Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-10094 (GCVE-0-2019-10094)
Vulnerability from cvelistv5
Published
2019-08-02 18:37
Modified
2024-08-04 22:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- DoS
Summary
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache | Apache Tika |
Version: 1.7 to 1.21 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:09.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Tika",
"vendor": "Apache",
"versions": [
{
"status": "affected",
"version": "1.7 to 1.21"
}
]
}
],
"datePublic": "2019-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T21:06:49",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-10094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Tika",
"version": {
"version_data": [
{
"version_value": "1.7 to 1.21"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E",
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d@%3Cdev.tika.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-10094",
"datePublished": "2019-08-02T18:37:52",
"dateReserved": "2019-03-26T00:00:00",
"dateUpdated": "2024-08-04T22:10:09.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2019-10094\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2019-08-02T19:15:11.857\",\"lastModified\":\"2024-11-21T04:18:23.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.\"},{\"lang\":\"es\",\"value\":\"Un archivo empaquetado y comprimido cuidadosamente dise\u00f1ado, cuando se descomprime y no comprime, produce el mismo archivo (un quine), lo que causa un StackOverflowError en RechesiveParserWrapper de Tika de Apache en las versiones 1.7 hasta 1.21. Los usuarios de Apache Tika deben actualizar a la versi\u00f3n 1.22 o posterior.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.7\",\"versionEndIncluding\":\"1.21\",\"matchCriteriaId\":\"356D4949-E4D5-4D42-8F1B-F29ECD9F6675\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
suse-su-2019:2930-1
Vulnerability from csaf_suse
Published
2019-11-07 16:52
Modified
2019-11-07 16:52
Summary
Security update for SUSE Manager Server 4.0
Notes
Title of the patch
Security update for SUSE Manager Server 4.0
Description of the patch
This update fixes the following issues:
cobbler:
- Fix for install loop caused autoinstallation profiles (bsc#1151875)
- Update module config description to match new parameters
- Add config migration script and runs it in post-install script
- Fix for config backups in post install script (bsc#1149075)
- Move apache config file cobbler.conf to conf.d directory
and remove the VirtualHost container as it overwrite rules
already set in conf.d
- Realignment with Cobbler 3.0.0 release candidate.
- Fix for typo in settings for scm_track module.
- Optimization for settings loading in scm_track module.
cpu-mitigations-formula:
- Fix grub entry changed for sle12* so it matches sle15* (bsc#1145873)
mgr-osad:
- Obsolete all old python2-osa* packages to avoid conflicts (bsc#1152290)
patterns-suse-manager:
- Add recommends for cpu-mitigations-formula
pgjdbc-ng:
- Allow dots in database name (bsc#1146416)
prometheus-exporters-formula:
- Allow to configure arbitrary arguments when running exporters
- Add support for Debian/Ubuntu and Red Hat systems (RHEL/CentOS)
- Install the LICENSE together with the package
py26-compat-salt:
- Get tornado dependency from the system on SLE12 (bsc#1149409)
python-susemanager-retail:
- Update to version 0.1.1568808472.be9f236
- Parse parition type 82 as swap in SLEPOS migration (bsc#1136959)
- Allow kernel command line for branches to be set as an option to
retail_branch_init CLI
- Automatically calculate dhcp dynamic range from branch ip if not
set
python-urlgrabber:
- Allow non-integer values for URLGRABBER_DEBUG env variable (bsc#1152514)
- Fixes usage of log level lookup for Python3 (bsc#1146683)
spacecmd:
- Java api expects content as encoded string instead of encode bytes like before (bsc#1153277)
- Fix building and installing on CentOS8/RES8/RHEL8
- Check that a channel doesn't have clones before deleting it (bsc#1138454)
spacewalk-admin:
- Avoid a 'Permission denied' salt error when publisher_acl
is set (bsc#1150154)
spacewalk-backend:
- Fix re-registration with re-activation key (bsc#1154275)
- Change the default value of taskomatic maxmemory to 4GB
- Add basic support for importing modular repositories
- Import additional fields for Deb packages
- Add script to update additional fields in the DB for existing Deb packages
- Use active values for diskchecker mails
- Parse restart_suggested flag from patches and set it as keywords (bsc#1151467)
- Improve error message when deleting channel that's in a content lifecycle project (bsc#1145769)
- Prevent 'reposync' crash when handling metadata on RPM repos (bsc#1138358)
- Do not show expected WARNING messages from 'c_rehash'
- Fix misspelling in spacewalk-repo-sync (bsc#1149633)
- Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)
- Do not crash 'rhn-satellite-exporter' with ModuleNotFound error (bsc#1146869)
- Spacewalk-remove-channel check that channel doesn't have cloned channels before deleting it (bsc#1138454)
- Fix broken spacewalk-data-fsck utility
- Add '--latest' support for reposync on DEB based repositories
- Do not try to download RPMs from the unresolved mirrorlist URL
- Fix encoding issues with DB bytes values (bsc#1144300)
- Fix import of rhnAuthPAM to avoid issues when using rhnpush.
- Avoid traceback on mgr-inter-sync when there are problems
with cache of packages (bsc#1143016)
spacewalk-branding:
- Improve menu scrollbar style for firefox
- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)
spacewalk-certs-tools:
- Require mgr-daemon (new name of spacewalksd) so we systems with
spacewalksd get always the new package installed (bsc#1149353)
spacewalk-client-tools:
- Require mgr-daemon (new name of spacewalksd) so we systems with
spacewalksd get always the new package installed (bsc#1149353)
- Enable spacewalk-update-service on package installation
(bsc#1143789)
- Invalidate cache 5 minutes before actual expiration(bsc#1143562)
spacewalk-config:
- Change the default value of taskomatic maxmemory to 4GB
- Resolve modules.yaml file for modular repositories
spacewalk-java:
- Change the default value of taskomatic maxmemory to 4GB
- Silence cache strategy Hibernate warning
- Return result in compatible type to what defined in database procedure (bsc#1150729)
- Allow channels names to start with numbers
- Fix: handle special deb package names (bsc#1150113)
- Remove extra spaces in dependencies fields in Debian repo Packages file (bsc#1145551)
- Allow monitoring for managed systems running Ubuntu 18.04 and RedHat 6/7
- Improve performance for 'Manage Software Channels' view (bsc#1151399)
- Import additional fields for Deb packages
- Use value from systemd unit file if not set in /etc/rhn/rhn.conf
- Implement 'keyword' filter for Content Lifecycle Management
- Add support for Azure, Amazon EC2, and Google Compute Engine as Virtual Host Manager.
- Allow ssl connections from Tomcat to Postgres (bsc#1149210)
- Use default in case taskomatic.java.maxmemory is unset
- Fix parsing of /etc/rhn/rhn.conf for taskomatic.java.maxmemory (bsc#1151097)
- Change form order and change project creation message (bsc#1145744)
- Use 'SCC organization credentials' instead of 'SCC credentials' in error message (bsc#1149425)
- Implement 'regular expression' Filter for Content Lifecycle Management
matching package names, patch name, patch synopsis and package names in patches
- Implement provisioning for salt clients
- Explicitly mention in API docs that to preserve LF/CR, user needs to encode the data(bsc#1135442)
- New Single Page Application engine for the UI. It can be enabled with the config 'web.spa.enable' set to true
- Check that a channel doesn't have clones before deleting it (bsc#1138454)
- Fix documentation of contentmanagement handler (bsc#1145753)
- Add new API endpoint to list available Filter Criteria
- Improve API documentation of Filter Criteria
- Implement 'patch contains package' Filter for Content Lifecycle Management
- Implement Filter Patch 'by type' Content Lifecycle Management
- Improve websocket authentication to prevent errors in logs (bsc#1138454)
- Implement filtering errata by synopsis in Content Lifecycle Management
- Normalize date formats for actions, notifications and clm (bsc#1142774)
- Implement ALLOW filters in Content Lifecycle Management
- Implement 'by date' Filter for Content Lifecycle Management
- UI render without error if salt-formulas system folders are unreachable (bsc#1142309)
- Cloning Errata from a specific channel should not take packages
from other channels (bsc#1142764)
- Add susemanager as prerequired for spacewalk-java
spacewalk-setup:
- Fix cobbler authentication module configuration required for
new cobbler package
- Configure 150 Tomcat workers by default, matching httpds MaxClients
spacewalk-utils:
- Add FQDN resolver for spacewalk-manage-channel-lifecycle (bsc#1153578)
- Common-channels: Fix repo type assignment for type YUM
spacewalk-web:
- Redirect to project when canceling creating a filter (bsc#1145750)
- Better visualization of the filters attached to a CLM Project. Allow/deny are now split
- Fix ui issues with content lifecycle project list page (bsc#1145587)
- Implement 'keyword' filter for Content Lifecycle Management
- Enable Azure, Amazon EC2 and Google Compute Engine as available Virtual host Managers
- Trim strings when creating/updating image stores/profiles (bsc#1133429)
- Show loading spin while loading salt keys data (bsc#1150180)
- CLM - Disable clones by default of the shown CLM Project sources
- Change form order and change project creation message (bsc#1145744)
- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)
- Implement 'regular expression' Filter for Content Lifecycle Management
matching package names, patch name, patch synopsis and package names in patches
- New Single Page Application engine for the UI. It can be enabled with the config 'web.spa.enable' set to true
- Add environment label when deleting environment (bsc#1145758)
- Change color of disabled build button on clp page (bsc#1145626)
- Fix the 'include recommended' button on channels selection in SSM (bsc#1145086)
- Implement 'patch contains package' Filter for Content Lifecycle Management
- Implement Filter Patch 'by type' Content Lifecycle Management
- Implement filtering errata by synopsis in Content Lifecycle Management
- Normalize date formats for actions, notifications and clm (bsc#1142774)
- Implement ALLOW filters in Content Lifecycle Management
- Implement 'by date' Filter for Content Lifecycle Management
susemanager:
- Require dmidecode only for SLE12 aarch64 and x86_64 (bsc#1152170)
- Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)
- Fix test for btrfs subvolume for new btrfs version (bsc#1151666)
- Ensure working directory is /root during setup (bsc#1148169)
- Dmidecode does not exist on s390x (bsc#1145119)
susemanager-docs_en:
- Update text and images (mu-4.0.3); many changes caused by Technical and Content Reviews.
