Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-1693 (GCVE-0-2020-1693)
Vulnerability from cvelistv5
Published
2020-02-17 19:35
Modified
2024-08-04 06:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:46:30.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "spacewalk",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "All spacewalk versions up 2.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-19T21:01:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "spacewalk",
"version": {
"version_data": [
{
"version_value": "All spacewalk versions up 2.9"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "8.6/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"name": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c",
"refsource": "MISC",
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"name": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/",
"refsource": "MISC",
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-1693",
"datePublished": "2020-02-17T19:35:43",
"dateReserved": "2019-11-27T00:00:00",
"dateUpdated": "2024-08-04T06:46:30.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-1693\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-02-17T20:15:11.350\",\"lastModified\":\"2024-11-21T05:11:10.983\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.\"},{\"lang\":\"es\",\"value\":\"Se dertect\u00f3 un fallo en Spacewalk hasta la versi\u00f3n 2.9, donde era vulnerable a ataques de entidades internas XML por medio del endpoint /rpc/api. Un atacante remoto no autenticado podr\u00eda utilizar este fallo para recuperar el contenido de ciertos archivos y desencadenar una denegaci\u00f3n de servicio, o en determinadas circunstancias, ejecutar c\u00f3digo arbitrario en el servidor de Spacewalk.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:spacewalk:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.9\",\"matchCriteriaId\":\"F4B886FD-F1BB-4C1E-B778-0656C1286091\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
}
}
suse-ru-2020:0671-1
Vulnerability from csaf_suse
Published
2020-03-13 12:32
Modified
2020-03-13 12:32
Summary
Recommended update for SUSE Manager Proxy 4.0
Notes
Title of the patch
Recommended update for SUSE Manager Proxy 4.0
Description of the patch
This update fixes the following issues:
mgr-osad:
- Take care that osad is not disabled nor deactivated during update
(bsc#1157700, bsc#1158697)
patterns-suse-manager:
- Add recommends for virtualization-host-formula to suma_server pattern
- Add recommends for virtualization-host-formula to retail
spacecmd:
- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)
spacewalk-backend:
- Fix mgrcfg-client python3 breakage (bsc#1164309)
- Update doc link to point to new documentation server
- Prevent timestamp format exception on mgr-inter-sync while processing comps (bsc#1157346)
- When downloading repo metadata, don't add '/' to the repo url if it already ends with one (bsc#1158899)
- Use HTTP proxy settings when fetching the mirrorlist on spacewalk-repo-sync (bsc#1159076)
- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)
- Prevent a traceback when reposyncing openSUSE 15.1 (bsc#1158672)
- Close config files after reading them (bsc#1158283)
- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)
spacewalk-certs-tools:
- Add 'start_event_grains' minion option to configfile when generated by bootstrap script
- Forbid multiple activation keys for salt minions during bootstrap (bsc#1164452)
- Add additional minion options to configfile when generated by
bootstrap script (bsc#1159492)
- Change the order to check the version correctly for RES (bsc#1152795)
spacewalk-client-tools:
- Spell correctly 'successful' and 'successfully'
spacewalk-web:
- Don't validate mandatory fields that are not visible (bsc#1158943)
- Fix count of changes to build (bsc#1160940)
- Report merge_subscriptions message in a readable way (bsc#1140332)
- Fix ordering by date (bsc#1158818)
supportutils-plugin-susemanager-client:
- Rename rhncfg-actions to mgr-cfg-actions
supportutils-plugin-susemanager-proxy:
- Rename rhncfg-actions to mgr-cfg-actions
How to apply this update:
1. Log in as root user to the SUSE Manager proxy.
2. Stop the proxy service:
spacewalk-proxy stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Start the Spacewalk service:
spacewalk-proxy start
Patchnames
SUSE-2020-671,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-671
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for SUSE Manager Proxy 4.0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\nmgr-osad:\n\n- Take care that osad is not disabled nor deactivated during update\n (bsc#1157700, bsc#1158697)\n\npatterns-suse-manager:\n\n- Add recommends for virtualization-host-formula to suma_server pattern\n- Add recommends for virtualization-host-formula to retail\n\nspacecmd:\n\n- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)\n\nspacewalk-backend:\n\n- Fix mgrcfg-client python3 breakage (bsc#1164309)\n- Update doc link to point to new documentation server\n- Prevent timestamp format exception on mgr-inter-sync while processing comps (bsc#1157346)\n- When downloading repo metadata, don\u0027t add \u0027/\u0027 to the repo url if it already ends with one (bsc#1158899)\n- Use HTTP proxy settings when fetching the mirrorlist on spacewalk-repo-sync (bsc#1159076)\n- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)\n- Prevent a traceback when reposyncing openSUSE 15.1 (bsc#1158672)\n- Close config files after reading them (bsc#1158283)\n- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)\n\nspacewalk-certs-tools:\n\n- Add \u0027start_event_grains\u0027 minion option to configfile when generated by bootstrap script\n- Forbid multiple activation keys for salt minions during bootstrap (bsc#1164452)\n- Add additional minion options to configfile when generated by\n bootstrap script (bsc#1159492)\n- Change the order to check the version correctly for RES (bsc#1152795)\n\nspacewalk-client-tools:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nspacewalk-web:\n\n- Don\u0027t validate mandatory fields that are not visible (bsc#1158943)\n- Fix count of changes to build (bsc#1160940)\n- Report merge_subscriptions message in a readable way (bsc#1140332)\n- Fix ordering by date (bsc#1158818)\n\nsupportutils-plugin-susemanager-client:\n\n- Rename rhncfg-actions to mgr-cfg-actions\n\nsupportutils-plugin-susemanager-proxy:\n\n- Rename rhncfg-actions to mgr-cfg-actions\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager proxy.\n2. Stop the proxy service:\nspacewalk-proxy stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\nspacewalk-proxy start\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-671,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-671",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2020_0671-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2020:0671-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-20200671-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2020:0671-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2020-March/014119.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083326",
"url": "https://bugzilla.suse.com/1083326"
},
{
"category": "self",
"summary": "SUSE Bug 1085414",
"url": "https://bugzilla.suse.com/1085414"
},
{
"category": "self",
"summary": "SUSE Bug 1121640",
"url": "https://bugzilla.suse.com/1121640"
},
{
"category": "self",
"summary": "SUSE Bug 1123274",
"url": "https://bugzilla.suse.com/1123274"
},
{
"category": "self",
"summary": "SUSE Bug 1137248",
"url": "https://bugzilla.suse.com/1137248"
},
{
"category": "self",
"summary": "SUSE Bug 1140332",
"url": "https://bugzilla.suse.com/1140332"
},
{
"category": "self",
"summary": "SUSE Bug 1144176",
"url": "https://bugzilla.suse.com/1144176"
},
{
"category": "self",
"summary": "SUSE Bug 1152673",
"url": "https://bugzilla.suse.com/1152673"
},
{
"category": "self",
"summary": "SUSE Bug 1152795",
"url": "https://bugzilla.suse.com/1152795"
},
{
"category": "self",
"summary": "SUSE Bug 1153269",
"url": "https://bugzilla.suse.com/1153269"
},
{
"category": "self",
"summary": "SUSE Bug 1154246",
"url": "https://bugzilla.suse.com/1154246"
},
{
"category": "self",
"summary": "SUSE Bug 1154590",
"url": "https://bugzilla.suse.com/1154590"
},
{
"category": "self",
"summary": "SUSE Bug 1154599",
"url": "https://bugzilla.suse.com/1154599"
},
{
"category": "self",
"summary": "SUSE Bug 1155281",
"url": "https://bugzilla.suse.com/1155281"
},
{
"category": "self",
"summary": "SUSE Bug 1155372",
"url": "https://bugzilla.suse.com/1155372"
},
{
"category": "self",
"summary": "SUSE Bug 1156751",
"url": "https://bugzilla.suse.com/1156751"
},
{
"category": "self",
"summary": "SUSE Bug 1157317",
"url": "https://bugzilla.suse.com/1157317"
},
{
"category": "self",
"summary": "SUSE Bug 1157346",
"url": "https://bugzilla.suse.com/1157346"
},
{
"category": "self",
"summary": "SUSE Bug 1157447",
"url": "https://bugzilla.suse.com/1157447"
},
{
"category": "self",
"summary": "SUSE Bug 1157700",
"url": "https://bugzilla.suse.com/1157700"
},
{
"category": "self",
"summary": "SUSE Bug 1157975",
"url": "https://bugzilla.suse.com/1157975"
},
{
"category": "self",
"summary": "SUSE Bug 1158178",
"url": "https://bugzilla.suse.com/1158178"
},
{
"category": "self",
"summary": "SUSE Bug 1158181",
"url": "https://bugzilla.suse.com/1158181"
},
{
"category": "self",
"summary": "SUSE Bug 1158283",
"url": "https://bugzilla.suse.com/1158283"
},
{
"category": "self",
"summary": "SUSE Bug 1158480",
"url": "https://bugzilla.suse.com/1158480"
},
{
"category": "self",
"summary": "SUSE Bug 1158564",
"url": "https://bugzilla.suse.com/1158564"
},
{
"category": "self",
"summary": "SUSE Bug 1158672",
"url": "https://bugzilla.suse.com/1158672"
},
{
"category": "self",
"summary": "SUSE Bug 1158697",
"url": "https://bugzilla.suse.com/1158697"
},
{
"category": "self",
"summary": "SUSE Bug 1158754",
"url": "https://bugzilla.suse.com/1158754"
},
{
"category": "self",
"summary": "SUSE Bug 1158818",
"url": "https://bugzilla.suse.com/1158818"
},
{
"category": "self",
"summary": "SUSE Bug 1158899",
"url": "https://bugzilla.suse.com/1158899"
},
{
"category": "self",
"summary": "SUSE Bug 1158943",
"url": "https://bugzilla.suse.com/1158943"
},
{
"category": "self",
"summary": "SUSE Bug 1159012",
"url": "https://bugzilla.suse.com/1159012"
},
{
"category": "self",
"summary": "SUSE Bug 1159023",
"url": "https://bugzilla.suse.com/1159023"
},
{
"category": "self",
"summary": "SUSE Bug 1159076",
"url": "https://bugzilla.suse.com/1159076"
},
{
"category": "self",
"summary": "SUSE Bug 1159184",
"url": "https://bugzilla.suse.com/1159184"
},
{
"category": "self",
"summary": "SUSE Bug 1159492",
"url": "https://bugzilla.suse.com/1159492"
},
{
"category": "self",
"summary": "SUSE Bug 1159553",
"url": "https://bugzilla.suse.com/1159553"
},
{
"category": "self",
"summary": "SUSE Bug 1160184",
"url": "https://bugzilla.suse.com/1160184"
},
{
"category": "self",
"summary": "SUSE Bug 1160940",
