bsc#1175607) - Add `allow_vendor_change` option to rhn clients for dist upgrades
spacewalk-certs-tools:
- Improve check for correct CA trust store directory (bsc#1176417)
spacewalk-client-tools:
- Update translations
spacewalk-java:
- Update content sensitive help links - Update exception message in findSyncedMandatoryChannels - Report resolved module dependencies on CLM project details page - Allow creating custom ULN repositories with uln:// urls - Change message 'Minion is down' to be more accurate - Localize documentation links - Temp: revert Sync state modules when starting action chain execution (bsc#1177336) - Fix check for available products on ISS Slaves (bsc#1177184) - XMLRPC: Report architecture label in the list of installed packages (bsc#1176898) - Get media.1/products for cloned channels (bsc#1178303) - Calculate size to truncate a history message based on the htmlified version (bsc#1178503) - Make image pillar visible only in buildhost organization - Maintain list of synced images in pillar - Enable validation of Content Lifecycle Management entities in the XMLRPC API (bsc#1177706) - Fix the order of the arguments in the XMLRPC API doc for contentmanagement.buildProject (bsc#1177704) - Fix repo url of AppStream in generated RHEL/Centos 8 kickstart file (bsc#1175739) - Log token verify errors and check for expired tokens - Show only kernel options in advanced autoinstallation page when working with a salt minion (bsc#1177767) - Show cluster upgrade plan in the upgrade UI - Take pool and volume from Salt virt.vm_info for files and blocks disks (bsc#1175987) - Add new allowVendorChange flag for dist upgrades - Sync state modules when starting action chain execution (bsc#1177336) - Enable redfish power management by default
spacewalk-search:
- Add multi lang support to the document search
spacewalk-setup:
- Add sock_pool_size setting by default for better performance
spacewalk-web:
- Update content sensitive help links - Fix mandatory channels JS API to finish loading in case of error (bsc#1178839) - Fix the search panel in CLM filters page - Localize documentation links - Fix link to documentation in Admin -> Manager Configuration -> Monitoring (bsc#1176172) - Show cluster upgrade plan in the upgrade UI - Don't allow selecting spice for Xen PV and PVH guests
supportutils-plugin-susemanager:
- Remove checks for obsolete packages - Gather new configfiles - Add more important informations
susemanager:
- Adapt Debian10 bootstrap repository definition for salt on Python 3 - Add --force to mgr-create-bootstrap-repo to enforce generation even when some products are not synchronized
susemanager-doc-indexes:
- Added warning about local repositories in the Clients Configuration Guide - Removed duplicate contact method entry in Client Configuration Guide - Enabled upgrade section for SLE clients on Uyuni in Clients Configuration Guide - Added a section for working with bootstrap repositories and End of Life products in Client Configuration Guide - Added Salt Minion file contact method to Client Configuration Guide - Added Redfish to power management protocols section - Clarify that port 22 is required for the SUSE Manager server in the installation guide (bsc#1177975) - Added procedure for adding virtualization guests to the Client Configuration Guide - New guide added: Quickstart SAP Guide - Add multilang support
susemanager-docs_en:
- Added warning about local repositories in the Clients Configuration Guide - Removed duplicate contact method entry in Client Configuration Guide - Enabled upgrade section for SLE clients on Uyuni in Clients Configuration Guide - Added a section for working with bootstrap repositories and End of Life products in Client Configuration Guide - Added Salt Minion file contact method to Client Configuration Guide - Added Redfish to power management protocols section - Clarify that port 22 is required for the SUSE Manager server in the installation guide (bsc#1177975) - Added procedure for adding virtualization guests to the Client Configuration Guide - New guide added: Quickstart SAP Guide - Add multilang support
mgr-libmod:
- Fix `module not found` exception handling. (bsc#1179257)
susemanager-frontend-libs:
- Update Bootstrap to 3.1.0
susemanager-schema:
- Move dist upgrade SQL file to the correct directory so it gets picked up in schema upgrades (bsc#1179759) - Add `preferred_docs_locale` to UserInfo table - Add new column to rhnactiondup table for allowVendorChange flag
susemanager-sls:
- Fix: sync before start action chains (bsc#1177336) - Temp: revert Sync state modules when starting action chain execution (bsc#1177336) - Handle group- and org-specific image pillars - Use require in reboot trigger (bsc#1177767) - Add pillar option to get allowVendorChange option during dist upgrade - Sync state modules when starting action chain execution (bsc#1177336)
susemanager-sync-data:
- Add new channel families for CAASP on ARM64 and HPC15 SP2 LTSS - Remove duplicate repo definition
uyuni-cluster-provider-caasp:
- Show the cluster upgrade plan in the UI
yomi-formula:
- Update to version 0.0.1+git.1604593202.a2c22bf: * storage: hide mountpoint if no filesystem * software: migrate repos as certs * software: add verify parameter * _grains: efi grains are in Salt now * software: transfer current repository * software: add repository options * lvm: fix indentation * partitioned: fix parted call and tests - Update to version 0.0.1+git.1601999695.6141130: * README: add user provided config - Update to version 0.0.1+git.1598948600.9a9eab0: * Replace fdisk with parted in partitioned
How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema: spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start