- Added partition permissions to Install Guide (bsc#1152735)
- Move Disconnected Setup from Client Config to Admin Guide
- Updated references to documentation.suse.com (was: www.suse.com/documentation)
- Increase default value for taskomatic to 4GB
- Registering to proxy information in Install Guide
- Edits to Prometheus section in Admin Guide
- Update database migration section in Upgrade Guide
- Update server update, upgrade, and migration chapters in Upgrade Guide
- Update server installation and setup chapters
- Update proxy installation and setup chapters
- Add section about maintenance window in Admin Guide
- Update Kubernetes chapter
- Admin Guide: ISS: Adapt the CA path to correspond to SLES 15.1
- Update image management
- Update channel management screenshot in Reference
- Update CLM
- Provide basic documentation on foreign clients
- Update info on mgr-sync
- New images added to Retail Guide
- Minor edits in Salt Guide
- Improvements to Troubleshooting section in Admin Guide
- Removed reference to SLP in Install Guide
- Minor edits to SSM in Client Config Guide
susemanager-schema:
- Fix in schema migration script when recreating the 'suseUserRoleView' (bsc#1151280)
- Fix: handle special deb package names (bsc#1150113)
- Refactor in suseChannelUserRoleView for retrieving the parent_channel_id (bsc#1151399)
- Add tables rhnPackageExtraTag and rhnPackageExtraTagKey
- Allow monitoring for Ubuntu systems
- Add new types needed for Azure, Amazon EC2 and Google CE
- Enable provisioning for salt clients
- Allow package changelog entries with more than 3000 characters (bsc#1144889)
susemanager-sls:
- Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)
- Introduce dnf-susemanager-plugin for RHEL8 minions
- Provide custom grain to report 'instance id' when running on Public Cloud instances
- Disable legacy startup events for new minions
- Implement provisioning for salt clients
- Dmidecode does not exist on ppc64le and s390x (bsc#1145119)
- Update susemanager.conf to use adler32 for computing the server_id for new minions
- Do not show errors when polling internal metadata API (bsc#1155794)
- Add missing 'public_cloud' custom grain (bsc#1155656)
susemanager-sync-data:
- Ubuntu repositories released
tika-core:
- New upstream version 1.2.2. Fixes:
* OOM from a crafted Zip File in Apache Tika's
RecursiveParserWrapper (CVE-2019-10088) (bsc#1144500).
* Denial of Service in Apache Tika's 2003ml and 2006ml
Parsers (CVE-2019-10093) (bsc#1144510).
* StackOverflow from Crafted Package/Compressed Files in Apache
Tika's RecursiveParserWrapper (CVE-2019-10094) (bsc#1144515).
virtual-host-gatherer:
- Add new modules to deal with Amazon EC2, Azure and Google Compute
Patchnames
SUSE-2019-2930,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2019-2930
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ncobbler:\n\n- Fix for install loop caused autoinstallation profiles (bsc#1151875)\n- Update module config description to match new parameters\n- Add config migration script and runs it in post-install script\n- Fix for config backups in post install script (bsc#1149075)\n- Move apache config file cobbler.conf to conf.d directory\n and remove the VirtualHost container as it overwrite rules\n already set in conf.d\n- Realignment with Cobbler 3.0.0 release candidate.\n- Fix for typo in settings for scm_track module.\n- Optimization for settings loading in scm_track module.\n\ncpu-mitigations-formula:\n\n- Fix grub entry changed for sle12* so it matches sle15* (bsc#1145873)\n\nmgr-osad:\n\n- Obsolete all old python2-osa* packages to avoid conflicts (bsc#1152290)\n\npatterns-suse-manager:\n\n- Add recommends for cpu-mitigations-formula \n\npgjdbc-ng:\n\n- Allow dots in database name (bsc#1146416)\n\nprometheus-exporters-formula:\n\n- Allow to configure arbitrary arguments when running exporters\n- Add support for Debian/Ubuntu and Red Hat systems (RHEL/CentOS)\n- Install the LICENSE together with the package\n\npy26-compat-salt:\n\n- Get tornado dependency from the system on SLE12 (bsc#1149409) \n\npython-susemanager-retail:\n\n- Update to version 0.1.1568808472.be9f236\n- Parse parition type 82 as swap in SLEPOS migration (bsc#1136959)\n- Allow kernel command line for branches to be set as an option to\n retail_branch_init CLI\n- Automatically calculate dhcp dynamic range from branch ip if not\n set\n\npython-urlgrabber:\n\n- Allow non-integer values for URLGRABBER_DEBUG env variable (bsc#1152514)\n- Fixes usage of log level lookup for Python3 (bsc#1146683)\n\nspacecmd:\n\n- Java api expects content as encoded string instead of encode bytes like before (bsc#1153277)\n- Fix building and installing on CentOS8/RES8/RHEL8\n- Check that a channel doesn\u0027t have clones before deleting it (bsc#1138454)\n\nspacewalk-admin:\n\n- Avoid a \u0027Permission denied\u0027 salt error when publisher_acl\n is set (bsc#1150154)\n\nspacewalk-backend:\n\n- Fix re-registration with re-activation key (bsc#1154275)\n- Change the default value of taskomatic maxmemory to 4GB\n- Add basic support for importing modular repositories\n- Import additional fields for Deb packages\n- Add script to update additional fields in the DB for existing Deb packages\n- Use active values for diskchecker mails\n- Parse restart_suggested flag from patches and set it as keywords (bsc#1151467)\n- Improve error message when deleting channel that\u0027s in a content lifecycle project (bsc#1145769)\n- Prevent \u0027reposync\u0027 crash when handling metadata on RPM repos (bsc#1138358)\n- Do not show expected WARNING messages from \u0027c_rehash\u0027\n- Fix misspelling in spacewalk-repo-sync (bsc#1149633)\n- Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)\n- Do not crash \u0027rhn-satellite-exporter\u0027 with ModuleNotFound error (bsc#1146869)\n- Spacewalk-remove-channel check that channel doesn\u0027t have cloned channels before deleting it (bsc#1138454)\n- Fix broken spacewalk-data-fsck utility\n- Add \u0027--latest\u0027 support for reposync on DEB based repositories\n- Do not try to download RPMs from the unresolved mirrorlist URL\n- Fix encoding issues with DB bytes values (bsc#1144300)\n- Fix import of rhnAuthPAM to avoid issues when using rhnpush.\n- Avoid traceback on mgr-inter-sync when there are problems\n with cache of packages (bsc#1143016)\n\nspacewalk-branding:\n\n- Improve menu scrollbar style for firefox\n- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)\n\nspacewalk-certs-tools:\n\n- Require mgr-daemon (new name of spacewalksd) so we systems with\n spacewalksd get always the new package installed (bsc#1149353)\n\nspacewalk-client-tools:\n\n- Require mgr-daemon (new name of spacewalksd) so we systems with\n spacewalksd get always the new package installed (bsc#1149353)\n- Enable spacewalk-update-service on package installation\n (bsc#1143789)\n- Invalidate cache 5 minutes before actual expiration(bsc#1143562)\n\nspacewalk-config:\n\n- Change the default value of taskomatic maxmemory to 4GB\n- Resolve modules.yaml file for modular repositories\n\nspacewalk-java:\n\n- Change the default value of taskomatic maxmemory to 4GB\n- Silence cache strategy Hibernate warning\n- Return result in compatible type to what defined in database procedure (bsc#1150729)\n- Allow channels names to start with numbers\n- Fix: handle special deb package names (bsc#1150113)\n- Remove extra spaces in dependencies fields in Debian repo Packages file (bsc#1145551)\n- Allow monitoring for managed systems running Ubuntu 18.04 and RedHat 6/7\n- Improve performance for \u0027Manage Software Channels\u0027 view (bsc#1151399)\n- Import additional fields for Deb packages\n- Use value from systemd unit file if not set in /etc/rhn/rhn.conf\n- Implement \u0027keyword\u0027 filter for Content Lifecycle Management\n- Add support for Azure, Amazon EC2, and Google Compute Engine as Virtual Host Manager.\n- Allow ssl connections from Tomcat to Postgres (bsc#1149210)\n- Use default in case taskomatic.java.maxmemory is unset\n- Fix parsing of /etc/rhn/rhn.conf for taskomatic.java.maxmemory (bsc#1151097)\n- Change form order and change project creation message (bsc#1145744)\n- Use \u0027SCC organization credentials\u0027 instead of \u0027SCC credentials\u0027 in error message (bsc#1149425)\n- Implement \u0027regular expression\u0027 Filter for Content Lifecycle Management\n matching package names, patch name, patch synopsis and package names in patches\n- Implement provisioning for salt clients\n- Explicitly mention in API docs that to preserve LF/CR, user needs to encode the data(bsc#1135442)\n- New Single Page Application engine for the UI. It can be enabled with the config \u0027web.spa.enable\u0027 set to true\n- Check that a channel doesn\u0027t have clones before deleting it (bsc#1138454)\n- Fix documentation of contentmanagement handler (bsc#1145753)\n- Add new API endpoint to list available Filter Criteria\n- Improve API documentation of Filter Criteria\n- Implement \u0027patch contains package\u0027 Filter for Content Lifecycle Management\n- Implement Filter Patch \u0027by type\u0027 Content Lifecycle Management\n- Improve websocket authentication to prevent errors in logs (bsc#1138454)\n- Implement filtering errata by synopsis in Content Lifecycle Management\n- Normalize date formats for actions, notifications and clm (bsc#1142774)\n- Implement ALLOW filters in Content Lifecycle Management\n- Implement \u0027by date\u0027 Filter for Content Lifecycle Management\n- UI render without error if salt-formulas system folders are unreachable (bsc#1142309)\n- Cloning Errata from a specific channel should not take packages\n from other channels (bsc#1142764)\n- Add susemanager as prerequired for spacewalk-java\n\nspacewalk-setup:\n\n- Fix cobbler authentication module configuration required for\n new cobbler package\n- Configure 150 Tomcat workers by default, matching httpds MaxClients\n\nspacewalk-utils:\n\n- Add FQDN resolver for spacewalk-manage-channel-lifecycle (bsc#1153578)\n- Common-channels: Fix repo type assignment for type YUM\n\nspacewalk-web:\n\n- Redirect to project when canceling creating a filter (bsc#1145750)\n- Better visualization of the filters attached to a CLM Project. Allow/deny are now split\n- Fix ui issues with content lifecycle project list page (bsc#1145587)\n- Implement \u0027keyword\u0027 filter for Content Lifecycle Management\n- Enable Azure, Amazon EC2 and Google Compute Engine as available Virtual host Managers\n- Trim strings when creating/updating image stores/profiles (bsc#1133429)\n- Show loading spin while loading salt keys data (bsc#1150180)\n- CLM - Disable clones by default of the shown CLM Project sources\n- Change form order and change project creation message (bsc#1145744)\n- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)\n- Implement \u0027regular expression\u0027 Filter for Content Lifecycle Management\n matching package names, patch name, patch synopsis and package names in patches\n- New Single Page Application engine for the UI. It can be enabled with the config \u0027web.spa.enable\u0027 set to true\n- Add environment label when deleting environment (bsc#1145758)\n- Change color of disabled build button on clp page (bsc#1145626)\n- Fix the \u0027include recommended\u0027 button on channels selection in SSM (bsc#1145086)\n- Implement \u0027patch contains package\u0027 Filter for Content Lifecycle Management\n- Implement Filter Patch \u0027by type\u0027 Content Lifecycle Management\n- Implement filtering errata by synopsis in Content Lifecycle Management\n- Normalize date formats for actions, notifications and clm (bsc#1142774)\n- Implement ALLOW filters in Content Lifecycle Management\n- Implement \u0027by date\u0027 Filter for Content Lifecycle Management\n\nsusemanager:\n\n- Require dmidecode only for SLE12 aarch64 and x86_64 (bsc#1152170)\n- Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)\n- Fix test for btrfs subvolume for new btrfs version (bsc#1151666)\n- Ensure working directory is /root during setup (bsc#1148169)\n- Dmidecode does not exist on s390x (bsc#1145119)\n\nsusemanager-docs_en:\n\n- Update text and images (mu-4.0.3); many changes caused by Technical and Content Reviews.