"url": "https://bugzilla.suse.com/1160940"
},
{
"category": "self",
"summary": "SUSE Bug 1161755",
"url": "https://bugzilla.suse.com/1161755"
},
{
"category": "self",
"summary": "SUSE Bug 1161862",
"url": "https://bugzilla.suse.com/1161862"
},
{
"category": "self",
"summary": "SUSE Bug 1162609",
"url": "https://bugzilla.suse.com/1162609"
},
{
"category": "self",
"summary": "SUSE Bug 1162683",
"url": "https://bugzilla.suse.com/1162683"
},
{
"category": "self",
"summary": "SUSE Bug 1164120",
"url": "https://bugzilla.suse.com/1164120"
},
{
"category": "self",
"summary": "SUSE Bug 1164309",
"url": "https://bugzilla.suse.com/1164309"
},
{
"category": "self",
"summary": "SUSE Bug 1164452",
"url": "https://bugzilla.suse.com/1164452"
},
{
"category": "self",
"summary": "SUSE Bug 1164649",
"url": "https://bugzilla.suse.com/1164649"
},
{
"category": "self",
"summary": "SUSE Bug 1164875",
"url": "https://bugzilla.suse.com/1164875"
},
{
"category": "self",
"summary": "SUSE Bug 1165425",
"url": "https://bugzilla.suse.com/1165425"
},
{
"category": "self",
"summary": "SUSE Bug 1165541",
"url": "https://bugzilla.suse.com/1165541"
},
{
"category": "self",
"summary": "SUSE Bug 1165927",
"url": "https://bugzilla.suse.com/1165927"
},
{
"category": "self",
"summary": "SUSE Bug 1166061",
"url": "https://bugzilla.suse.com/1166061"
},
{
"category": "self",
"summary": "SUSE Bug 1166388",
"url": "https://bugzilla.suse.com/1166388"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1077 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16769 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1693/"
}
],
"title": "Recommended update for SUSE Manager Proxy 4.0",
"tracking": {
"current_release_date": "2020-03-13T12:32:42Z",
"generator": {
"date": "2020-03-13T12:32:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2020:0671-1",
"initial_release_date": "2020-03-13T12:32:42Z",
"revision_history": [
{
"date": "2020-03-13T12:32:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_proxy-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_retail-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_server-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.aarch64",
"product": {
"name": "susemanager-4.0.22-3.20.3.aarch64",
"product_id": "susemanager-4.0.22-3.20.3.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.aarch64",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.aarch64",
"product_id": "susemanager-tools-4.0.22-3.20.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"product": {
"name": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"product_id": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch"
}
},
{
"category": "product_version",
"name": "dracut-mgrbootstrap-0.2-4.3.2.noarch",
"product": {
"name": "dracut-mgrbootstrap-0.2-4.3.2.noarch",
"product_id": "dracut-mgrbootstrap-0.2-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"product": {
"name": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"product_id": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-formula-0.1-4.7.2.noarch",
"product": {
"name": "prometheus-formula-0.1-4.7.2.noarch",
"product_id": "prometheus-formula-0.1-4.7.2.noarch"
}
},
{
"category": "product_version",
"name": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"product": {
"name": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"product_id": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "py26-compat-salt-2016.11.10-10.11.2.noarch",
"product": {
"name": "py26-compat-salt-2016.11.10-10.11.2.noarch",
"product_id": "py26-compat-salt-2016.11.10-10.11.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-common-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osa-common-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osa-common-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osa-common-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product_id": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"product": {
"name": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"product_id": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"product": {
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"product_id": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.17.0-4.3.2.noarch",
"product": {
"name": "salt-netapi-client-0.17.0-4.3.2.noarch",
"product_id": "salt-netapi-client-0.17.0-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch",
"product": {
"name": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch",
"product_id": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.0.18-3.13.2.noarch",
"product": {
"name": "spacecmd-4.0.18-3.13.2.noarch",
"product_id": "spacecmd-4.0.18-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.0.9-3.6.2.noarch",
"product": {
"name": "spacewalk-admin-4.0.9-3.6.2.noarch",
"product_id": "spacewalk-admin-4.0.9-3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-app-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-app-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-applet-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-iss-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-server-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-server-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-tools-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-minimal-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-dobby-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-dobby-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-html-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-html-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-config-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-config-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-lib-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-lib-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-search-4.0.9-3.11.2.noarch",
"product": {
"name": "spacewalk-search-4.0.9-3.11.2.noarch",
"product_id": "spacewalk-search-4.0.9-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.0.13-3.11.1.noarch",
"product": {
"name": "spacewalk-setup-4.0.13-3.11.1.noarch",
"product_id": "spacewalk-setup-4.0.13-3.11.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-taskomatic-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.0.16-3.15.2.noarch",
"product": {
"name": "spacewalk-utils-4.0.16-3.15.2.noarch",
"product_id": "spacewalk-utils-4.0.16-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-0.25-3.3.2.noarch",
"product": {
"name": "subscription-matcher-0.25-3.3.2.noarch",
"product_id": "subscription-matcher-0.25-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch",
"product": {
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch",
"product_id": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"product_id": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"product_id": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-doc-indexes-4.0-10.18.2.noarch",
"product_id": "susemanager-doc-indexes-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-docs_en-4.0-10.18.2.noarch",
"product_id": "susemanager-docs_en-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"product_id": "susemanager-docs_en-pdf-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"product": {
"name": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"product_id": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.0.18-3.17.2.noarch",
"product": {
"name": "susemanager-schema-4.0.18-3.17.2.noarch",
"product_id": "susemanager-schema-4.0.18-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.0.18-3.17.2.noarch",
"product": {
"name": "susemanager-schema-sanity-4.0.18-3.17.2.noarch",
"product_id": "susemanager-schema-sanity-4.0.18-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.0.24-3.17.2.noarch",
"product": {
"name": "susemanager-sls-4.0.24-3.17.2.noarch",
"product_id": "susemanager-sls-4.0.24-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-4.0.16-3.15.2.noarch",
"product": {
"name": "susemanager-sync-data-4.0.16-3.15.2.noarch",
"product_id": "susemanager-sync-data-4.0.16-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-4.0.19-3.18.3.noarch",
"product": {
"name": "susemanager-web-libs-4.0.19-3.18.3.noarch",
"product_id": "susemanager-web-libs-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "system-lock-formula-0.2-4.5.1.noarch",
"product": {
"name": "system-lock-formula-0.2-4.5.1.noarch",
"product_id": "system-lock-formula-0.2-4.5.1.noarch"
}
},
{
"category": "product_version",
"name": "virtualization-host-formula-0.2-4.3.2.noarch",
"product": {
"name": "virtualization-host-formula-0.2-4.3.2.noarch",
"product_id": "virtualization-host-formula-0.2-4.3.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_proxy-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_retail-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_server-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.ppc64le",
"product": {
"name": "susemanager-4.0.22-3.20.3.ppc64le",
"product_id": "susemanager-4.0.22-3.20.3.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.ppc64le",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.ppc64le",
"product_id": "susemanager-tools-4.0.22-3.20.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.s390x",
"product_id": "patterns-suma_proxy-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.s390x",
"product_id": "patterns-suma_retail-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.s390x",
"product_id": "patterns-suma_server-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.s390x",
"product": {
"name": "susemanager-4.0.22-3.20.3.s390x",
"product_id": "susemanager-4.0.22-3.20.3.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.s390x",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.s390x",
"product_id": "susemanager-tools-4.0.22-3.20.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_proxy-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_retail-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_server-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.x86_64",
"product": {
"name": "susemanager-4.0.22-3.20.3.x86_64",
"product_id": "susemanager-4.0.22-3.20.3.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.x86_64",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.x86_64",
"product_id": "susemanager-tools-4.0.22-3.20.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.0",
"product": {
"name": "SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-osad-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch"
},
"product_reference": "mgr-osad-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.s390x as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.s390x",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64 as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch"
},
"product_reference": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.18-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch"
},
