openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:3267-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856481

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:3267-1)

Resumen: The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2024:3267-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2024:3267-1 advisory.

Vulnerability Insight:
This update fixes the following issues:

golang-github-prometheus-prometheus:

- Security issues fixed:

* CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038)
* CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556)

- Require Go > 1.20 for building
- Migrate from `disabled` to `manual` service mode
- Update to 2.45.6 (jsc#PED-3577):
* Security fixes in dependencies
- Update to 2.45.5:
* [BUGFIX] tsdb/agent: ensure that new series get written to WAL
on rollback.
* [BUGFIX] Remote write: Avoid a race condition when applying
configuration.
- Update to 2.45.4:
* [BUGFIX] Remote read: Release querier resources before encoding
the results.
- Update to 2.45.3:
* [BUGFIX] TSDB: Remove double memory snapshot on shutdown.
- Update to 2.45.2:
* [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new
series.
- Update to 2.45.1:
* [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used
by Hetzner in September.
* [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid
overflows on 386 architecture.
* [BUGFIX] TSDB: Handle TOC parsing failures.

rhnlib:

- Version 5.0.4-0
* Add the old TLS code for very old traditional clients still on
python 2.7 (bsc#1228198)

spacecmd:

- Version 5.0.9-0
* Update translation strings

uyuni-tools:

- Version 0.1.21-0
* mgrpxy: Fix typo on Systemd template
- Version 0.1.20-0
* Update the push tag to 5.0.1
* mgrpxy: expose port on IPv6 network (bsc#1227951)
- Version 0.1.19-0
* Skip updating Tomcat remote debug if conf file is not present
- Version 0.1.18-0
* Setup Confidential Computing container during migration
(bsc#1227588)
* Add the /etc/uyuni/uyuni-tools.yaml path to the config help
* Split systemd config files to not loose configuration at upgrade
(bsc#1227718)
* Use the same logic for image computation in mgradm and mgrpxy
(bsc#1228026)
* Allow building with different Helm and container default
registry paths (bsc#1226191)
* Fix recursion in mgradm upgrade podman list --help
* Setup hub xmlrpc API service in migration to Podman (bsc#1227588)
* Setup disabled hub xmlrpc API service in all cases (bsc#1227584)
* Clean the inspection code to make it faster
* Properly detect IPv6 enabled on Podman network (bsc#1224349)
* Fix the log file path generation
* Write scripts output to uyuni-tools.log file
* Add uyuni-hubxml-rpc to the list of values in
mgradm scale --help
* Use path in mgradm support sql file input (bsc#1227505)
* On Ubuntu build with go1.21 instead of go1.20
* Enforce Cobbler setup (bsc#1226847)
* Expose port on IPv6 network (bsc#1227951)
* show output of podman image search --list-tags command
* Implement mgrpxy support config command
* During migration, ignore /etc/sysconfig/tomcat and
/etc/tomcat/tomcat.conf (bsc#1228183)
* During migration, remove java.annotation,com.sun.xml.bind and
UseConcMarkSweepGC settings
* Disable node ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'SUSE Manager Client Tools' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-45142
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD/
https://github.com/advisories/GHSA-cg3q-j54f-5p7p
https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65
https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277
https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0
https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh
https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr
https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223
https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159
Common Vulnerability Exposure (CVE) ID: CVE-2024-6104
https://discuss.hashicorp.com/c/security

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856481
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:3267-1)
Resumen:	The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2024:3267-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2024:3267-1 advisory. Vulnerability Insight: This update fixes the following issues: golang-github-prometheus-prometheus: - Security issues fixed: * CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038) * CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556) - Require Go > 1.20 for building - Migrate from `disabled` to `manual` service mode - Update to 2.45.6 (jsc#PED-3577): * Security fixes in dependencies - Update to 2.45.5: * [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback. * [BUGFIX] Remote write: Avoid a race condition when applying configuration. - Update to 2.45.4: * [BUGFIX] Remote read: Release querier resources before encoding the results. - Update to 2.45.3: * [BUGFIX] TSDB: Remove double memory snapshot on shutdown. - Update to 2.45.2: * [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series. - Update to 2.45.1: * [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September. * [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture. * [BUGFIX] TSDB: Handle TOC parsing failures. rhnlib: - Version 5.0.4-0 * Add the old TLS code for very old traditional clients still on python 2.7 (bsc#1228198) spacecmd: - Version 5.0.9-0 * Update translation strings uyuni-tools: - Version 0.1.21-0 * mgrpxy: Fix typo on Systemd template - Version 0.1.20-0 * Update the push tag to 5.0.1 * mgrpxy: expose port on IPv6 network (bsc#1227951) - Version 0.1.19-0 * Skip updating Tomcat remote debug if conf file is not present - Version 0.1.18-0 * Setup Confidential Computing container during migration (bsc#1227588) * Add the /etc/uyuni/uyuni-tools.yaml path to the config help * Split systemd config files to not loose configuration at upgrade (bsc#1227718) * Use the same logic for image computation in mgradm and mgrpxy (bsc#1228026) * Allow building with different Helm and container default registry paths (bsc#1226191) * Fix recursion in mgradm upgrade podman list --help * Setup hub xmlrpc API service in migration to Podman (bsc#1227588) * Setup disabled hub xmlrpc API service in all cases (bsc#1227584) * Clean the inspection code to make it faster * Properly detect IPv6 enabled on Podman network (bsc#1224349) * Fix the log file path generation * Write scripts output to uyuni-tools.log file * Add uyuni-hubxml-rpc to the list of values in mgradm scale --help * Use path in mgradm support sql file input (bsc#1227505) * On Ubuntu build with go1.21 instead of go1.20 * Enforce Cobbler setup (bsc#1226847) * Expose port on IPv6 network (bsc#1227951) * show output of podman image search --list-tags command * Implement mgrpxy support config command * During migration, ignore /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf (bsc#1228183) * During migration, remove java.annotation,com.sun.xml.bind and UseConcMarkSweepGC settings * Disable node ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'SUSE Manager Client Tools' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-45142 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2UTRJ54INZG3OC2FTAN6AFB2RYNY2GAD/ https://github.com/advisories/GHSA-cg3q-j54f-5p7p https://github.com/open-telemetry/opentelemetry-go-contrib/blob/5f7e6ad5a49b45df45f61a1deb29d7f1158032df/instrumentation/net/http/otelhttp/handler.go#L63-L65 https://github.com/open-telemetry/opentelemetry-go-contrib/pull/4277 https://github.com/open-telemetry/opentelemetry-go-contrib/releases/tag/v1.19.0 https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-5r5m-65gx-7vrh https://github.com/open-telemetry/opentelemetry-go-contrib/security/advisories/GHSA-rcjv-mgp8-qvmr https://github.com/open-telemetry/opentelemetry-go/blob/38e1b499c3da3107694ad2660b3888eee9c8b896/semconv/internal/v2/http.go#L223 https://github.com/open-telemetry/opentelemetry-go/blob/v1.12.0/semconv/internal/v2/http.go#L159 Common Vulnerability Exposure (CVE) ID: CVE-2024-6104 https://discuss.hashicorp.com/c/security
Copyright	Copyright (C) 2024 Greenbone AG