\n- Added partition permissions to Install Guide (bsc#1152735)\n- Move Disconnected Setup from Client Config to Admin Guide\n- Updated references to documentation.suse.com (was: www.suse.com/documentation)\n- Increase default value for taskomatic to 4GB\n- Registering to proxy information in Install Guide\n- Edits to Prometheus section in Admin Guide\n- Update database migration section in Upgrade Guide\n- Update server update, upgrade, and migration chapters in Upgrade Guide\n- Update server installation and setup chapters\n- Update proxy installation and setup chapters\n- Add section about maintenance window in Admin Guide\n- Update Kubernetes chapter\n- Admin Guide: ISS: Adapt the CA path to correspond to SLES 15.1\n- Update image management\n- Update channel management screenshot in Reference\n- Update CLM\n- Provide basic documentation on foreign clients\n- Update info on mgr-sync\n- New images added to Retail Guide\n- Minor edits in Salt Guide\n- Improvements to Troubleshooting section in Admin Guide\n- Removed reference to SLP in Install Guide\n- Minor edits to SSM in Client Config Guide\n\nsusemanager-schema:\n\n- Fix in schema migration script when recreating the \u0027suseUserRoleView\u0027 (bsc#1151280)\n- Fix: handle special deb package names (bsc#1150113)\n- Refactor in suseChannelUserRoleView for retrieving the parent_channel_id (bsc#1151399)\n- Add tables rhnPackageExtraTag and rhnPackageExtraTagKey\n- Allow monitoring for Ubuntu systems\n- Add new types needed for Azure, Amazon EC2 and Google CE\n- Enable provisioning for salt clients\n- Allow package changelog entries with more than 3000 characters (bsc#1144889)\n\nsusemanager-sls:\n\n- Require pmtools only for SLE11 i586 and x86_64 (bsc#1150314)\n- Introduce dnf-susemanager-plugin for RHEL8 minions\n- Provide custom grain to report \u0027instance id\u0027 when running on Public Cloud instances\n- Disable legacy startup events for new minions\n- Implement provisioning for salt clients\n- Dmidecode does not exist on ppc64le and s390x (bsc#1145119)\n- Update susemanager.conf to use adler32 for computing the server_id for new minions\n- Do not show errors when polling internal metadata API (bsc#1155794)\n- Add missing \u0027public_cloud\u0027 custom grain (bsc#1155656)\n\nsusemanager-sync-data:\n\n- Ubuntu repositories released\n\ntika-core:\n\n- New upstream version 1.2.2. Fixes:\n * OOM from a crafted Zip File in Apache Tika\u0027s \n RecursiveParserWrapper (CVE-2019-10088) (bsc#1144500).\n * Denial of Service in Apache Tika\u0027s 2003ml and 2006ml \n Parsers (CVE-2019-10093) (bsc#1144510).\n * StackOverflow from Crafted Package/Compressed Files in Apache \n Tika\u0027s RecursiveParserWrapper (CVE-2019-10094) (bsc#1144515). \n\nvirtual-host-gatherer:\n\n- Add new modules to deal with Amazon EC2, Azure and Google Compute\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2930,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2019-2930",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2930-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2930-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192930-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2930-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192930-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1133429",
"url": "https://bugzilla.suse.com/1133429"
},
{
"category": "self",
"summary": "SUSE Bug 1135442",
"url": "https://bugzilla.suse.com/1135442"
},
{
"category": "self",
"summary": "SUSE Bug 1136959",
"url": "https://bugzilla.suse.com/1136959"
},
{
"category": "self",
"summary": "SUSE Bug 1138358",
"url": "https://bugzilla.suse.com/1138358"
},
{
"category": "self",
"summary": "SUSE Bug 1138454",
"url": "https://bugzilla.suse.com/1138454"
},
{
"category": "self",
"summary": "SUSE Bug 1142309",
"url": "https://bugzilla.suse.com/1142309"
},
{
"category": "self",
"summary": "SUSE Bug 1142764",
"url": "https://bugzilla.suse.com/1142764"
},
{
"category": "self",
"summary": "SUSE Bug 1142774",
"url": "https://bugzilla.suse.com/1142774"
},
{
"category": "self",
"summary": "SUSE Bug 1143016",
"url": "https://bugzilla.suse.com/1143016"
},
{
"category": "self",
"summary": "SUSE Bug 1143562",
"url": "https://bugzilla.suse.com/1143562"
},
{
"category": "self",
"summary": "SUSE Bug 1143789",
"url": "https://bugzilla.suse.com/1143789"
},
{
"category": "self",
"summary": "SUSE Bug 1144300",
"url": "https://bugzilla.suse.com/1144300"
},
{
"category": "self",
"summary": "SUSE Bug 1144500",
"url": "https://bugzilla.suse.com/1144500"
},
{
"category": "self",
"summary": "SUSE Bug 1144510",
"url": "https://bugzilla.suse.com/1144510"
},
{
"category": "self",
"summary": "SUSE Bug 1144515",
"url": "https://bugzilla.suse.com/1144515"
},
{
"category": "self",
"summary": "SUSE Bug 1144889",
"url": "https://bugzilla.suse.com/1144889"
},
{
"category": "self",
"summary": "SUSE Bug 1145086",
"url": "https://bugzilla.suse.com/1145086"
},
{
"category": "self",
"summary": "SUSE Bug 1145119",
"url": "https://bugzilla.suse.com/1145119"
},
{
"category": "self",
"summary": "SUSE Bug 1145551",
"url": "https://bugzilla.suse.com/1145551"
},
{
"category": "self",
"summary": "SUSE Bug 1145587",
"url": "https://bugzilla.suse.com/1145587"
},
{
"category": "self",
"summary": "SUSE Bug 1145626",
"url": "https://bugzilla.suse.com/1145626"
},
{
"category": "self",
"summary": "SUSE Bug 1145744",
"url": "https://bugzilla.suse.com/1145744"
},
{
"category": "self",
"summary": "SUSE Bug 1145750",
"url": "https://bugzilla.suse.com/1145750"
},
{
"category": "self",
"summary": "SUSE Bug 1145753",
"url": "https://bugzilla.suse.com/1145753"
},
{
"category": "self",
"summary": "SUSE Bug 1145758",
"url": "https://bugzilla.suse.com/1145758"
},
{
"category": "self",
"summary": "SUSE Bug 1145769",
"url": "https://bugzilla.suse.com/1145769"
},
{
"category": "self",
"summary": "SUSE Bug 1145873",
"url": "https://bugzilla.suse.com/1145873"
},
{
"category": "self",
"summary": "SUSE Bug 1146416",
"url": "https://bugzilla.suse.com/1146416"
},
{
"category": "self",
"summary": "SUSE Bug 1146419",
"url": "https://bugzilla.suse.com/1146419"
},
{
"category": "self",
"summary": "SUSE Bug 1146683",
"url": "https://bugzilla.suse.com/1146683"
},
{
"category": "self",
"summary": "SUSE Bug 1146869",
"url": "https://bugzilla.suse.com/1146869"
},
{
"category": "self",
"summary": "SUSE Bug 1148169",
"url": "https://bugzilla.suse.com/1148169"
},
{
"category": "self",
"summary": "SUSE Bug 1149075",
"url": "https://bugzilla.suse.com/1149075"
},
{
"category": "self",
"summary": "SUSE Bug 1149210",
"url": "https://bugzilla.suse.com/1149210"
},
{
"category": "self",
"summary": "SUSE Bug 1149353",
"url": "https://bugzilla.suse.com/1149353"
},
{
"category": "self",
"summary": "SUSE Bug 1149409",
"url": "https://bugzilla.suse.com/1149409"
},
{
"category": "self",
"summary": "SUSE Bug 1149425",
"url": "https://bugzilla.suse.com/1149425"
},
{
"category": "self",
"summary": "SUSE Bug 1149633",
"url": "https://bugzilla.suse.com/1149633"
},
{
"category": "self",
"summary": "SUSE Bug 1150113",
"url": "https://bugzilla.suse.com/1150113"
},
{
"category": "self",
"summary": "SUSE Bug 1150154",
"url": "https://bugzilla.suse.com/1150154"
},
{
"category": "self",
"summary": "SUSE Bug 1150180",
"url": "https://bugzilla.suse.com/1150180"
},
{
"category": "self",
"summary": "SUSE Bug 1150314",
"url": "https://bugzilla.suse.com/1150314"
},
{
"category": "self",
"summary": "SUSE Bug 1150729",
"url": "https://bugzilla.suse.com/1150729"
},
{
"category": "self",
"summary": "SUSE Bug 1151097",
"url": "https://bugzilla.suse.com/1151097"
},
{
"category": "self",
"summary": "SUSE Bug 1151280",
"url": "https://bugzilla.suse.com/1151280"
},
{
"category": "self",
"summary": "SUSE Bug 1151399",
"url": "https://bugzilla.suse.com/1151399"
},
{
"category": "self",
"summary": "SUSE Bug 1151467",
"url": "https://bugzilla.suse.com/1151467"
},
{
"category": "self",
"summary": "SUSE Bug 1151481",
"url": "https://bugzilla.suse.com/1151481"
},
{
"category": "self",
"summary": "SUSE Bug 1151666",
"url": "https://bugzilla.suse.com/1151666"
},
{
"category": "self",
"summary": "SUSE Bug 1151875",
"url": "https://bugzilla.suse.com/1151875"
},
{
"category": "self",
"summary": "SUSE Bug 1152170",
"url": "https://bugzilla.suse.com/1152170"
},
{
"category": "self",
"summary": "SUSE Bug 1152290",
"url": "https://bugzilla.suse.com/1152290"
},
{
"category": "self",
"summary": "SUSE Bug 1152514",
"url": "https://bugzilla.suse.com/1152514"
},
{
"category": "self",
"summary": "SUSE Bug 1152735",
"url": "https://bugzilla.suse.com/1152735"
},
{
"category": "self",
"summary": "SUSE Bug 1153277",
"url": "https://bugzilla.suse.com/1153277"
},
{
"category": "self",
"summary": "SUSE Bug 1153578",
"url": "https://bugzilla.suse.com/1153578"
},
{
"category": "self",
"summary": "SUSE Bug 1154275",
"url": "https://bugzilla.suse.com/1154275"
},
{
"category": "self",
"summary": "SUSE Bug 1155656",
"url": "https://bugzilla.suse.com/1155656"
},
{
"category": "self",
"summary": "SUSE Bug 1155794",
"url": "https://bugzilla.suse.com/1155794"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10093 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10094 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10094/"
}
],
"title": "Security update for SUSE Manager Server 4.0",
"tracking": {
"current_release_date": "2019-11-07T16:52:47Z",
"generator": {
"date": "2019-11-07T16:52:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2930-1",
"initial_release_date": "2019-11-07T16:52:47Z",
"revision_history": [
{
"date": "2019-11-07T16:52:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.3.8.aarch64",
"product": {
"name": "patterns-suma_proxy-4.0-9.3.8.aarch64",
"product_id": "patterns-suma_proxy-4.0-9.3.8.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.3.8.aarch64",
"product": {
"name": "patterns-suma_retail-4.0-9.3.8.aarch64",
"product_id": "patterns-suma_retail-4.0-9.3.8.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.3.8.aarch64",
"product": {
"name": "patterns-suma_server-4.0-9.3.8.aarch64",
"product_id": "patterns-suma_server-4.0-9.3.8.aarch64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-4.0.14-3.6.8.aarch64",
"product": {
"name": "spacewalk-branding-4.0.14-3.6.8.aarch64",
"product_id": "spacewalk-branding-4.0.14-3.6.8.aarch64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-4.0.14-3.6.8.aarch64",
"product": {
"name": "spacewalk-branding-devel-4.0.14-3.6.8.aarch64",
"product_id": "spacewalk-branding-devel-4.0.14-3.6.8.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.17-3.6.9.aarch64",
"product": {
"name": "susemanager-4.0.17-3.6.9.aarch64",
"product_id": "susemanager-4.0.17-3.6.9.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.aarch64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.aarch64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.17-3.6.9.aarch64",
"product": {
"name": "susemanager-tools-4.0.17-3.6.9.aarch64",
"product_id": "susemanager-tools-4.0.17-3.6.9.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product": {
"name": "cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product_id": "cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch"
}
},
{
"category": "product_version",
"name": "cobbler-tests-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product": {
"name": "cobbler-tests-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product_id": "cobbler-tests-3.0.0+git20190806.32c4bae0-7.3.7.noarch"
}
},
{
"category": "product_version",
"name": "cobbler-web-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product": {
"name": "cobbler-web-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"product_id": "cobbler-web-3.0.0+git20190806.32c4bae0-7.3.7.noarch"
}
},
{
"category": "product_version",
"name": "cpu-mitigations-formula-0.1-4.6.7.noarch",
"product": {
"name": "cpu-mitigations-formula-0.1-4.6.7.noarch",
"product_id": "cpu-mitigations-formula-0.1-4.6.7.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-4.0.10-3.6.9.noarch",
"product": {
"name": "mgr-cfg-4.0.10-3.6.9.noarch",
"product_id": "mgr-cfg-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product": {
"name": "mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product_id": "mgr-cfg-actions-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-client-4.0.10-3.6.9.noarch",
"product": {
"name": "mgr-cfg-client-4.0.10-3.6.9.noarch",
"product_id": "mgr-cfg-client-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-management-4.0.10-3.6.9.noarch",
"product": {
"name": "mgr-cfg-management-4.0.10-3.6.9.noarch",
"product_id": "mgr-cfg-management-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "mgr-daemon-4.0.8-3.6.7.noarch",
"product": {
"name": "mgr-daemon-4.0.8-3.6.7.noarch",
"product_id": "mgr-daemon-4.0.8-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product": {
"name": "mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product_id": "mgr-osa-dispatcher-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osad-4.0.10-3.6.8.noarch",
"product": {
"name": "mgr-osad-4.0.10-3.6.8.noarch",