"product_reference": "spacecmd-4.0.18-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.0.30-3.23.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-check-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1077"
}
],
"notes": [
{
"category": "general",
"text": "Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1077",
"url": "https://www.suse.com/security/cve/CVE-2018-1077"
},
{
"category": "external",
"summary": "SUSE Bug 1085414 for CVE-2018-1077",
"url": "https://bugzilla.suse.com/1085414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:42Z",
"details": "moderate"
}
],
"title": "CVE-2018-1077"
},
{
"cve": "CVE-2019-16769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16769"
}
],
"notes": [
{
"category": "general",
"text": "The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16769",
"url": "https://www.suse.com/security/cve/CVE-2019-16769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:42Z",
"details": "moderate"
}
],
"title": "CVE-2019-16769"
},
{
"cve": "CVE-2020-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1693"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1693",
"url": "https://www.suse.com/security/cve/CVE-2020-1693"
},
{
"category": "external",
"summary": "SUSE Bug 1164120 for CVE-2020-1693",
"url": "https://bugzilla.suse.com/1164120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:42Z",
"details": "important"
}
],
"title": "CVE-2020-1693"
}
]
}
suse-su-2020:0671-1
Vulnerability from csaf_suse
Published
2020-03-13 12:32
Modified
2020-03-13 12:32
Summary
Security update for SUSE Manager Server 4.0
Notes
Title of the patch
Security update for SUSE Manager Server 4.0
Description of the patch
This update fixes the following issues:
branch-network-formula:
- Update formula to include terminal naming and identification
image-sync-formula:
- Prevent installing xdelta3 package and disable delta functionality
on SLE12 branch servers (bsc#1159553)
mgr-osad:
- Take care that osad is not disabled nor deactivated during update
(bsc#1157700, bsc#1158697)
patterns-suse-manager:
- Add recommends for virtualization-host-formula to suma_server pattern
- Add recommends for virtualization-host-formula to retail
prometheus-formula:
- Bugfix: disabled fields not enabled when checkbox is checked
pxe-default-image-sle15:
- Adapt to new kiwi version to fix pre registration in
the bare-metal image (bsc#1153269)
pxe-formula:
- Add support for new features in terminal naming
- Remove branch_id from pxe form, moved to branch-network form
py26-compat-salt:
- Replace pycrypto with M2Crypto as dependency for SLE15+
python-susemanager-retail:
- Add support for terminal naming block
- Add delta support for SLE15 tar.xz bundles
redstone-xmlrpc:
- Disable external entity parsing (1790381, bsc#1164120, CVE-2020-1693)
- Do not download external entities (1555429, bsc#1085414, CVE-2018-1077)
salt-netapi-client:
- Version 0.17.0
See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.17.0
spacecmd:
- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)
spacewalk-admin:
- Spell correctly 'successful' and 'successfully'
spacewalk-backend:
- Fix mgrcfg-client python3 breakage (bsc#1164309)
- Update doc link to point to new documentation server
- Prevent timestamp format exception on mgr-inter-sync while processing comps (bsc#1157346)
- When downloading repo metadata, don't add '/' to the repo url if it already ends with one (bsc#1158899)
- Use HTTP proxy settings when fetching the mirrorlist on spacewalk-repo-sync (bsc#1159076)
- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)
- Prevent a traceback when reposyncing openSUSE 15.1 (bsc#1158672)
- Close config files after reading them (bsc#1158283)
- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)
spacewalk-certs-tools:
- Add 'start_event_grains' minion option to configfile when generated by bootstrap script
- Forbid multiple activation keys for salt minions during bootstrap (bsc#1164452)
- Add additional minion options to configfile when generated by
bootstrap script (bsc#1159492)
- Change the order to check the version correctly for RES (bsc#1152795)
spacewalk-client-tools:
- Spell correctly 'successful' and 'successfully'
system-lock-formula:
- Clarified terms along documentation and product (bsc#1166061)
spacewalk-java:
- Feat: enable Salt system lock when CaaSP node is onboarded and add
depedency to 'system-lock-formula' (bsc#1165541)
- Support non discoverable fqdns via custom grain (bsc#1155281)
- Handle the non-existent requested grains gracefully
- Get the machineid grain from the minion startup event
- Use term 'patch' instead of 'errata' (bsc#1164649)
- Enable provisioning API with salt and bootstrap entitled systems
- Fix a problem with removing the monitoring entitlement from a system
- Improve performance when adding systems to system groups (bsc#1158754)
- Migrate pillar and formula data on minion id change (bsc#1161755)
- Change doc links pointing to new documentation server
- Call saltutil.sync_all before calling highstate (bsc#1152673)
- Exclude base products from PAYG (Pay-As-You-Go) instances when doing subscription matching
- Show additional headers and dependencies for deb packages
- Show adequate message on saving formulas that change only pillar data
- Fix mgr-sync add channel when fromdir is configured (bsc#1160184)
- Handle not found re-activation key (bsc#1159012)
- Write a list of formulas sorted by execution order (bsc#1083326)
- Use channel name from product tree instead of constructing it (bsc#1157317)
- Read the subscriptions from the output instead of input (bsc#1140332)
- Rename rhncfg-actions to mgr-cfg-actions in UI advice (bsc#1137248)
- Fix container image import (bsc#1154246)
- Add missing permission checks on formula api (bsc#1123274)
- Generate metadata with empty vendor (bsc#1158480)
- Remove undefined variable from redhat_register snippet
- Add a method in API to check if the provided session key is a valid one.
- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)
- Fix minion id when applying engine-events state (bsc#1158181)
- Remove unnecessary WARN log entries from Kubernetes integration
- Fix for pillar not being refreshed when CaaSP pattern is detected
upon software profile update (bsc#1166061)
spacewalk-search:
- Make rhn-search log to correct file (bsc#1156751)
spacewalk-setup:
- Spell correctly 'successful' and 'successfully'
- create AJP connector for tomcat if it does not exist
(bsc#1165927, bsc#1166388)
spacewalk-utils:
- Spell 'successfully' correctly
spacewalk-web:
- Don't validate mandatory fields that are not visible (bsc#1158943)
- Fix count of changes to build (bsc#1160940)
- Report merge_subscriptions message in a readable way (bsc#1140332)
- Fix ordering by date (bsc#1158818)
subscription-matcher:
- Add missing library for SLE15 SP2 (slf4j-log4j12)
- Make the code usable with Math3 on SLES
- Use log4j12 package on newer SLE versions
- Aggregate stackable subscriptions with same parameters
- Implement new 'swap move' used in optaplanner (bsc#1140332)
- Enable aarch64 builds, except for SLE < 15
susemanager:
- Add missing python libraries to RES8/RHEL8/CentOS 8 boostrap repos (bsc#1164875)
- Add bootstrap-repo data for OES 2018 SP2 (bsc#1161862)
- Add bootstrap-repo data for SLE15 SP2 Family
- Fix documentation URL in installer (bsc#1154590)
- Update requirements to match documented values (bsc#1154599)
susemanager-doc-indexes:
- Adding Additional FQDNS for Proxies with Salt
- Reference guide review and update moving content into tabular format
- Autogenerate pdf index from antora html nav lists
- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)
- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)
- Remove auditlog-keeper from list
- Removed duplicate client requirements entries
- Fix missing spaces throughout docs
- Added the complete path for using manager-setup
- Fix typo in vhm-kubernetes
- Cleaned up client registration documents
- Improved ubuntu instructions
- Explain how to compose a DSN string for monitoring
- Added publishing dates to individual book intros
- Updated common spacewalk-common-channels usage
- Adding Additional FQDNS for Proxies with Salt
- Reference guide review and update moving content into tabular format
- Autogenerate pdf index from antora html nav lists
- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)
- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)
- Remove auditlog-keeper from list
- Removed duplicate client requirements entries
- Fix missing spaces throughout docs
- Added the complete path for using manager-setup
- Fix typo in vhm-kubernetes
- Cleaned up client registration documents
- Improved ubuntu instructions
- Explain how to compose a DSN string for monitoring
- Added publishing dates to individual book intros
- Updated common spacewalk-common-channels usage
susemanager-docs_en:
- Adding Additional FQDNS for Proxies with Salt
- Reference guide review and update moving content into tabular format
- Autogenerate pdf index from antora html nav lists
- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)
- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)
- Remove auditlog-keeper from list
- Removed duplicate client requirements entries
- Fix missing spaces throughout docs
- Added the complete path for using manager-setup
- Fix typo in vhm-kubernetes
- Cleaned up client registration documents
- Improved ubuntu instructions
- Explain how to compose a DSN string for monitoring
- Added publishing dates to individual book intros
- Updated common spacewalk-common-channels usage
- Adding Additional FQDNS for Proxies with Salt
- Reference guide review and update moving content into tabular format
- Autogenerate pdf index from antora html nav lists
- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)
- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)
- Remove auditlog-keeper from list
- Removed duplicate client requirements entries
- Fix missing spaces throughout docs
- Added the complete path for using manager-setup
- Fix typo in vhm-kubernetes
- Cleaned up client registration documents
- Improved ubuntu instructions
- Explain how to compose a DSN string for monitoring
- Added publishing dates to individual book intros
- Updated common spacewalk-common-channels usage
susemanager-schema:
- Add new 'payg' attribute to rhnServer table
- Enable re-activation keys for salt managed systems (bsc#1159012)
- Generate metadata with empty vendor (bsc#1158480)
- Fix rhnActionVirtDelete when migrating from 3.2 to 4.0 (bsc#1158178)
susemanager-sls:
- Install dmidecode before HW profile update when missing
- Add mgr_start_event_grains.sls to update minion config
- Add 'product' custom state module to handle installation of
SUSE products at client side (bsc#1157447)
- Support reading of pillar data for minions from multiple files (bsc#1158754)
- Do not workaround util.syncmodules for SSH minions (bsc#1162609)
- Force to run util.synccustomall when triggering action chains on SSH minions (bsc#1162683).
- Add custom 'is_payg_instance' grain when instance is PAYG and not BYOS.
