Oval Definition:oval:org.opensuse.security:def:95981
Revision Date:2021-09-20Version:1
Title:Security update for cobbler (Critical)
Description:

This update for cobbler fixes the following issues:

Security issues fixed:

- CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection (bsc#1189458) - CVE-2021-40324: Fixed an arbitrary file write (bsc#1189458) - CVE-2021-40325: Fixed a problem with the token validation (bsc#1189458)

- Please note that with these changes, a valid log data from Anamon (Red Hat Autoinstallation Process) uploaded to cobbler may be rejected
Family:unixClass:patch
Status:Reference(s):1189458
CVE-2021-40323
CVE-2021-40324
CVE-2021-40325
SUSE-SU-2021:3151-1
Platform(s):SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.1 is installed
  • AND cobbler-3.0.0+git20190806.32c4bae0-8.22.6.1 is installed
  • BACK