"product_id": "mgr-osad-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "pgjdbc-ng-0.7.1-3.3.8.noarch",
"product": {
"name": "pgjdbc-ng-0.7.1-3.3.8.noarch",
"product_id": "pgjdbc-ng-0.7.1-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-exporters-formula-0.4-3.3.7.noarch",
"product": {
"name": "prometheus-exporters-formula-0.4-3.3.7.noarch",
"product_id": "prometheus-exporters-formula-0.4-3.3.7.noarch"
}
},
{
"category": "product_version",
"name": "py26-compat-salt-2016.11.10-10.8.8.noarch",
"product": {
"name": "py26-compat-salt-2016.11.10-10.8.8.noarch",
"product_id": "py26-compat-salt-2016.11.10-10.8.8.noarch"
}
},
{
"category": "product_version",
"name": "python-urlgrabber-bin-3.10.2.1py2_3-6.22.6.noarch",
"product": {
"name": "python-urlgrabber-bin-3.10.2.1py2_3-6.22.6.noarch",
"product_id": "python-urlgrabber-bin-3.10.2.1py2_3-6.22.6.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-4.0.10-3.6.9.noarch",
"product": {
"name": "python2-mgr-cfg-4.0.10-3.6.9.noarch",
"product_id": "python2-mgr-cfg-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product": {
"name": "python2-mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product_id": "python2-mgr-cfg-actions-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-client-4.0.10-3.6.9.noarch",
"product": {
"name": "python2-mgr-cfg-client-4.0.10-3.6.9.noarch",
"product_id": "python2-mgr-cfg-client-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-management-4.0.10-3.6.9.noarch",
"product": {
"name": "python2-mgr-cfg-management-4.0.10-3.6.9.noarch",
"product_id": "python2-mgr-cfg-management-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-common-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-mgr-osa-common-4.0.10-3.6.8.noarch",
"product_id": "python2-mgr-osa-common-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product_id": "python2-mgr-osa-dispatcher-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osad-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-mgr-osad-4.0.10-3.6.8.noarch",
"product_id": "python2-mgr-osad-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product_id": "python2-spacewalk-certs-tools-4.0.12-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-spacewalk-check-4.0.10-3.6.8.noarch",
"product_id": "python2-spacewalk-check-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product_id": "python2-spacewalk-client-setup-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product": {
"name": "python2-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product_id": "python2-spacewalk-client-tools-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python2-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"product": {
"name": "python2-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"product_id": "python2-urlgrabber-3.10.2.1py2_3-6.22.6.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-4.0.10-3.6.9.noarch",
"product": {
"name": "python3-mgr-cfg-4.0.10-3.6.9.noarch",
"product_id": "python3-mgr-cfg-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product": {
"name": "python3-mgr-cfg-actions-4.0.10-3.6.9.noarch",
"product_id": "python3-mgr-cfg-actions-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-client-4.0.10-3.6.9.noarch",
"product": {
"name": "python3-mgr-cfg-client-4.0.10-3.6.9.noarch",
"product_id": "python3-mgr-cfg-client-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-management-4.0.10-3.6.9.noarch",
"product": {
"name": "python3-mgr-cfg-management-4.0.10-3.6.9.noarch",
"product_id": "python3-mgr-cfg-management-4.0.10-3.6.9.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"product_id": "python3-mgr-osa-common-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"product_id": "python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osad-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-mgr-osad-4.0.10-3.6.8.noarch",
"product_id": "python3-mgr-osad-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"product": {
"name": "python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"product_id": "python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product_id": "python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-spacewalk-check-4.0.10-3.6.8.noarch",
"product_id": "python3-spacewalk-check-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product_id": "python3-spacewalk-client-setup-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product": {
"name": "python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product_id": "python3-spacewalk-client-tools-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"product": {
"name": "python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"product_id": "python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"product": {
"name": "python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"product_id": "python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.0.16-3.6.7.noarch",
"product": {
"name": "spacecmd-4.0.16-3.6.7.noarch",
"product_id": "spacecmd-4.0.16-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.0.8-3.3.8.noarch",
"product": {
"name": "spacewalk-admin-4.0.8-3.3.8.noarch",
"product_id": "spacewalk-admin-4.0.8-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-app-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-app-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-applet-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-cdn-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-config-files-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-iss-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-iss-export-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-libs-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-server-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-server-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-sql-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-sql-oracle-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-tools-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.0.16-3.9.8.noarch",
"product": {
"name": "spacewalk-base-4.0.16-3.9.8.noarch",
"product_id": "spacewalk-base-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"product": {
"name": "spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"product_id": "spacewalk-base-minimal-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"product_id": "spacewalk-base-minimal-config-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product": {
"name": "spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"product_id": "spacewalk-certs-tools-4.0.12-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.0.10-3.6.8.noarch",
"product": {
"name": "spacewalk-check-4.0.10-3.6.8.noarch",
"product_id": "spacewalk-check-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product": {
"name": "spacewalk-client-setup-4.0.10-3.6.8.noarch",
"product_id": "spacewalk-client-setup-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product": {
"name": "spacewalk-client-tools-4.0.10-3.6.8.noarch",
"product_id": "spacewalk-client-tools-4.0.10-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-config-4.0.13-3.3.7.noarch",
"product": {
"name": "spacewalk-config-4.0.13-3.3.7.noarch",
"product_id": "spacewalk-config-4.0.13-3.3.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.0.16-3.9.8.noarch",
"product": {
"name": "spacewalk-dobby-4.0.16-3.9.8.noarch",
"product_id": "spacewalk-dobby-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.0.16-3.9.8.noarch",
"product": {
"name": "spacewalk-html-4.0.16-3.9.8.noarch",
"product_id": "spacewalk-html-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-java-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-java-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-java-config-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-java-config-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-java-lib-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-java-lib-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-java-postgresql-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.0.11-3.6.7.noarch",
"product": {
"name": "spacewalk-setup-4.0.11-3.6.7.noarch",
"product_id": "spacewalk-setup-4.0.11-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"product": {
"name": "spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"product_id": "spacewalk-taskomatic-4.0.25-3.10.5.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.0.13-3.6.8.noarch",
"product": {
"name": "spacewalk-utils-4.0.13-3.6.8.noarch",
"product_id": "spacewalk-utils-4.0.13-3.6.8.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.0-10.9.8.noarch",
"product": {
"name": "susemanager-doc-indexes-4.0-10.9.8.noarch",
"product_id": "susemanager-doc-indexes-4.0-10.9.8.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.0-10.9.7.noarch",
"product": {
"name": "susemanager-docs_en-4.0-10.9.7.noarch",
"product_id": "susemanager-docs_en-4.0-10.9.7.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"product_id": "susemanager-docs_en-pdf-4.0-10.9.7.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"product": {
"name": "susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"product_id": "susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.0.16-3.8.5.noarch",
"product": {
"name": "susemanager-schema-4.0.16-3.8.5.noarch",
"product_id": "susemanager-schema-4.0.16-3.8.5.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.0.16-3.8.5.noarch",
"product": {
"name": "susemanager-schema-sanity-4.0.16-3.8.5.noarch",
"product_id": "susemanager-schema-sanity-4.0.16-3.8.5.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.0.22-3.10.4.noarch",
"product": {
"name": "susemanager-sls-4.0.22-3.10.4.noarch",
"product_id": "susemanager-sls-4.0.22-3.10.4.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-4.0.13-3.6.7.noarch",
"product": {
"name": "susemanager-sync-data-4.0.13-3.6.7.noarch",
"product_id": "susemanager-sync-data-4.0.13-3.6.7.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-4.0.16-3.9.8.noarch",
"product": {
"name": "susemanager-web-libs-4.0.16-3.9.8.noarch",
"product_id": "susemanager-web-libs-4.0.16-3.9.8.noarch"
}
},
{
"category": "product_version",
"name": "tika-core-1.22-3.3.7.noarch",
"product": {
"name": "tika-core-1.22-3.3.7.noarch",
"product_id": "tika-core-1.22-3.3.7.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-1.0.19-3.3.8.noarch",
"product": {
"name": "virtual-host-gatherer-1.0.19-3.3.8.noarch",
"product_id": "virtual-host-gatherer-1.0.19-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"product": {
"name": "virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"product_id": "virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"product": {
"name": "virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"product_id": "virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch",
"product": {
"name": "virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch",
"product_id": "virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
}
},
{
"category": "product_version",
"name": "pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"product": {
"name": "pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"product_id": "pxe-default-image-sle15-4.0.0-20191106084601.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.3.8.ppc64le",
"product": {
"name": "patterns-suma_proxy-4.0-9.3.8.ppc64le",
"product_id": "patterns-suma_proxy-4.0-9.3.8.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.3.8.ppc64le",
"product": {
"name": "patterns-suma_retail-4.0-9.3.8.ppc64le",
"product_id": "patterns-suma_retail-4.0-9.3.8.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.3.8.ppc64le",
"product": {
"name": "patterns-suma_server-4.0-9.3.8.ppc64le",
"product_id": "patterns-suma_server-4.0-9.3.8.ppc64le"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-4.0.14-3.6.8.ppc64le",
"product": {
"name": "spacewalk-branding-4.0.14-3.6.8.ppc64le",
"product_id": "spacewalk-branding-4.0.14-3.6.8.ppc64le"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-4.0.14-3.6.8.ppc64le",
"product": {
"name": "spacewalk-branding-devel-4.0.14-3.6.8.ppc64le",
"product_id": "spacewalk-branding-devel-4.0.14-3.6.8.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.17-3.6.9.ppc64le",
"product": {
"name": "susemanager-4.0.17-3.6.9.ppc64le",
"product_id": "susemanager-4.0.17-3.6.9.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.ppc64le",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.ppc64le",
"product_id": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.17-3.6.9.ppc64le",
"product": {
"name": "susemanager-tools-4.0.17-3.6.9.ppc64le",
"product_id": "susemanager-tools-4.0.17-3.6.9.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.3.8.s390x",