- Adapt sls file for pre-downloading in Ubuntu minions
- Sort formulas by execution order (bsc#1083326)
- Split remove_traditional_stack into two parts. One for all systems and
another for clients not being a Uyuni Server or Proxy (bsc#1121640)
- Change the order to check the version correctly for RES (bsc#1152795)
- Do not break Servers registering to a Server
- Remove the virt-poller cache when applying Virtualization entitlement
- Force HTTP request timeout on public cloud grain (bsc#1157975)
susemanager-sync-data:
- Add OES 2018 SP2 (bsc#1161862)
- Rename RHEL 8 Base product
- Change channel family name according to SCC data
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema:
spacewalk-schema-upgrade
5. Start the Spacewalk service:
spacewalk-service start
Patchnames
SUSE-2020-671,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-671,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-671
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\nbranch-network-formula:\n\n- Update formula to include terminal naming and identification\n\nimage-sync-formula:\n\n- Prevent installing xdelta3 package and disable delta functionality\n on SLE12 branch servers (bsc#1159553)\n\nmgr-osad:\n\n- Take care that osad is not disabled nor deactivated during update\n (bsc#1157700, bsc#1158697)\n\npatterns-suse-manager:\n\n- Add recommends for virtualization-host-formula to suma_server pattern\n- Add recommends for virtualization-host-formula to retail\n\nprometheus-formula:\n\n- Bugfix: disabled fields not enabled when checkbox is checked\n\npxe-default-image-sle15:\n\n- Adapt to new kiwi version to fix pre registration in\n the bare-metal image (bsc#1153269)\n\npxe-formula:\n\n- Add support for new features in terminal naming\n- Remove branch_id from pxe form, moved to branch-network form\n\npy26-compat-salt:\n\n- Replace pycrypto with M2Crypto as dependency for SLE15+\n\npython-susemanager-retail:\n\n- Add support for terminal naming block\n- Add delta support for SLE15 tar.xz bundles\n\nredstone-xmlrpc:\n\n- Disable external entity parsing (1790381, bsc#1164120, CVE-2020-1693)\n- Do not download external entities (1555429, bsc#1085414, CVE-2018-1077)\n\nsalt-netapi-client:\n\n- Version 0.17.0\n See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.17.0\n\nspacecmd:\n\n- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)\n\nspacewalk-admin:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nspacewalk-backend:\n\n- Fix mgrcfg-client python3 breakage (bsc#1164309)\n- Update doc link to point to new documentation server\n- Prevent timestamp format exception on mgr-inter-sync while processing comps (bsc#1157346)\n- When downloading repo metadata, don\u0027t add \u0027/\u0027 to the repo url if it already ends with one (bsc#1158899)\n- Use HTTP proxy settings when fetching the mirrorlist on spacewalk-repo-sync (bsc#1159076)\n- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)\n- Prevent a traceback when reposyncing openSUSE 15.1 (bsc#1158672)\n- Close config files after reading them (bsc#1158283)\n- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)\n\nspacewalk-certs-tools:\n\n- Add \u0027start_event_grains\u0027 minion option to configfile when generated by bootstrap script\n- Forbid multiple activation keys for salt minions during bootstrap (bsc#1164452)\n- Add additional minion options to configfile when generated by\n bootstrap script (bsc#1159492)\n- Change the order to check the version correctly for RES (bsc#1152795)\n\nspacewalk-client-tools:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nsystem-lock-formula:\n \n- Clarified terms along documentation and product (bsc#1166061)\n \nspacewalk-java:\n\n- Feat: enable Salt system lock when CaaSP node is onboarded and add\n depedency to \u0027system-lock-formula\u0027 (bsc#1165541)\n- Support non discoverable fqdns via custom grain (bsc#1155281)\n- Handle the non-existent requested grains gracefully\n- Get the machineid grain from the minion startup event\n- Use term \u0027patch\u0027 instead of \u0027errata\u0027 (bsc#1164649)\n- Enable provisioning API with salt and bootstrap entitled systems\n- Fix a problem with removing the monitoring entitlement from a system\n- Improve performance when adding systems to system groups (bsc#1158754)\n- Migrate pillar and formula data on minion id change (bsc#1161755)\n- Change doc links pointing to new documentation server\n- Call saltutil.sync_all before calling highstate (bsc#1152673)\n- Exclude base products from PAYG (Pay-As-You-Go) instances when doing subscription matching\n- Show additional headers and dependencies for deb packages\n- Show adequate message on saving formulas that change only pillar data\n- Fix mgr-sync add channel when fromdir is configured (bsc#1160184)\n- Handle not found re-activation key (bsc#1159012)\n- Write a list of formulas sorted by execution order (bsc#1083326)\n- Use channel name from product tree instead of constructing it (bsc#1157317)\n- Read the subscriptions from the output instead of input (bsc#1140332)\n- Rename rhncfg-actions to mgr-cfg-actions in UI advice (bsc#1137248)\n- Fix container image import (bsc#1154246)\n- Add missing permission checks on formula api (bsc#1123274)\n- Generate metadata with empty vendor (bsc#1158480)\n- Remove undefined variable from redhat_register snippet\n- Add a method in API to check if the provided session key is a valid one.\n- Associate VMs and systems with the same machine ID at bootstrap (bsc#1144176)\n- Fix minion id when applying engine-events state (bsc#1158181)\n- Remove unnecessary WARN log entries from Kubernetes integration\n- Fix for pillar not being refreshed when CaaSP pattern is detected\n upon software profile update (bsc#1166061)\n\nspacewalk-search:\n\n- Make rhn-search log to correct file (bsc#1156751)\n\nspacewalk-setup:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n- create AJP connector for tomcat if it does not exist\n (bsc#1165927, bsc#1166388)\n\nspacewalk-utils:\n\n- Spell \u0027successfully\u0027 correctly\n\nspacewalk-web:\n\n- Don\u0027t validate mandatory fields that are not visible (bsc#1158943)\n- Fix count of changes to build (bsc#1160940)\n- Report merge_subscriptions message in a readable way (bsc#1140332)\n- Fix ordering by date (bsc#1158818)\n\nsubscription-matcher:\n\n- Add missing library for SLE15 SP2 (slf4j-log4j12)\n- Make the code usable with Math3 on SLES\n- Use log4j12 package on newer SLE versions\n- Aggregate stackable subscriptions with same parameters\n- Implement new \u0027swap move\u0027 used in optaplanner (bsc#1140332)\n- Enable aarch64 builds, except for SLE \u003c 15 \n\nsusemanager:\n\n- Add missing python libraries to RES8/RHEL8/CentOS 8 boostrap repos (bsc#1164875)\n- Add bootstrap-repo data for OES 2018 SP2 (bsc#1161862)\n- Add bootstrap-repo data for SLE15 SP2 Family\n- Fix documentation URL in installer (bsc#1154590)\n- Update requirements to match documented values (bsc#1154599)\n\nsusemanager-doc-indexes:\n\n- Adding Additional FQDNS for Proxies with Salt\n- Reference guide review and update moving content into tabular format\n- Autogenerate pdf index from antora html nav lists\n- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)\n- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)\n- Remove auditlog-keeper from list\n- Removed duplicate client requirements entries\n- Fix missing spaces throughout docs\n- Added the complete path for using manager-setup\n- Fix typo in vhm-kubernetes\n- Cleaned up client registration documents\n- Improved ubuntu instructions\n- Explain how to compose a DSN string for monitoring\n- Added publishing dates to individual book intros\n- Updated common spacewalk-common-channels usage\n- Adding Additional FQDNS for Proxies with Salt\n- Reference guide review and update moving content into tabular format\n- Autogenerate pdf index from antora html nav lists\n- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)\n- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)\n- Remove auditlog-keeper from list\n- Removed duplicate client requirements entries\n- Fix missing spaces throughout docs\n- Added the complete path for using manager-setup\n- Fix typo in vhm-kubernetes\n- Cleaned up client registration documents\n- Improved ubuntu instructions\n- Explain how to compose a DSN string for monitoring\n- Added publishing dates to individual book intros\n- Updated common spacewalk-common-channels usage\n\nsusemanager-docs_en:\n\n- Adding Additional FQDNS for Proxies with Salt\n- Reference guide review and update moving content into tabular format\n- Autogenerate pdf index from antora html nav lists\n- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)\n- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)\n- Remove auditlog-keeper from list\n- Removed duplicate client requirements entries\n- Fix missing spaces throughout docs\n- Added the complete path for using manager-setup\n- Fix typo in vhm-kubernetes\n- Cleaned up client registration documents\n- Improved ubuntu instructions\n- Explain how to compose a DSN string for monitoring\n- Added publishing dates to individual book intros\n- Updated common spacewalk-common-channels usage\n- Adding Additional FQDNS for Proxies with Salt\n- Reference guide review and update moving content into tabular format\n- Autogenerate pdf index from antora html nav lists\n- Documentation needs to address using RHEL8 in the correct way (bsc#1159023)\n- Traditional clients bootstrap, the example applies to SLES ES 7 only (bsc#1158564)\n- Remove auditlog-keeper from list\n- Removed duplicate client requirements entries\n- Fix missing spaces throughout docs\n- Added the complete path for using manager-setup\n- Fix typo in vhm-kubernetes\n- Cleaned up client registration documents\n- Improved ubuntu instructions\n- Explain how to compose a DSN string for monitoring\n- Added publishing dates to individual book intros\n- Updated common spacewalk-common-channels usage\n\nsusemanager-schema:\n\n- Add new \u0027payg\u0027 attribute to rhnServer table\n- Enable re-activation keys for salt managed systems (bsc#1159012)\n- Generate metadata with empty vendor (bsc#1158480)\n- Fix rhnActionVirtDelete when migrating from 3.2 to 4.0 (bsc#1158178)\n\nsusemanager-sls:\n\n- Install dmidecode before HW profile update when missing\n- Add mgr_start_event_grains.sls to update minion config\n- Add \u0027product\u0027 custom state module to handle installation of\n SUSE products at client side (bsc#1157447)\n- Support reading of pillar data for minions from multiple files (bsc#1158754)\n- Do not workaround util.syncmodules for SSH minions (bsc#1162609)\n- Force to run util.synccustomall when triggering action chains on SSH minions (bsc#1162683).\n- Add custom \u0027is_payg_instance\u0027 grain when instance is PAYG and not BYOS.\n- Adapt sls file for pre-downloading in Ubuntu minions\n- Sort formulas by execution order (bsc#1083326)\n- Split remove_traditional_stack into two parts. One for all systems and\n another for clients not being a Uyuni Server or Proxy (bsc#1121640)\n- Change the order to check the version correctly for RES (bsc#1152795)\n- Do not break Servers registering to a Server\n- Remove the virt-poller cache when applying Virtualization entitlement\n- Force HTTP request timeout on public cloud grain (bsc#1157975)\n\nsusemanager-sync-data:\n\n- Add OES 2018 SP2 (bsc#1161862)\n- Rename RHEL 8 Base product\n- Change channel family name according to SCC data\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\nspacewalk-service stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Upgrade the database schema:\nspacewalk-schema-upgrade\n5. Start the Spacewalk service:\nspacewalk-service start\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-671,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-671,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-671",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_0671-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:0671-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200671-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:0671-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-March/006607.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083326",
