Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2019.14163.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2019:14163-1)
Summary:The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2019:14163-1 advisory.
Description:Summary:
The remote host is missing an update for the 'SUSE Manager Client Tools' package(s) announced via the SUSE-SU-2019:14163-1 advisory.

Vulnerability Insight:
This update fixes the following issues:

mgr-cfg:
Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

mgr-daemon:
Fix systemd timer configuration on SLE12 (bsc#1142038)

mgr-osad:
Fix obsolete for old osad packages, to allow installing mgr-osad even by
using osad at yum/zyppper install (bsc#1139453)

Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

mgr-virtualization:
Fix missing python 3 ugettext (bsc#1138494)

Fix package dependencies to prevent file conflict (bsc#1143856)

rhnlib:
Add SNI support for clients

Fix initialize ssl connection (bsc#1144155)

Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)

python-gzipstream:
SPEC cleanup

add makefile and pylint configuration

Add Uyuni URL to package

Bump version to 4.0.0 (bsc#1104034)

Fix copyright for the package specfile (bsc#1103696)

spacecmd:
Bugfix: referenced variable before assignment.

Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)

Add unit tests for custominfo, snippet, scap, ssm, cryptokey and
distribution

Fix missing runtime dependencies that made spacecmd return old versions
of packages in some cases, even if newer ones were available
(bsc#1148311)


spacewalk-backend:
Do not overwrite comps and module data with older versions

Fix issue with 'dists' keyword in url hostname

Import packages from all collections of a patch not just first one

Ensure bytes type when using hashlib to avoid traceback
on XMLRPC call to 'registration.register_osad' (bsc#1138822)

Do not duplicate 'http://' protocol when using proxies with 'deb'
repositories (bsc#1138313)

Fix reposync when dealing with RedHat CDN (bsc#1138358)

Fix for CVE-2019-10136. An attacker with a valid, but expired,
authenticated set of headers could move some digits around, artificially
extending the session validity without modifying the checksum.
(bsc#1136480)

Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)

Add journalctl output to spacewalk-debug tarballs

Prevent unnecessary triggering of channel-repodata tasks when GPG
signing is disabled (bsc#1137715)

Fix spacewalk-repo-sync for Ubuntu repositories in mirror case
(bsc#1136029)

Add support for ULN repositories on new Zypper based reposync.

Don't skip Deb package tags on package import (bsc#1130040)

For backend-libs subpackages, exclude files for the server (already part
of spacewalk-backend) to avoid conflicts (bsc#1148125)

prevent duplicate key violates on repo-sync with long changelog entries
(bsc#1144889)

spacewalk-remote-utils:
Add RHEL8

Affected Software/OS:
'SUSE Manager Client Tools' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Server 11-SP3

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-10136
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.