"product": {
"name": "patterns-suma_proxy-4.0-9.3.8.s390x",
"product_id": "patterns-suma_proxy-4.0-9.3.8.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.3.8.s390x",
"product": {
"name": "patterns-suma_retail-4.0-9.3.8.s390x",
"product_id": "patterns-suma_retail-4.0-9.3.8.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.3.8.s390x",
"product": {
"name": "patterns-suma_server-4.0-9.3.8.s390x",
"product_id": "patterns-suma_server-4.0-9.3.8.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-4.0.14-3.6.8.s390x",
"product": {
"name": "spacewalk-branding-4.0.14-3.6.8.s390x",
"product_id": "spacewalk-branding-4.0.14-3.6.8.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-4.0.14-3.6.8.s390x",
"product": {
"name": "spacewalk-branding-devel-4.0.14-3.6.8.s390x",
"product_id": "spacewalk-branding-devel-4.0.14-3.6.8.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.17-3.6.9.s390x",
"product": {
"name": "susemanager-4.0.17-3.6.9.s390x",
"product_id": "susemanager-4.0.17-3.6.9.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.s390x",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.s390x",
"product_id": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.17-3.6.9.s390x",
"product": {
"name": "susemanager-tools-4.0.17-3.6.9.s390x",
"product_id": "susemanager-tools-4.0.17-3.6.9.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.3.8.x86_64",
"product": {
"name": "patterns-suma_proxy-4.0-9.3.8.x86_64",
"product_id": "patterns-suma_proxy-4.0-9.3.8.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.3.8.x86_64",
"product": {
"name": "patterns-suma_retail-4.0-9.3.8.x86_64",
"product_id": "patterns-suma_retail-4.0-9.3.8.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.3.8.x86_64",
"product": {
"name": "patterns-suma_server-4.0-9.3.8.x86_64",
"product_id": "patterns-suma_server-4.0-9.3.8.x86_64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-4.0.14-3.6.8.x86_64",
"product": {
"name": "spacewalk-branding-4.0.14-3.6.8.x86_64",
"product_id": "spacewalk-branding-4.0.14-3.6.8.x86_64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-4.0.14-3.6.8.x86_64",
"product": {
"name": "spacewalk-branding-devel-4.0.14-3.6.8.x86_64",
"product_id": "spacewalk-branding-devel-4.0.14-3.6.8.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.17-3.6.9.x86_64",
"product": {
"name": "susemanager-4.0.17-3.6.9.x86_64",
"product_id": "susemanager-4.0.17-3.6.9.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.x86_64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.x86_64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.11-3.6.8.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.17-3.6.9.x86_64",
"product": {
"name": "susemanager-tools-4.0.17-3.6.9.x86_64",
"product_id": "susemanager-tools-4.0.17-3.6.9.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.0",
"product": {
"name": "SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch"
},
"product_reference": "cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cpu-mitigations-formula-0.1-4.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch"
},
"product_reference": "cpu-mitigations-formula-0.1-4.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-osa-dispatcher-4.0.10-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch"
},
"product_reference": "mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.3.8.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le"
},
"product_reference": "patterns-suma_retail-4.0-9.3.8.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.3.8.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x"
},
"product_reference": "patterns-suma_retail-4.0-9.3.8.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.3.8.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64"
},
"product_reference": "patterns-suma_retail-4.0-9.3.8.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.3.8.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le"
},
"product_reference": "patterns-suma_server-4.0-9.3.8.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.3.8.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x"
},
"product_reference": "patterns-suma_server-4.0-9.3.8.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.3.8.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64"
},
"product_reference": "patterns-suma_server-4.0-9.3.8.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgjdbc-ng-0.7.1-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch"
},
"product_reference": "pgjdbc-ng-0.7.1-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-exporters-formula-0.4-3.3.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch"
},
"product_reference": "prometheus-exporters-formula-0.4-3.3.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pxe-default-image-sle15-4.0.0-20191106084601.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch"
},
"product_reference": "pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "py26-compat-salt-2016.11.10-10.8.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch"
},
"product_reference": "py26-compat-salt-2016.11.10-10.8.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-common-4.0.10-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch"
},
"product_reference": "python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch"
},
"product_reference": "python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch"
},
"product_reference": "python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.0.10-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch"
},
"product_reference": "python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch"
},
"product_reference": "python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.16-3.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch"
},
"product_reference": "spacecmd-4.0.16-3.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-4.0.8-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch"
},
"product_reference": "spacewalk-admin-4.0.8-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-app-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-server-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.0.16-3.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch"
},
"product_reference": "spacewalk-base-4.0.16-3.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.16-3.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.16-3.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-4.0.14-3.6.8.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le"
},
"product_reference": "spacewalk-branding-4.0.14-3.6.8.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-4.0.14-3.6.8.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x"
},
"product_reference": "spacewalk-branding-4.0.14-3.6.8.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-4.0.14-3.6.8.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64"
},
"product_reference": "spacewalk-branding-4.0.14-3.6.8.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.12-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.0.10-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch"
},
"product_reference": "spacewalk-client-tools-4.0.10-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-config-4.0.13-3.3.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch"
},
"product_reference": "spacewalk-config-4.0.13-3.3.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.0.16-3.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch"
},
"product_reference": "spacewalk-html-4.0.16-3.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.0.25-3.10.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch"
},
"product_reference": "spacewalk-java-4.0.25-3.10.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.0.25-3.10.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch"
},
"product_reference": "spacewalk-java-config-4.0.25-3.10.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.0.25-3.10.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch"
},
"product_reference": "spacewalk-java-lib-4.0.25-3.10.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.0.25-3.10.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-4.0.11-3.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch"
},
"product_reference": "spacewalk-setup-4.0.11-3.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.0.25-3.10.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch"
},
"product_reference": "spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-4.0.13-3.6.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch"
},
"product_reference": "spacewalk-utils-4.0.13-3.6.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.17-3.6.9.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le"
},
"product_reference": "susemanager-4.0.17-3.6.9.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.17-3.6.9.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x"
},
"product_reference": "susemanager-4.0.17-3.6.9.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.17-3.6.9.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64"
},
"product_reference": "susemanager-4.0.17-3.6.9.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-doc-indexes-4.0-10.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch"
},
"product_reference": "susemanager-doc-indexes-4.0-10.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-4.0-10.9.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch"
},
"product_reference": "susemanager-docs_en-4.0-10.9.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-pdf-4.0-10.9.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch"
},
"product_reference": "susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch"
},
"product_reference": "susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.0.16-3.8.5.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch"
},
"product_reference": "susemanager-schema-4.0.16-3.8.5.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.0.22-3.10.4.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch"
},
"product_reference": "susemanager-sls-4.0.22-3.10.4.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-4.0.13-3.6.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch"
},
"product_reference": "susemanager-sync-data-4.0.13-3.6.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.17-3.6.9.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le"
},
"product_reference": "susemanager-tools-4.0.17-3.6.9.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.17-3.6.9.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x"
},
"product_reference": "susemanager-tools-4.0.17-3.6.9.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.17-3.6.9.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64"
},
"product_reference": "susemanager-tools-4.0.17-3.6.9.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-4.0.16-3.9.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch"
},
"product_reference": "susemanager-web-libs-4.0.16-3.9.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tika-core-1.22-3.3.7.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch"
},
"product_reference": "tika-core-1.22-3.3.7.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-1.0.19-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch"
},
"product_reference": "virtual-host-gatherer-1.0.19-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch"
},
"product_reference": "virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch"
},
"product_reference": "virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
},
"product_reference": "virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10088"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted or corrupt zip file can cause an OOM in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10088",
"url": "https://www.suse.com/security/cve/CVE-2019-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1144500 for CVE-2019-10088",
"url": "https://bugzilla.suse.com/1144500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-07T16:52:47Z",
"details": "low"
}
],
"title": "CVE-2019-10088"
},
{
"cve": "CVE-2019-10093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10093"
}
],
"notes": [
{
"category": "general",
"text": "In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10093",
"url": "https://www.suse.com/security/cve/CVE-2019-10093"
},
{
"category": "external",
"summary": "SUSE Bug 1144510 for CVE-2019-10093",
"url": "https://bugzilla.suse.com/1144510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-07T16:52:47Z",
"details": "moderate"
}
],
"title": "CVE-2019-10093"
},
{
"cve": "CVE-2019-10094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10094"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10094",