"url": "https://bugzilla.suse.com/1083326"
},
{
"category": "self",
"summary": "SUSE Bug 1085414",
"url": "https://bugzilla.suse.com/1085414"
},
{
"category": "self",
"summary": "SUSE Bug 1121640",
"url": "https://bugzilla.suse.com/1121640"
},
{
"category": "self",
"summary": "SUSE Bug 1123274",
"url": "https://bugzilla.suse.com/1123274"
},
{
"category": "self",
"summary": "SUSE Bug 1137248",
"url": "https://bugzilla.suse.com/1137248"
},
{
"category": "self",
"summary": "SUSE Bug 1140332",
"url": "https://bugzilla.suse.com/1140332"
},
{
"category": "self",
"summary": "SUSE Bug 1144176",
"url": "https://bugzilla.suse.com/1144176"
},
{
"category": "self",
"summary": "SUSE Bug 1152673",
"url": "https://bugzilla.suse.com/1152673"
},
{
"category": "self",
"summary": "SUSE Bug 1152795",
"url": "https://bugzilla.suse.com/1152795"
},
{
"category": "self",
"summary": "SUSE Bug 1153269",
"url": "https://bugzilla.suse.com/1153269"
},
{
"category": "self",
"summary": "SUSE Bug 1154246",
"url": "https://bugzilla.suse.com/1154246"
},
{
"category": "self",
"summary": "SUSE Bug 1154590",
"url": "https://bugzilla.suse.com/1154590"
},
{
"category": "self",
"summary": "SUSE Bug 1154599",
"url": "https://bugzilla.suse.com/1154599"
},
{
"category": "self",
"summary": "SUSE Bug 1155281",
"url": "https://bugzilla.suse.com/1155281"
},
{
"category": "self",
"summary": "SUSE Bug 1155372",
"url": "https://bugzilla.suse.com/1155372"
},
{
"category": "self",
"summary": "SUSE Bug 1156751",
"url": "https://bugzilla.suse.com/1156751"
},
{
"category": "self",
"summary": "SUSE Bug 1157317",
"url": "https://bugzilla.suse.com/1157317"
},
{
"category": "self",
"summary": "SUSE Bug 1157346",
"url": "https://bugzilla.suse.com/1157346"
},
{
"category": "self",
"summary": "SUSE Bug 1157447",
"url": "https://bugzilla.suse.com/1157447"
},
{
"category": "self",
"summary": "SUSE Bug 1157700",
"url": "https://bugzilla.suse.com/1157700"
},
{
"category": "self",
"summary": "SUSE Bug 1157975",
"url": "https://bugzilla.suse.com/1157975"
},
{
"category": "self",
"summary": "SUSE Bug 1158178",
"url": "https://bugzilla.suse.com/1158178"
},
{
"category": "self",
"summary": "SUSE Bug 1158181",
"url": "https://bugzilla.suse.com/1158181"
},
{
"category": "self",
"summary": "SUSE Bug 1158283",
"url": "https://bugzilla.suse.com/1158283"
},
{
"category": "self",
"summary": "SUSE Bug 1158480",
"url": "https://bugzilla.suse.com/1158480"
},
{
"category": "self",
"summary": "SUSE Bug 1158564",
"url": "https://bugzilla.suse.com/1158564"
},
{
"category": "self",
"summary": "SUSE Bug 1158672",
"url": "https://bugzilla.suse.com/1158672"
},
{
"category": "self",
"summary": "SUSE Bug 1158697",
"url": "https://bugzilla.suse.com/1158697"
},
{
"category": "self",
"summary": "SUSE Bug 1158754",
"url": "https://bugzilla.suse.com/1158754"
},
{
"category": "self",
"summary": "SUSE Bug 1158818",
"url": "https://bugzilla.suse.com/1158818"
},
{
"category": "self",
"summary": "SUSE Bug 1158899",
"url": "https://bugzilla.suse.com/1158899"
},
{
"category": "self",
"summary": "SUSE Bug 1158943",
"url": "https://bugzilla.suse.com/1158943"
},
{
"category": "self",
"summary": "SUSE Bug 1159012",
"url": "https://bugzilla.suse.com/1159012"
},
{
"category": "self",
"summary": "SUSE Bug 1159023",
"url": "https://bugzilla.suse.com/1159023"
},
{
"category": "self",
"summary": "SUSE Bug 1159076",
"url": "https://bugzilla.suse.com/1159076"
},
{
"category": "self",
"summary": "SUSE Bug 1159184",
"url": "https://bugzilla.suse.com/1159184"
},
{
"category": "self",
"summary": "SUSE Bug 1159492",
"url": "https://bugzilla.suse.com/1159492"
},
{
"category": "self",
"summary": "SUSE Bug 1159553",
"url": "https://bugzilla.suse.com/1159553"
},
{
"category": "self",
"summary": "SUSE Bug 1160184",
"url": "https://bugzilla.suse.com/1160184"
},
{
"category": "self",
"summary": "SUSE Bug 1160940",
"url": "https://bugzilla.suse.com/1160940"
},
{
"category": "self",
"summary": "SUSE Bug 1161755",
"url": "https://bugzilla.suse.com/1161755"
},
{
"category": "self",
"summary": "SUSE Bug 1161862",
"url": "https://bugzilla.suse.com/1161862"
},
{
"category": "self",
"summary": "SUSE Bug 1162609",
"url": "https://bugzilla.suse.com/1162609"
},
{
"category": "self",
"summary": "SUSE Bug 1162683",
"url": "https://bugzilla.suse.com/1162683"
},
{
"category": "self",
"summary": "SUSE Bug 1164120",
"url": "https://bugzilla.suse.com/1164120"
},
{
"category": "self",
"summary": "SUSE Bug 1164309",
"url": "https://bugzilla.suse.com/1164309"
},
{
"category": "self",
"summary": "SUSE Bug 1164452",
"url": "https://bugzilla.suse.com/1164452"
},
{
"category": "self",
"summary": "SUSE Bug 1164649",
"url": "https://bugzilla.suse.com/1164649"
},
{
"category": "self",
"summary": "SUSE Bug 1164875",
"url": "https://bugzilla.suse.com/1164875"
},
{
"category": "self",
"summary": "SUSE Bug 1165425",
"url": "https://bugzilla.suse.com/1165425"
},
{
"category": "self",
"summary": "SUSE Bug 1165541",
"url": "https://bugzilla.suse.com/1165541"
},
{
"category": "self",
"summary": "SUSE Bug 1165927",
"url": "https://bugzilla.suse.com/1165927"
},
{
"category": "self",
"summary": "SUSE Bug 1166061",
"url": "https://bugzilla.suse.com/1166061"
},
{
"category": "self",
"summary": "SUSE Bug 1166388",
"url": "https://bugzilla.suse.com/1166388"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1077 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16769 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1693/"
}
],
"title": "Security update for SUSE Manager Server 4.0",
"tracking": {
"current_release_date": "2020-03-13T12:32:44Z",
"generator": {
"date": "2020-03-13T12:32:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:0671-1",
"initial_release_date": "2020-03-13T12:32:44Z",
"revision_history": [
{
"date": "2020-03-13T12:32:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_proxy-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_retail-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.aarch64",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.aarch64",
"product_id": "patterns-suma_server-4.0-9.10.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.aarch64",
"product": {
"name": "susemanager-4.0.22-3.20.3.aarch64",
"product_id": "susemanager-4.0.22-3.20.3.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.aarch64",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.aarch64",
"product_id": "susemanager-tools-4.0.22-3.20.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"product": {
"name": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"product_id": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch"
}
},
{
"category": "product_version",
"name": "dracut-mgrbootstrap-0.2-4.3.2.noarch",
"product": {
"name": "dracut-mgrbootstrap-0.2-4.3.2.noarch",
"product_id": "dracut-mgrbootstrap-0.2-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"product": {
"name": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"product_id": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-formula-0.1-4.7.2.noarch",
"product": {
"name": "prometheus-formula-0.1-4.7.2.noarch",
"product_id": "prometheus-formula-0.1-4.7.2.noarch"
}
},
{
"category": "product_version",
"name": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"product": {
"name": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"product_id": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "py26-compat-salt-2016.11.10-10.11.2.noarch",
"product": {
"name": "py26-compat-salt-2016.11.10-10.11.2.noarch",
"product_id": "py26-compat-salt-2016.11.10-10.11.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-common-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osa-common-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osa-common-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "python2-mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "python2-mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "python2-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "python2-spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osa-common-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"product": {
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"product_id": "python3-mgr-osad-4.0.11-3.9.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product_id": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"product": {
"name": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"product_id": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"product": {
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"product_id": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.17.0-4.3.2.noarch",
"product": {
"name": "salt-netapi-client-0.17.0-4.3.2.noarch",
"product_id": "salt-netapi-client-0.17.0-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch",
"product": {
"name": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch",
"product_id": "salt-netapi-client-kit-441c2ee62d05ff1f414ec80ba9b1cbf22ff16379-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.0.18-3.13.2.noarch",
"product": {
"name": "spacecmd-4.0.18-3.13.2.noarch",
"product_id": "spacecmd-4.0.18-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.0.9-3.6.2.noarch",
"product": {
"name": "spacewalk-admin-4.0.9-3.6.2.noarch",
"product_id": "spacewalk-admin-4.0.9-3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-app-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-app-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-applet-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-cdn-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-iss-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-server-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-server-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-oracle-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-tools-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-minimal-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product": {
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"product_id": "spacewalk-certs-tools-4.0.15-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-check-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-check-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-client-setup-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product": {
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"product_id": "spacewalk-client-tools-4.0.12-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-dobby-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-dobby-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.0.19-3.18.3.noarch",
"product": {
"name": "spacewalk-html-4.0.19-3.18.3.noarch",
"product_id": "spacewalk-html-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-config-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-config-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-lib-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-lib-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-search-4.0.9-3.11.2.noarch",
"product": {
"name": "spacewalk-search-4.0.9-3.11.2.noarch",
"product_id": "spacewalk-search-4.0.9-3.11.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.0.13-3.11.1.noarch",
"product": {
"name": "spacewalk-setup-4.0.13-3.11.1.noarch",
"product_id": "spacewalk-setup-4.0.13-3.11.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"product": {
"name": "spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"product_id": "spacewalk-taskomatic-4.0.31-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.0.16-3.15.2.noarch",
"product": {
"name": "spacewalk-utils-4.0.16-3.15.2.noarch",
"product_id": "spacewalk-utils-4.0.16-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-0.25-3.3.2.noarch",
"product": {
"name": "subscription-matcher-0.25-3.3.2.noarch",
"product_id": "subscription-matcher-0.25-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch",
"product": {
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch",