"url": "https://www.suse.com/security/cve/CVE-2019-10094"
},
{
"category": "external",
"summary": "SUSE Bug 1144515 for CVE-2019-10094",
"url": "https://bugzilla.suse.com/1144515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Server Module 4.0:cobbler-3.0.0+git20190806.32c4bae0-7.3.7.noarch",
"SUSE Manager Server Module 4.0:cpu-mitigations-formula-0.1-4.6.7.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.3.8.x86_64",
"SUSE Manager Server Module 4.0:pgjdbc-ng-0.7.1-3.3.8.noarch",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.4-3.3.7.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.0-20191106084601.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.8.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:python3-urlgrabber-3.10.2.1py2_3-6.22.6.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.16-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.8-3.3.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.27-3.13.9.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.ppc64le",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.s390x",
"SUSE Manager Server Module 4.0:spacewalk-branding-4.0.14-3.6.8.x86_64",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.12-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.10-3.6.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-config-4.0.13-3.3.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.11-3.6.7.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.25-3.10.5.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.13-3.6.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.9.8.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.9.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1568808472.be9f236-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.16-3.8.5.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.22-3.10.4.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.13-3.6.7.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.17-3.6.9.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.16-3.9.8.noarch",
"SUSE Manager Server Module 4.0:tika-core-1.22-3.3.7.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-Kubernetes-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-VMware-1.0.19-3.3.8.noarch",
"SUSE Manager Server Module 4.0:virtual-host-gatherer-libcloud-1.0.19-3.3.8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-07T16:52:47Z",
"details": "moderate"
}
],
"title": "CVE-2019-10094"
}
]
}
suse-su-2019:2521-1
Vulnerability from csaf_suse
Published
2019-10-02 12:50
Modified
2019-10-02 12:50
Summary
Security update for SUSE Manager Server 3.2
Notes
Title of the patch
Security update for SUSE Manager Server 3.2
Description of the patch
This update fixes the following issues:
cobbler:
- Jinja2 template library fix (bsc#1141661)
pgjdbc-ng:
- Allow dots in database name (bsc#1146416)
py26-compat-salt:
- Get tornado dependency from the system on SLE12 (bsc#1149409)
- Catch SSLError for TLS 1.2 bootstraps with RES/RHEL6 and SLE11 (bsc#1147126)
spacecmd:
- Check that a channel doesn't have clones before deleting it (bsc#1138454)
spacewalk-backend:
- Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)
- Do not make 'rhn-satellite-exporter' to crash with 'AttributeError' (bsc#1146869)
- Spacewalk-remove-channel check that channel doesn't have cloned channels before deleting it (bsc#1138454)
- Prevent duplicate changelog entries due VARCHAR(3000)
db text column (bsc#1144889)
- Avoid traceback on mgr-inter-sync when exception message
contains UTF8 characters or there are problems with the
package cache (bsc#1143016)
registered guest (bsc#1093381)
spacewalk-branding:
- Add missing strings for task status page
spacewalk-client-tools:
- Invalidate cache 5 minutes before actual expiration(bsc#1143562)
spacewalk-java:
- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)
- Don't convert localhost repositories URL in mirror case (bsc#1135957)
- Check that a channel doesn't have clones before deleting it (bsc#1138454)
- Improve websocket authentication to prevent errors in logs (bsc#1138454)
- Normalize date formats for actions, notifications and clm (bsc#1142774)
- Cloning Errata from a specific channel should not take packages
from other channels (bsc#1142764)
- Add susemanager as prerequired for spacewalk-java
- Improve performance for retrieving the user permissions on channels (bsc#1140644)
- Prerequire salt package to avoid not existing user issues
- Support partly patched CVEs in CVE audit (bsc#1137229)
spacewalk-setup:
- Configure 150 Tomcat workers by default, matching httpds MaxClients
spacewalk-utils:
- Common-channels: Fix repo type assignment for type YUM
- Adds support for Ubuntu and Debian channels to spacewalk-common-channels.
spacewalk-web:
- Fix the 'include recommended' button on channels selection in SSM (bsc#1145086)
- Normalize date formats for actions, notifications and clm (bsc#1142774)
- Add unsupported browser warning when using Internet Explorer
susemanager:
- Dmidecode does not exist on s390x (bsc#1145119)
susemanager-docs_en:
- Add link to the creation of the bootstrap script (bsc#1146895).
- Improve adoc tagging.
- LimitNOFILE back-port.
- Fix command-line error (bsc#1096426).
susemanager-schema:
- Improve performance for retrieving the user permissions on channels (bsc#1140644)
susemanager-sls:
- Bootstrapping RES6/RHEL6/SLE11 with TLS1.2 now shows error message. (bsc#1147126)
- Dmidecode does not exist on ppc64le and s390x (bsc#1145119)
- Update susemanager.conf to use adler32 for computing the server_id for new minions
tika-core:
New upstream version 1.2.2. Fixes security issues:
- CVE-2019-10088: Fixed an OOM from a crafted Zip File in Apache Tika's RecursiveParserWrapper (bsc#1144500).
- CVE-2019-10093: Fixed a Denial of Service in Apache Tika's 2003ml and 2006ml Parsers (bsc#1144510).
- CVE-2019-10094: Fixed a stack overflow from crafted compressed files in Apache Tika's RecursiveParserWrapper (bsc#1144515).
Patchnames
SUSE-2019-2521,SUSE-SUSE-Manager-Server-3.2-2019-2521
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 3.2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ncobbler:\n\n- Jinja2 template library fix (bsc#1141661)\n\npgjdbc-ng:\n\n- Allow dots in database name (bsc#1146416) \n\npy26-compat-salt:\n\n- Get tornado dependency from the system on SLE12 (bsc#1149409) \n- Catch SSLError for TLS 1.2 bootstraps with RES/RHEL6 and SLE11 (bsc#1147126)\n\nspacecmd:\n\n- Check that a channel doesn\u0027t have clones before deleting it (bsc#1138454)\n\nspacewalk-backend:\n\n- Remove credentials also from potential rhn.conf backup files in spacewalk-debug (bsc#1146419)\n- Do not make \u0027rhn-satellite-exporter\u0027 to crash with \u0027AttributeError\u0027 (bsc#1146869)\n- Spacewalk-remove-channel check that channel doesn\u0027t have cloned channels before deleting it (bsc#1138454)\n- Prevent duplicate changelog entries due VARCHAR(3000)\n db text column (bsc#1144889)\n- Avoid traceback on mgr-inter-sync when exception message\n contains UTF8 characters or there are problems with the\n package cache (bsc#1143016)\n registered guest (bsc#1093381)\n\nspacewalk-branding:\n\n- Add missing strings for task status page\n\nspacewalk-client-tools:\n\n- Invalidate cache 5 minutes before actual expiration(bsc#1143562)\n\nspacewalk-java:\n\n- Add UI message when salt-formulas system folders are unreachable (bsc#1142309)\n- Don\u0027t convert localhost repositories URL in mirror case (bsc#1135957)\n- Check that a channel doesn\u0027t have clones before deleting it (bsc#1138454)\n- Improve websocket authentication to prevent errors in logs (bsc#1138454)\n- Normalize date formats for actions, notifications and clm (bsc#1142774)\n- Cloning Errata from a specific channel should not take packages\n from other channels (bsc#1142764)\n- Add susemanager as prerequired for spacewalk-java\n- Improve performance for retrieving the user permissions on channels (bsc#1140644)\n- Prerequire salt package to avoid not existing user issues\n- Support partly patched CVEs in CVE audit (bsc#1137229)\n\nspacewalk-setup:\n\n- Configure 150 Tomcat workers by default, matching httpds MaxClients\n\nspacewalk-utils:\n\n- Common-channels: Fix repo type assignment for type YUM\n- Adds support for Ubuntu and Debian channels to spacewalk-common-channels.\n\nspacewalk-web:\n\n- Fix the \u0027include recommended\u0027 button on channels selection in SSM (bsc#1145086)\n- Normalize date formats for actions, notifications and clm (bsc#1142774)\n- Add unsupported browser warning when using Internet Explorer\n\nsusemanager:\n\n- Dmidecode does not exist on s390x (bsc#1145119)\n\nsusemanager-docs_en:\n\n- Add link to the creation of the bootstrap script (bsc#1146895).\n- Improve adoc tagging.\n- LimitNOFILE back-port.\n- Fix command-line error (bsc#1096426).\n\nsusemanager-schema:\n\n- Improve performance for retrieving the user permissions on channels (bsc#1140644)\n\nsusemanager-sls:\n\n- Bootstrapping RES6/RHEL6/SLE11 with TLS1.2 now shows error message. (bsc#1147126)\n- Dmidecode does not exist on ppc64le and s390x (bsc#1145119)\n- Update susemanager.conf to use adler32 for computing the server_id for new minions\n\ntika-core:\n\nNew upstream version 1.2.2. Fixes security issues:\n\n- CVE-2019-10088: Fixed an OOM from a crafted Zip File in Apache Tika\u0027s RecursiveParserWrapper (bsc#1144500).\n- CVE-2019-10093: Fixed a Denial of Service in Apache Tika\u0027s 2003ml and 2006ml Parsers (bsc#1144510).\n- CVE-2019-10094: Fixed a stack overflow from crafted compressed files in Apache Tika\u0027s RecursiveParserWrapper (bsc#1144515).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2521,SUSE-SUSE-Manager-Server-3.2-2019-2521",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2521-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2521-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192521-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2521-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-October/005979.html"
},
{
"category": "self",
"summary": "SUSE Bug 1093381",
"url": "https://bugzilla.suse.com/1093381"
},
{
"category": "self",
"summary": "SUSE Bug 1096426",
"url": "https://bugzilla.suse.com/1096426"
},
{
"category": "self",
"summary": "SUSE Bug 1135957",
"url": "https://bugzilla.suse.com/1135957"
},
{
"category": "self",
"summary": "SUSE Bug 1137229",
"url": "https://bugzilla.suse.com/1137229"
},
{
"category": "self",
"summary": "SUSE Bug 1138454",
"url": "https://bugzilla.suse.com/1138454"
},
{
"category": "self",
"summary": "SUSE Bug 1140644",
"url": "https://bugzilla.suse.com/1140644"
},
{
"category": "self",
"summary": "SUSE Bug 1141661",
"url": "https://bugzilla.suse.com/1141661"
},
{
"category": "self",
"summary": "SUSE Bug 1142309",
"url": "https://bugzilla.suse.com/1142309"
},
{
"category": "self",
"summary": "SUSE Bug 1142764",
"url": "https://bugzilla.suse.com/1142764"
},
{
"category": "self",
"summary": "SUSE Bug 1142774",
"url": "https://bugzilla.suse.com/1142774"
},
{
"category": "self",
"summary": "SUSE Bug 1143016",
"url": "https://bugzilla.suse.com/1143016"
},
{
"category": "self",
"summary": "SUSE Bug 1143562",
"url": "https://bugzilla.suse.com/1143562"
},
{
"category": "self",
"summary": "SUSE Bug 1144500",
"url": "https://bugzilla.suse.com/1144500"
},
{
"category": "self",
"summary": "SUSE Bug 1144510",
"url": "https://bugzilla.suse.com/1144510"
},
{
"category": "self",
"summary": "SUSE Bug 1144515",
"url": "https://bugzilla.suse.com/1144515"
},
{
"category": "self",
"summary": "SUSE Bug 1144889",
"url": "https://bugzilla.suse.com/1144889"
},
{
"category": "self",
"summary": "SUSE Bug 1145086",
"url": "https://bugzilla.suse.com/1145086"
},
{
"category": "self",
"summary": "SUSE Bug 1145119",
"url": "https://bugzilla.suse.com/1145119"
},
{
"category": "self",
"summary": "SUSE Bug 1146416",
"url": "https://bugzilla.suse.com/1146416"
},
{
"category": "self",
"summary": "SUSE Bug 1146419",
"url": "https://bugzilla.suse.com/1146419"
},
{
"category": "self",
"summary": "SUSE Bug 1146869",
"url": "https://bugzilla.suse.com/1146869"
},
{
"category": "self",
"summary": "SUSE Bug 1146895",
"url": "https://bugzilla.suse.com/1146895"
},
{
"category": "self",
"summary": "SUSE Bug 1147126",
"url": "https://bugzilla.suse.com/1147126"
},
{
"category": "self",
"summary": "SUSE Bug 1149409",
"url": "https://bugzilla.suse.com/1149409"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10093 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10094 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10094/"
}
],
"title": "Security update for SUSE Manager Server 3.2",
"tracking": {
"current_release_date": "2019-10-02T12:50:20Z",
"generator": {
"date": "2019-10-02T12:50:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2521-1",
"initial_release_date": "2019-10-02T12:50:20Z",
"revision_history": [
{
"date": "2019-10-02T12:50:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-branding-2.8.5.16-3.22.1.aarch64",
"product": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.aarch64",
"product_id": "spacewalk-branding-2.8.5.16-3.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.aarch64",
"product": {
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.aarch64",
"product_id": "spacewalk-branding-devel-2.8.5.16-3.22.1.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-3.2.20-3.31.2.aarch64",
"product": {
"name": "susemanager-3.2.20-3.31.2.aarch64",
"product_id": "susemanager-3.2.20-3.31.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.20-3.31.2.aarch64",
"product": {
"name": "susemanager-tools-3.2.20-3.31.2.aarch64",
"product_id": "susemanager-tools-3.2.20-3.31.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cobbler-2.6.6-6.22.1.noarch",
"product": {
"name": "cobbler-2.6.6-6.22.1.noarch",
"product_id": "cobbler-2.6.6-6.22.1.noarch"
}
},
{
"category": "product_version",
"name": "cobbler-tests-2.6.6-6.22.1.noarch",
"product": {
"name": "cobbler-tests-2.6.6-6.22.1.noarch",
"product_id": "cobbler-tests-2.6.6-6.22.1.noarch"
}
},
{
"category": "product_version",
"name": "cobbler-web-2.6.6-6.22.1.noarch",
"product": {
"name": "cobbler-web-2.6.6-6.22.1.noarch",
"product_id": "cobbler-web-2.6.6-6.22.1.noarch"
}
},
{
"category": "product_version",
"name": "koan-2.6.6-6.22.1.noarch",
"product": {
"name": "koan-2.6.6-6.22.1.noarch",
"product_id": "koan-2.6.6-6.22.1.noarch"
}
},
{
"category": "product_version",
"name": "pgjdbc-ng-0.7.1-2.6.1.noarch",
"product": {
"name": "pgjdbc-ng-0.7.1-2.6.1.noarch",
"product_id": "pgjdbc-ng-0.7.1-2.6.1.noarch"
}
},
{
"category": "product_version",
"name": "py26-compat-salt-2016.11.10-6.32.1.noarch",
"product": {
"name": "py26-compat-salt-2016.11.10-6.32.1.noarch",
"product_id": "py26-compat-salt-2016.11.10-6.32.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-2.8.22.5-3.6.1.noarch",
"product": {
"name": "python2-spacewalk-check-2.8.22.5-3.6.1.noarch",
"product_id": "python2-spacewalk-check-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-2.8.22.5-3.6.1.noarch",
"product": {
"name": "python2-spacewalk-client-setup-2.8.22.5-3.6.1.noarch",
"product_id": "python2-spacewalk-client-setup-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"product": {
"name": "python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"product_id": "python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-2.8.25.11-3.23.1.noarch",
"product": {
"name": "spacecmd-2.8.25.11-3.23.1.noarch",
"product_id": "spacecmd-2.8.25.11-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-app-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-applet-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-cdn-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-cdn-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-iss-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-libs-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-server-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-sql-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-tools-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"product_id": "spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-2.8.7.19-3.36.1.noarch",
"product": {
"name": "spacewalk-base-2.8.7.19-3.36.1.noarch",
"product_id": "spacewalk-base-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"product": {
"name": "spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"product_id": "spacewalk-base-minimal-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"product": {
"name": "spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"product_id": "spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-2.8.22.5-3.6.1.noarch",
"product": {
"name": "spacewalk-check-2.8.22.5-3.6.1.noarch",
"product_id": "spacewalk-check-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-2.8.22.5-3.6.1.noarch",
"product": {
"name": "spacewalk-client-setup-2.8.22.5-3.6.1.noarch",
"product_id": "spacewalk-client-setup-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"product": {
"name": "spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"product_id": "spacewalk-client-tools-2.8.22.5-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-2.8.7.19-3.36.1.noarch",
"product": {
"name": "spacewalk-dobby-2.8.7.19-3.36.1.noarch",
"product_id": "spacewalk-dobby-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-2.8.7.19-3.36.1.noarch",
"product": {
"name": "spacewalk-html-2.8.7.19-3.36.1.noarch",
"product_id": "spacewalk-html-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-config-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-lib-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-oracle-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-2.8.7.8-3.19.1.noarch",
"product": {
"name": "spacewalk-setup-2.8.7.8-3.19.1.noarch",
"product_id": "spacewalk-setup-2.8.7.8-3.19.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"product": {
"name": "spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"product_id": "spacewalk-taskomatic-2.8.78.24-3.38.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-2.8.18.5-3.9.1.noarch",
"product": {
"name": "spacewalk-utils-2.8.18.5-3.9.1.noarch",
"product_id": "spacewalk-utils-2.8.18.5-3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"product_id": "susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"product_id": "susemanager-best-practices_en-pdf-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-docs_en-3.2-11.32.1.noarch",
"product_id": "susemanager-docs_en-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"product_id": "susemanager-getting-started_en-pdf-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-jsp_en-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-jsp_en-3.2-11.32.1.noarch",
"product_id": "susemanager-jsp_en-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"product": {
"name": "susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"product_id": "susemanager-reference_en-pdf-3.2-11.32.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-3.2.21-3.31.1.noarch",
"product": {
"name": "susemanager-schema-3.2.21-3.31.1.noarch",
"product_id": "susemanager-schema-3.2.21-3.31.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-3.2.21-3.31.1.noarch",
"product": {
"name": "susemanager-schema-sanity-3.2.21-3.31.1.noarch",
"product_id": "susemanager-schema-sanity-3.2.21-3.31.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-3.2.27-3.35.1.noarch",
"product": {
"name": "susemanager-sls-3.2.27-3.35.1.noarch",
"product_id": "susemanager-sls-3.2.27-3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"product": {
"name": "susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"product_id": "susemanager-web-libs-2.8.7.19-3.36.1.noarch"
}
},
{
"category": "product_version",
"name": "tika-core-1.22-3.9.1.noarch",
"product": {
"name": "tika-core-1.22-3.9.1.noarch",
"product_id": "tika-core-1.22-3.9.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"product": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"product_id": "spacewalk-branding-2.8.5.16-3.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.ppc64le",
"product": {
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.ppc64le",
"product_id": "spacewalk-branding-devel-2.8.5.16-3.22.1.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-3.2.20-3.31.2.ppc64le",
"product": {
"name": "susemanager-3.2.20-3.31.2.ppc64le",
"product_id": "susemanager-3.2.20-3.31.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.20-3.31.2.ppc64le",
"product": {
"name": "susemanager-tools-3.2.20-3.31.2.ppc64le",
"product_id": "susemanager-tools-3.2.20-3.31.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-branding-2.8.5.16-3.22.1.s390x",
"product": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.s390x",
"product_id": "spacewalk-branding-2.8.5.16-3.22.1.s390x"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.s390x",
"product": {
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.s390x",
"product_id": "spacewalk-branding-devel-2.8.5.16-3.22.1.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-3.2.20-3.31.2.s390x",
"product": {
"name": "susemanager-3.2.20-3.31.2.s390x",
"product_id": "susemanager-3.2.20-3.31.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.20-3.31.2.s390x",
"product": {
"name": "susemanager-tools-3.2.20-3.31.2.s390x",
"product_id": "susemanager-tools-3.2.20-3.31.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"product": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"product_id": "spacewalk-branding-2.8.5.16-3.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.x86_64",
"product": {
"name": "spacewalk-branding-devel-2.8.5.16-3.22.1.x86_64",
"product_id": "spacewalk-branding-devel-2.8.5.16-3.22.1.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-3.2.20-3.31.2.x86_64",
"product": {
"name": "susemanager-3.2.20-3.31.2.x86_64",
"product_id": "susemanager-3.2.20-3.31.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.20-3.31.2.x86_64",
"product": {
"name": "susemanager-tools-3.2.20-3.31.2.x86_64",
"product_id": "susemanager-tools-3.2.20-3.31.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 3.2",
"product": {
"name": "SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cobbler-2.6.6-6.22.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch"
},
"product_reference": "cobbler-2.6.6-6.22.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgjdbc-ng-0.7.1-2.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch"
},
"product_reference": "pgjdbc-ng-0.7.1-2.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "py26-compat-salt-2016.11.10-6.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch"
},
"product_reference": "py26-compat-salt-2016.11.10-6.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch"
},
"product_reference": "python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-2.8.25.11-3.23.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch"
},
"product_reference": "spacecmd-2.8.25.11-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-libs-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-2.8.7.19-3.36.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch"
},
"product_reference": "spacewalk-base-2.8.7.19-3.36.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-2.8.7.19-3.36.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch"
},
"product_reference": "spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch"
},
"product_reference": "spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.ppc64le as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le"
},
"product_reference": "spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.s390x as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x"
},
"product_reference": "spacewalk-branding-2.8.5.16-3.22.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-branding-2.8.5.16-3.22.1.x86_64 as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64"
},
"product_reference": "spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-2.8.22.5-3.6.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch"
},
"product_reference": "spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-2.8.7.19-3.36.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch"
},
"product_reference": "spacewalk-html-2.8.7.19-3.36.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-java-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-2.8.7.8-3.19.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch"
},
"product_reference": "spacewalk-setup-2.8.7.8-3.19.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-2.8.78.24-3.38.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch"
},
"product_reference": "spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-2.8.18.5-3.9.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch"
},
"product_reference": "spacewalk-utils-2.8.18.5-3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.20-3.31.2.ppc64le as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le"
},
"product_reference": "susemanager-3.2.20-3.31.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.20-3.31.2.s390x as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x"
},
"product_reference": "susemanager-3.2.20-3.31.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.20-3.31.2.x86_64 as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64"
},