"product_id": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"product_id": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"product_id": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-doc-indexes-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-doc-indexes-4.0-10.18.2.noarch",
"product_id": "susemanager-doc-indexes-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-docs_en-4.0-10.18.2.noarch",
"product_id": "susemanager-docs_en-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"product": {
"name": "susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"product_id": "susemanager-docs_en-pdf-4.0-10.18.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"product": {
"name": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"product_id": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.0.18-3.17.2.noarch",
"product": {
"name": "susemanager-schema-4.0.18-3.17.2.noarch",
"product_id": "susemanager-schema-4.0.18-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.0.18-3.17.2.noarch",
"product": {
"name": "susemanager-schema-sanity-4.0.18-3.17.2.noarch",
"product_id": "susemanager-schema-sanity-4.0.18-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.0.24-3.17.2.noarch",
"product": {
"name": "susemanager-sls-4.0.24-3.17.2.noarch",
"product_id": "susemanager-sls-4.0.24-3.17.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-4.0.16-3.15.2.noarch",
"product": {
"name": "susemanager-sync-data-4.0.16-3.15.2.noarch",
"product_id": "susemanager-sync-data-4.0.16-3.15.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-4.0.19-3.18.3.noarch",
"product": {
"name": "susemanager-web-libs-4.0.19-3.18.3.noarch",
"product_id": "susemanager-web-libs-4.0.19-3.18.3.noarch"
}
},
{
"category": "product_version",
"name": "system-lock-formula-0.2-4.5.1.noarch",
"product": {
"name": "system-lock-formula-0.2-4.5.1.noarch",
"product_id": "system-lock-formula-0.2-4.5.1.noarch"
}
},
{
"category": "product_version",
"name": "virtualization-host-formula-0.2-4.3.2.noarch",
"product": {
"name": "virtualization-host-formula-0.2-4.3.2.noarch",
"product_id": "virtualization-host-formula-0.2-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"product": {
"name": "pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"product_id": "pxe-default-image-sle15-4.0.1-20200305173027.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_proxy-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_retail-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.ppc64le",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.ppc64le",
"product_id": "patterns-suma_server-4.0-9.10.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.ppc64le",
"product": {
"name": "susemanager-4.0.22-3.20.3.ppc64le",
"product_id": "susemanager-4.0.22-3.20.3.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.ppc64le",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.ppc64le",
"product_id": "susemanager-tools-4.0.22-3.20.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.s390x",
"product_id": "patterns-suma_proxy-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.s390x",
"product_id": "patterns-suma_retail-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.s390x",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.s390x",
"product_id": "patterns-suma_server-4.0-9.10.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.s390x",
"product": {
"name": "susemanager-4.0.22-3.20.3.s390x",
"product_id": "susemanager-4.0.22-3.20.3.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.s390x",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.s390x",
"product_id": "susemanager-tools-4.0.22-3.20.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_proxy-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_retail-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_retail-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_retail-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "patterns-suma_server-4.0-9.10.2.x86_64",
"product": {
"name": "patterns-suma_server-4.0-9.10.2.x86_64",
"product_id": "patterns-suma_server-4.0-9.10.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.22-3.20.3.x86_64",
"product": {
"name": "susemanager-4.0.22-3.20.3.x86_64",
"product_id": "susemanager-4.0.22-3.20.3.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64",
"product": {
"name": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64",
"product_id": "susemanager-nodejs-sdk-devel-1.0.13-3.13.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.22-3.20.3.x86_64",
"product": {
"name": "susemanager-tools-4.0.22-3.20.3.x86_64",
"product_id": "susemanager-tools-4.0.22-3.20.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.0",
"product": {
"name": "SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.0",
"product": {
"name": "SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-osad-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch"
},
"product_reference": "mgr-osad-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.ppc64le as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.s390x as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.s390x",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_proxy-4.0-9.10.2.x86_64 as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64"
},
"product_reference": "patterns-suma_proxy-4.0-9.10.2.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osad-4.0.11-3.9.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osad-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch"
},
"product_reference": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-check-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.18-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch"
},
"product_reference": "spacecmd-4.0.18-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.0.30-3.23.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-check-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-client-setup-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch"
},
"product_reference": "branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch"
},
"product_reference": "image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
},
"product_reference": "mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.10.2.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le"
},
"product_reference": "patterns-suma_retail-4.0-9.10.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.10.2.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x"
},
"product_reference": "patterns-suma_retail-4.0-9.10.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_retail-4.0-9.10.2.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64"
},
"product_reference": "patterns-suma_retail-4.0-9.10.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.10.2.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le"
},
"product_reference": "patterns-suma_server-4.0-9.10.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.10.2.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x"
},
"product_reference": "patterns-suma_server-4.0-9.10.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patterns-suma_server-4.0-9.10.2.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64"
},
"product_reference": "patterns-suma_server-4.0-9.10.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-formula-0.1-4.7.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch"
},
"product_reference": "prometheus-formula-0.1-4.7.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pxe-default-image-sle15-4.0.1-20200305173027.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch"
},
"product_reference": "pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch"
},
"product_reference": "pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "py26-compat-salt-2016.11.10-10.11.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch"
},
"product_reference": "py26-compat-salt-2016.11.10-10.11.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-common-4.0.11-3.9.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch"
},
"product_reference": "python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch"
},
"product_reference": "python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch"
},
"product_reference": "python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch"
},
"product_reference": "redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.17.0-4.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch"
},
"product_reference": "salt-netapi-client-0.17.0-4.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.18-3.13.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch"
},
"product_reference": "spacecmd-4.0.18-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-4.0.9-3.6.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch"
},
"product_reference": "spacewalk-admin-4.0.9-3.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-app-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-server-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.0.19-3.18.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.19-3.18.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.15-3.15.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-4.0.12-3.13.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch"
},
"product_reference": "spacewalk-client-tools-4.0.12-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.0.19-3.18.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch"
},
"product_reference": "spacewalk-html-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.0.31-3.23.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch"
},
"product_reference": "spacewalk-java-4.0.31-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.0.31-3.23.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch"
},
"product_reference": "spacewalk-java-config-4.0.31-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.0.31-3.23.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch"
},
"product_reference": "spacewalk-java-lib-4.0.31-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-search-4.0.9-3.11.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch"
},
"product_reference": "spacewalk-search-4.0.9-3.11.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-4.0.13-3.11.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch"
},
"product_reference": "spacewalk-setup-4.0.13-3.11.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.0.31-3.23.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch"
},
"product_reference": "spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-4.0.16-3.15.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch"
},
"product_reference": "spacewalk-utils-4.0.16-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subscription-matcher-0.25-3.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch"
},
"product_reference": "subscription-matcher-0.25-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.22-3.20.3.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le"
},
"product_reference": "susemanager-4.0.22-3.20.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.22-3.20.3.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x"
},
"product_reference": "susemanager-4.0.22-3.20.3.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.22-3.20.3.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64"
},
"product_reference": "susemanager-4.0.22-3.20.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-doc-indexes-4.0-10.18.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch"
},
"product_reference": "susemanager-doc-indexes-4.0-10.18.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-4.0-10.18.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch"
},
"product_reference": "susemanager-docs_en-4.0-10.18.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-docs_en-pdf-4.0-10.18.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch"
},
"product_reference": "susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch"
},
"product_reference": "susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.0.18-3.17.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch"
},