"product_reference": "susemanager-3.2.20-3.31.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-best-practices_en-pdf-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-docs_en-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-getting-started_en-pdf-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-jsp_en-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-jsp_en-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-reference_en-pdf-3.2-11.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch"
},
"product_reference": "susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-3.2.21-3.31.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch"
},
"product_reference": "susemanager-schema-3.2.21-3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-3.2.27-3.35.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch"
},
"product_reference": "susemanager-sls-3.2.27-3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.20-3.31.2.ppc64le as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le"
},
"product_reference": "susemanager-tools-3.2.20-3.31.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.20-3.31.2.s390x as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x"
},
"product_reference": "susemanager-tools-3.2.20-3.31.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.20-3.31.2.x86_64 as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64"
},
"product_reference": "susemanager-tools-3.2.20-3.31.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-2.8.7.19-3.36.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch"
},
"product_reference": "susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tika-core-1.22-3.9.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
},
"product_reference": "tika-core-1.22-3.9.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10088"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted or corrupt zip file can cause an OOM in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10088",
"url": "https://www.suse.com/security/cve/CVE-2019-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1144500 for CVE-2019-10088",
"url": "https://bugzilla.suse.com/1144500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-02T12:50:20Z",
"details": "low"
}
],
"title": "CVE-2019-10088"
},
{
"cve": "CVE-2019-10093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10093"
}
],
"notes": [
{
"category": "general",
"text": "In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10093",
"url": "https://www.suse.com/security/cve/CVE-2019-10093"
},
{
"category": "external",
"summary": "SUSE Bug 1144510 for CVE-2019-10093",
"url": "https://bugzilla.suse.com/1144510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-02T12:50:20Z",
"details": "moderate"
}
],
"title": "CVE-2019-10093"
},
{
"cve": "CVE-2019-10094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10094"
}
],
"notes": [
{
"category": "general",
"text": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10094",
"url": "https://www.suse.com/security/cve/CVE-2019-10094"
},
{
"category": "external",
"summary": "SUSE Bug 1144515 for CVE-2019-10094",
"url": "https://bugzilla.suse.com/1144515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Server 3.2:cobbler-2.6.6-6.22.1.noarch",
"SUSE Manager Server 3.2:pgjdbc-ng-0.7.1-2.6.1.noarch",
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.32.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.11-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.19-3.39.2.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.ppc64le",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.s390x",
"SUSE Manager Server 3.2:spacewalk-branding-2.8.5.16-3.22.1.x86_64",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.5-3.6.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.8-3.19.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.24-3.38.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.5-3.9.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.32.1.noarch",
"SUSE Manager Server 3.2:susemanager-schema-3.2.21-3.31.1.noarch",
"SUSE Manager Server 3.2:susemanager-sls-3.2.27-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.20-3.31.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.19-3.36.1.noarch",
"SUSE Manager Server 3.2:tika-core-1.22-3.9.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-02T12:50:20Z",
"details": "moderate"
}
],
"title": "CVE-2019-10094"
}
]
}
cnvd-2019-27455
Vulnerability from cnvd
Title: Apache Tika缓冲区溢出漏洞
Description:
Apache Tika是美国阿帕奇(Apache)软件基金会的一个集成了POI(使用Java程序对MicrosoftOffice格式文档提供读和写功能的开源函数库)、Pdfbox(读取和创建PDF文档的纯Java类库)并为文本抽取工作提供了统一界面的内容抽取工具集合。
Apache Tika 1.7版本至1.21版本中的RecursiveParserWrapper存在缓冲区溢出漏洞,攻击者可利用该漏洞导致缓冲区溢出或堆溢出。
Severity: 中
Patch Name: Apache Tika缓冲区溢出漏洞的补丁
Patch Description:
Apache Tika是美国阿帕奇(Apache)软件基金会的一个集成了POI(使用Java程序对MicrosoftOffice格式文档提供读和写功能的开源函数库)、Pdfbox(读取和创建PDF文档的纯Java类库)并为文本抽取工作提供了统一界面的内容抽取工具集合。
Apache Tika 1.7版本至1.21版本中的RecursiveParserWrapper存在缓冲区溢出漏洞,攻击者可利用该漏洞导致缓冲区溢出或堆溢出。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
厂商已发布了漏洞修复程序,请及时关注更新: https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E
Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-10094 https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E
Impacted products
| Name | Apache Tika >=1.7,<=1.21 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-10094"
}
},
"description": "Apache Tika\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u96c6\u6210\u4e86POI\uff08\u4f7f\u7528Java\u7a0b\u5e8f\u5bf9MicrosoftOffice\u683c\u5f0f\u6587\u6863\u63d0\u4f9b\u8bfb\u548c\u5199\u529f\u80fd\u7684\u5f00\u6e90\u51fd\u6570\u5e93\uff09\u3001Pdfbox\uff08\u8bfb\u53d6\u548c\u521b\u5efaPDF\u6587\u6863\u7684\u7eafJava\u7c7b\u5e93\uff09\u5e76\u4e3a\u6587\u672c\u62bd\u53d6\u5de5\u4f5c\u63d0\u4f9b\u4e86\u7edf\u4e00\u754c\u9762\u7684\u5185\u5bb9\u62bd\u53d6\u5de5\u5177\u96c6\u5408\u3002\n\nApache Tika 1.7\u7248\u672c\u81f31.21\u7248\u672c\u4e2d\u7684RecursiveParserWrapper\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u3002",
"discovererName": "Tim Allison",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-27455",
"openTime": "2019-08-15",
"patchDescription": "Apache Tika\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u96c6\u6210\u4e86POI\uff08\u4f7f\u7528Java\u7a0b\u5e8f\u5bf9MicrosoftOffice\u683c\u5f0f\u6587\u6863\u63d0\u4f9b\u8bfb\u548c\u5199\u529f\u80fd\u7684\u5f00\u6e90\u51fd\u6570\u5e93\uff09\u3001Pdfbox\uff08\u8bfb\u53d6\u548c\u521b\u5efaPDF\u6587\u6863\u7684\u7eafJava\u7c7b\u5e93\uff09\u5e76\u4e3a\u6587\u672c\u62bd\u53d6\u5de5\u4f5c\u63d0\u4f9b\u4e86\u7edf\u4e00\u754c\u9762\u7684\u5185\u5bb9\u62bd\u53d6\u5de5\u5177\u96c6\u5408\u3002\r\n\r\nApache Tika 1.7\u7248\u672c\u81f31.21\u7248\u672c\u4e2d\u7684RecursiveParserWrapper\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apache Tika\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Apache Tika \u003e=1.7\uff0c\u003c=1.21"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-10094\r\nhttps://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E",
"serverity": "\u4e2d",
"submitTime": "2019-08-06",
"title": "Apache Tika\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
fkie_cve-2019-10094
Vulnerability from fkie_nvd
Published
2019-08-02 19:15
Modified
2024-11-21 04:18
Severity ?
Summary
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*",
"matchCriteriaId": "356D4949-E4D5-4D42-8F1B-F29ECD9F6675",
"versionEndIncluding": "1.21",
"versionStartIncluding": "1.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later."
},
{
"lang": "es",
"value": "Un archivo empaquetado y comprimido cuidadosamente dise\u00f1ado, cuando se descomprime y no comprime, produce el mismo archivo (un quine), lo que causa un StackOverflowError en RechesiveParserWrapper de Tika de Apache en las versiones 1.7 hasta 1.21. Los usuarios de Apache Tika deben actualizar a la versi\u00f3n 1.22 o posterior."
}
],
"id": "CVE-2019-10094",
"lastModified": "2024-11-21T04:18:23.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-02T19:15:11.857",
"references": [
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "security@apache.org",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d%40%3Cdev.tika.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94%40%3Cdev.tika.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d%40%3Cdev.tika.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61%40%3Cdev.tika.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-mm7m-xg4h-6m52
Vulnerability from github
Published
2019-08-06 01:43
Modified
2021-05-05 22:59
Severity ?
VLAI Severity ?
Summary
Allocation of Resources Without Limits or Throttling in Apache Tika
Details
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tika:tika-core"
},
"ranges": [
{
"events": [
{
"introduced": "1.7"
},
{
"fixed": "1.22"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2019-10094"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2019-08-06T01:41:24Z",
"nvd_published_at": "2019-08-02T19:15:00Z",
"severity": "HIGH"
},
"details": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.",
"id": "GHSA-mm7m-xg4h-6m52",
"modified": "2021-05-05T22:59:41Z",
"published": "2019-08-06T01:43:35Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10094"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d@%3Cdev.tika.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94@%3Cdev.tika.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Allocation of Resources Without Limits or Throttling in Apache Tika"
}
gsd-2019-10094
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-10094",
"description": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.",
"id": "GSD-2019-10094",
"references": [
"https://www.suse.com/security/cve/CVE-2019-10094.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-10094"
],
"details": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later.",
"id": "GSD-2019-10094",
"modified": "2023-12-13T01:23:58.469845Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-10094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Tika",
"version": {
"version_data": [
{
"version_value": "1.7 to 1.21"
}
]
}
}
]
},
"vendor_name": "Apache"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E",
"refsource": "CONFIRM",
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d@%3Cdev.tika.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[1.7,1.21]",
"affected_versions": "All versions starting from 1.7 up to 1.21",
"credit": "Tim Allison on the Apache Tika team",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-770",
"CWE-937"
],
"date": "2019-08-12",
"description": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a `StackOverflowError` in Apache Tika\u0027s `RecursiveParserWrapper`.",
"fixed_versions": [
"1.22"
],
"identifier": "CVE-2019-10094",
"identifiers": [
"CVE-2019-10094"
],
"not_impacted": "All versions before 1.7, all versions after 1.21",
"package_slug": "maven/org.apache.tika/tika-core",
"pubdate": "2019-08-02",
"solution": "Upgrade to version 1.22 or above.",
"title": "Stack buffer overflow",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-10094"
],
"uuid": "7deaa1b5-bfa3-40df-b94a-237cc7df7365"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.21",
"versionStartIncluding": "1.7",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-10094"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A carefully crafted package/compressed file that, when unzipped/uncompressed yields the same file (a quine), causes a StackOverflowError in Apache Tika\u0027s RecursiveParserWrapper in versions 1.7-1.21. Apache Tika users should upgrade to 1.22 or later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E",
"refsource": "CONFIRM",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/fe876a649d9d36525dd097fe87ff4dcb3b82bb0fbb3a3d71fb72ef61@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190809 security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/fb6c84fd387de997e5e366d50b0ca331a328c466432c80f8c5eed33d@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190812 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/da9ee189d1756f8508d0f2386d8e25aca5a6df541739829232be8a94@%3Cdev.tika.apache.org%3E"
},
{
"name": "[tika-dev] 20190813 Re: security fixes for CVE-2019-10088 and CVE-2019-1009{3,4}",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/39723d8227b248781898c200aa24b154683673287b150a204b83787d@%3Cdev.tika.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpujan2020.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/security-alerts/cpujan2020.html"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-08-24T17:37Z",
"publishedDate": "2019-08-02T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…