"product_reference": "susemanager-schema-4.0.18-3.17.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.0.24-3.17.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch"
},
"product_reference": "susemanager-sls-4.0.24-3.17.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-4.0.16-3.15.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch"
},
"product_reference": "susemanager-sync-data-4.0.16-3.15.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.22-3.20.3.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le"
},
"product_reference": "susemanager-tools-4.0.22-3.20.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.22-3.20.3.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x"
},
"product_reference": "susemanager-tools-4.0.22-3.20.3.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.22-3.20.3.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64"
},
"product_reference": "susemanager-tools-4.0.22-3.20.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-4.0.19-3.18.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch"
},
"product_reference": "susemanager-web-libs-4.0.19-3.18.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-lock-formula-0.2-4.5.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch"
},
"product_reference": "system-lock-formula-0.2-4.5.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtualization-host-formula-0.2-4.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
},
"product_reference": "virtualization-host-formula-0.2-4.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1077"
}
],
"notes": [
{
"category": "general",
"text": "Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1077",
"url": "https://www.suse.com/security/cve/CVE-2018-1077"
},
{
"category": "external",
"summary": "SUSE Bug 1085414 for CVE-2018-1077",
"url": "https://bugzilla.suse.com/1085414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:44Z",
"details": "moderate"
}
],
"title": "CVE-2018-1077"
},
{
"cve": "CVE-2019-16769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16769"
}
],
"notes": [
{
"category": "general",
"text": "The serialize-javascript npm package before version 2.1.1 is vulnerable to Cross-site Scripting (XSS). It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16769",
"url": "https://www.suse.com/security/cve/CVE-2019-16769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:44Z",
"details": "moderate"
}
],
"title": "CVE-2019-16769"
},
{
"cve": "CVE-2020-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1693"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1693",
"url": "https://www.suse.com/security/cve/CVE-2020-1693"
},
{
"category": "external",
"summary": "SUSE Bug 1164120 for CVE-2020-1693",
"url": "https://bugzilla.suse.com/1164120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.ppc64le",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.s390x",
"SUSE Manager Proxy Module 4.0:patterns-suma_proxy-4.0-9.10.2.x86_64",
"SUSE Manager Proxy Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-mgr-osad-4.0.11-3.9.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-check-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-setup-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-client-4.0.3-3.3.2.noarch",
"SUSE Manager Proxy Module 4.0:supportutils-plugin-susemanager-proxy-4.0.3-3.3.2.noarch",
"SUSE Manager Server Module 4.0:branch-network-formula-0.1.1580471316.1839544-3.10.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1579102150.4716559-3.11.2.noarch",
"SUSE Manager Server Module 4.0:mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_retail-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.ppc64le",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.s390x",
"SUSE Manager Server Module 4.0:patterns-suma_server-4.0-9.10.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-formula-0.1-4.7.2.noarch",
"SUSE Manager Server Module 4.0:pxe-default-image-sle15-4.0.1-20200305173027.noarch",
"SUSE Manager Server Module 4.0:pxe-formula-0.1.1580384994.6076a7e-3.11.2.noarch",
"SUSE Manager Server Module 4.0:py26-compat-salt-2016.11.10-10.11.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-common-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-mgr-osa-dispatcher-4.0.11-3.9.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-backend-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:python3-susemanager-retail-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:redstone-xmlrpc-1.1_20071120-0.11.3.2.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.3.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.18-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.9-3.6.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-app-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-applet-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-common-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-config-files-tool-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-iss-export-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-package-push-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-server-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-sql-postgresql-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-tools-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xml-export-libs-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-backend-xmlrpc-4.0.30-3.23.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.15-3.15.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-client-tools-4.0.12-3.13.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-search-4.0.9-3.11.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.13-3.11.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.31-3.23.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:subscription-matcher-0.25-3.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-doc-indexes-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-docs_en-pdf-4.0-10.18.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-retail-tools-1.0.1580471316.1839544-3.13.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.18-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.24-3.17.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.16-3.15.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.22-3.20.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.19-3.18.3.noarch",
"SUSE Manager Server Module 4.0:system-lock-formula-0.2-4.5.1.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.2-4.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-13T12:32:44Z",
"details": "important"
}
],
"title": "CVE-2020-1693"
}
]
}
suse-su-2020:0856-1
Vulnerability from csaf_suse
Published
2020-04-02 14:48
Modified
2020-04-02 14:48
Summary
Security update for SUSE Manager Server 3.2
Notes
Title of the patch
Security update for SUSE Manager Server 3.2
Description of the patch
This update fixes the following issues:
py26-compat-salt:
- Replace pycrypto with M2Crypto as dependency for SLE15+ (bsc#1165425)
redstone-xmlrpc:
- Disable external entity parsing (1790381, bsc#1164120, CVE-2020-1693)
- Do not download external entities (1555429, bsc#1085414, CVE-2018-1077)
spacecmd:
- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)
spacewalk-admin:
- Spell correctly 'successful' and 'successfully'
spacewalk-backend:
- When downloading repo metadata, don't add '/' to the repo url if it already ends with one (bsc#1158899)
- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)
spacewalk-certs-tools:
- Add minion option in config file to disable salt mine when generated by
bootstrap script (bsc#1163001)
spacewalk-client-tools:
- Do not crash 'mgr-update-status' because 'long' type is not defined in Python 3
- Add workaround for uptime overflow to spacewalk-update-status as well (bsc#1165921)
- Spell correctly 'successful' and 'successfully'
spacewalk-java:
- Fix error when adding systems to ssm with 'add to ssm' button (bsc#1160246)
- Validate the suseproductchannel table and update missing date when running mgr-sync refresh (bsc#1163538)
- Read the subscriptions from the output instead of input (bsc#1140332)
- Show additional headers and dependencies for deb packages
- Use channel name from product tree instead of constructing it (bsc#1157317)
spacewalk-setup:
- Spell correctly 'successful' and 'successfully'
spacewalk-utils:
- Check for delimiter as well when detecting current phase (bsc#1164771)
spacewalk-web:
- Report merge_subscriptions message in a readable way (bsc#1140332)
subscription-matcher:
- Add missing library for SLE15 SP2 (slf4j-log4j12)
- Make the code usable with Math3 on SLES
- Use log4j12 package on newer SLE versions
- Aggregate stackable subscriptions with same parameters
- Implement new 'swap move' used in optaplanner (bsc#1140332)
- Enable aarch64 builds, except for SLE < 15
susemanager:
- Fix salt bootstrapping on SLE15 (require python3-pycrypto or
python3-M2Crypto to support all variants) (bsc#1164563)
- Add bootstrap-repo data for OES 2018 SP2 (bsc#1161862)
- Add bootstrap-repo data for SLE15 SP2 Family
susemanager-sls:
- Adapt 'mgractionchains' module to work with Salt 3000
- Do not workaround util.syncmodules for SSH minions (bsc#1162609)
- Force to run util.synccustomall when triggering action chains on SSH minions (bsc#1162683).
susemanager-sync-data:
- Add OES 2018 SP2 (bsc#1161862)
- Rename RHEL 8 Base product
- Change channel family name according to SCC data
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema:
spacewalk-schema-upgrade
5. Start the Spacewalk service:
spacewalk-service start
Patchnames
SUSE-2020-856,SUSE-SUSE-Manager-Server-3.2-2020-856
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 3.2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\npy26-compat-salt:\n\n- Replace pycrypto with M2Crypto as dependency for SLE15+ (bsc#1165425)\n\nredstone-xmlrpc:\n\n- Disable external entity parsing (1790381, bsc#1164120, CVE-2020-1693)\n- Do not download external entities (1555429, bsc#1085414, CVE-2018-1077)\n\nspacecmd:\n\n- Bugfix: attempt to purge SSM when it is empty (bsc#1155372)\n\nspacewalk-admin:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nspacewalk-backend:\n\n- When downloading repo metadata, don\u0027t add \u0027/\u0027 to the repo url if it already ends with one (bsc#1158899)\n- Enhance suseProducts via ISS to fix SP migration on slave server (bsc#1159184)\n\nspacewalk-certs-tools:\n\n- Add minion option in config file to disable salt mine when generated by\n bootstrap script (bsc#1163001)\n\nspacewalk-client-tools:\n\n- Do not crash \u0027mgr-update-status\u0027 because \u0027long\u0027 type is not defined in Python 3\n- Add workaround for uptime overflow to spacewalk-update-status as well (bsc#1165921)\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nspacewalk-java:\n\n- Fix error when adding systems to ssm with \u0027add to ssm\u0027 button (bsc#1160246)\n- Validate the suseproductchannel table and update missing date when running mgr-sync refresh (bsc#1163538)\n- Read the subscriptions from the output instead of input (bsc#1140332)\n- Show additional headers and dependencies for deb packages\n- Use channel name from product tree instead of constructing it (bsc#1157317)\n\nspacewalk-setup:\n\n- Spell correctly \u0027successful\u0027 and \u0027successfully\u0027\n\nspacewalk-utils:\n\n- Check for delimiter as well when detecting current phase (bsc#1164771)\n\nspacewalk-web:\n\n- Report merge_subscriptions message in a readable way (bsc#1140332)\n\nsubscription-matcher:\n\n- Add missing library for SLE15 SP2 (slf4j-log4j12)\n- Make the code usable with Math3 on SLES\n- Use log4j12 package on newer SLE versions\n- Aggregate stackable subscriptions with same parameters\n- Implement new \u0027swap move\u0027 used in optaplanner (bsc#1140332)\n- Enable aarch64 builds, except for SLE \u003c 15 \n\nsusemanager:\n\n- Fix salt bootstrapping on SLE15 (require python3-pycrypto or\n python3-M2Crypto to support all variants) (bsc#1164563)\n- Add bootstrap-repo data for OES 2018 SP2 (bsc#1161862)\n- Add bootstrap-repo data for SLE15 SP2 Family\n\nsusemanager-sls:\n\n- Adapt \u0027mgractionchains\u0027 module to work with Salt 3000\n- Do not workaround util.syncmodules for SSH minions (bsc#1162609)\n- Force to run util.synccustomall when triggering action chains on SSH minions (bsc#1162683).\n\nsusemanager-sync-data:\n\n- Add OES 2018 SP2 (bsc#1161862)\n- Rename RHEL 8 Base product\n- Change channel family name according to SCC data\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\nspacewalk-service stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Upgrade the database schema:\nspacewalk-schema-upgrade\n5. Start the Spacewalk service:\nspacewalk-service start\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-856,SUSE-SUSE-Manager-Server-3.2-2020-856",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_0856-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:0856-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200856-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:0856-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-April/006669.html"
},
{
"category": "self",
"summary": "SUSE Bug 1085414",
"url": "https://bugzilla.suse.com/1085414"
},
{
"category": "self",
"summary": "SUSE Bug 1140332",
"url": "https://bugzilla.suse.com/1140332"
},
{
"category": "self",
"summary": "SUSE Bug 1155372",
"url": "https://bugzilla.suse.com/1155372"
},
{
"category": "self",
"summary": "SUSE Bug 1157317",
"url": "https://bugzilla.suse.com/1157317"
},
{
"category": "self",
"summary": "SUSE Bug 1158899",
"url": "https://bugzilla.suse.com/1158899"
},
{
"category": "self",
"summary": "SUSE Bug 1159184",
"url": "https://bugzilla.suse.com/1159184"
},
{
"category": "self",
"summary": "SUSE Bug 1160246",
"url": "https://bugzilla.suse.com/1160246"
},
{
"category": "self",
"summary": "SUSE Bug 1161862",
"url": "https://bugzilla.suse.com/1161862"
},
{
"category": "self",
"summary": "SUSE Bug 1162609",
"url": "https://bugzilla.suse.com/1162609"
},
{
"category": "self",
"summary": "SUSE Bug 1162683",
"url": "https://bugzilla.suse.com/1162683"
},
{
"category": "self",
"summary": "SUSE Bug 1163001",
"url": "https://bugzilla.suse.com/1163001"
},
{
"category": "self",
"summary": "SUSE Bug 1163538",
"url": "https://bugzilla.suse.com/1163538"
},
{
"category": "self",
"summary": "SUSE Bug 1164120",
"url": "https://bugzilla.suse.com/1164120"
},
{
"category": "self",
"summary": "SUSE Bug 1164563",
"url": "https://bugzilla.suse.com/1164563"
},
{
"category": "self",
"summary": "SUSE Bug 1164771",
"url": "https://bugzilla.suse.com/1164771"
},
{
"category": "self",
"summary": "SUSE Bug 1165425",
"url": "https://bugzilla.suse.com/1165425"
},
{
"category": "self",
"summary": "SUSE Bug 1165921",
"url": "https://bugzilla.suse.com/1165921"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1077 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1693 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1693/"
}
],
"title": "Security update for SUSE Manager Server 3.2",
"tracking": {
"current_release_date": "2020-04-02T14:48:30Z",
"generator": {
"date": "2020-04-02T14:48:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:0856-1",
"initial_release_date": "2020-04-02T14:48:30Z",
"revision_history": [
{
"date": "2020-04-02T14:48:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "susemanager-3.2.23-3.40.2.aarch64",
"product": {
"name": "susemanager-3.2.23-3.40.2.aarch64",
"product_id": "susemanager-3.2.23-3.40.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.23-3.40.2.aarch64",
"product": {
"name": "susemanager-tools-3.2.23-3.40.2.aarch64",
"product_id": "susemanager-tools-3.2.23-3.40.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "py26-compat-salt-2016.11.10-6.35.1.noarch",
"product": {
"name": "py26-compat-salt-2016.11.10-6.35.1.noarch",
"product_id": "py26-compat-salt-2016.11.10-6.35.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"product_id": "python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-2.8.22.7-3.12.1.noarch",
"product": {
"name": "python2-spacewalk-check-2.8.22.7-3.12.1.noarch",
"product_id": "python2-spacewalk-check-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-2.8.22.7-3.12.1.noarch",
"product": {
"name": "python2-spacewalk-client-setup-2.8.22.7-3.12.1.noarch",
"product_id": "python2-spacewalk-client-setup-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"product": {
"name": "python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"product_id": "python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"product": {
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"product_id": "redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-2.8.25.14-3.32.1.noarch",
"product": {
"name": "spacecmd-2.8.25.14-3.32.1.noarch",
"product_id": "spacecmd-2.8.25.14-3.32.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-2.8.4.6-3.12.1.noarch",
"product": {
"name": "spacewalk-admin-2.8.4.6-3.12.1.noarch",
"product_id": "spacewalk-admin-2.8.4.6-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-app-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-applet-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-cdn-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-cdn-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-iss-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-libs-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-server-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-sql-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-tools-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"product_id": "spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-2.8.7.23-3.45.1.noarch",
"product": {
"name": "spacewalk-base-2.8.7.23-3.45.1.noarch",
"product_id": "spacewalk-base-2.8.7.23-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"product": {
"name": "spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"product_id": "spacewalk-base-minimal-2.8.7.23-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"product": {
"name": "spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"product_id": "spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"product": {
"name": "spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"product_id": "spacewalk-certs-tools-2.8.8.14-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-2.8.22.7-3.12.1.noarch",
"product": {
"name": "spacewalk-check-2.8.22.7-3.12.1.noarch",
"product_id": "spacewalk-check-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-2.8.22.7-3.12.1.noarch",
"product": {
"name": "spacewalk-client-setup-2.8.22.7-3.12.1.noarch",
"product_id": "spacewalk-client-setup-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"product": {
"name": "spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"product_id": "spacewalk-client-tools-2.8.22.7-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-2.8.7.23-3.45.1.noarch",
"product": {
"name": "spacewalk-dobby-2.8.7.23-3.45.1.noarch",
"product_id": "spacewalk-dobby-2.8.7.23-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-2.8.7.23-3.45.1.noarch",
"product": {
"name": "spacewalk-html-2.8.7.23-3.45.1.noarch",
"product_id": "spacewalk-html-2.8.7.23-3.45.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-config-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-lib-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-oracle-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-2.8.7.10-3.25.1.noarch",
"product": {
"name": "spacewalk-setup-2.8.7.10-3.25.1.noarch",
"product_id": "spacewalk-setup-2.8.7.10-3.25.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"product": {
"name": "spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"product_id": "spacewalk-taskomatic-2.8.78.28-3.47.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-2.8.18.6-3.12.1.noarch",
"product": {
"name": "spacewalk-utils-2.8.18.6-3.12.1.noarch",
"product_id": "spacewalk-utils-2.8.18.6-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-0.25-4.15.1.noarch",
"product": {
"name": "subscription-matcher-0.25-4.15.1.noarch",
"product_id": "subscription-matcher-0.25-4.15.1.noarch"
}
},
{
"category": "product_version",
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.6.1.noarch",
"product": {
"name": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.6.1.noarch",
"product_id": "subscription-matcher-kit-ace4a108348a0be2f81ecd121d16dc26401f424c-3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-3.2.30-3.44.1.noarch",
"product": {
"name": "susemanager-sls-3.2.30-3.44.1.noarch",
"product_id": "susemanager-sls-3.2.30-3.44.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-3.2.19-3.35.1.noarch",
"product": {
"name": "susemanager-sync-data-3.2.19-3.35.1.noarch",
"product_id": "susemanager-sync-data-3.2.19-3.35.1.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-2.8.7.23-3.45.1.noarch",
"product": {
"name": "susemanager-web-libs-2.8.7.23-3.45.1.noarch",
"product_id": "susemanager-web-libs-2.8.7.23-3.45.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "susemanager-3.2.23-3.40.2.ppc64le",
"product": {
"name": "susemanager-3.2.23-3.40.2.ppc64le",
"product_id": "susemanager-3.2.23-3.40.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.23-3.40.2.ppc64le",
"product": {
"name": "susemanager-tools-3.2.23-3.40.2.ppc64le",
"product_id": "susemanager-tools-3.2.23-3.40.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "susemanager-3.2.23-3.40.2.s390x",
"product": {
"name": "susemanager-3.2.23-3.40.2.s390x",
"product_id": "susemanager-3.2.23-3.40.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.23-3.40.2.s390x",
"product": {
"name": "susemanager-tools-3.2.23-3.40.2.s390x",
"product_id": "susemanager-tools-3.2.23-3.40.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "susemanager-3.2.23-3.40.2.x86_64",
"product": {
"name": "susemanager-3.2.23-3.40.2.x86_64",
"product_id": "susemanager-3.2.23-3.40.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-3.2.23-3.40.2.x86_64",
"product": {
"name": "susemanager-tools-3.2.23-3.40.2.x86_64",
"product_id": "susemanager-tools-3.2.23-3.40.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 3.2",
"product": {
"name": "SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "py26-compat-salt-2016.11.10-6.35.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch"
},
"product_reference": "py26-compat-salt-2016.11.10-6.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch"
},
"product_reference": "python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch"
},
"product_reference": "python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch"
},
"product_reference": "redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-2.8.25.14-3.32.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch"
},
"product_reference": "spacecmd-2.8.25.14-3.32.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-2.8.4.6-3.12.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch"
},
"product_reference": "spacewalk-admin-2.8.4.6-3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-app-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-applet-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-libs-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-server-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-tools-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch"
},
"product_reference": "spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-2.8.7.23-3.45.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch"
},
"product_reference": "spacewalk-base-2.8.7.23-3.45.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-2.8.7.23-3.45.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch"
},
"product_reference": "spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch"
},
"product_reference": "spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-2.8.8.14-3.23.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch"
},
"product_reference": "spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-2.8.22.7-3.12.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch"
},
"product_reference": "spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-2.8.7.23-3.45.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch"
},
"product_reference": "spacewalk-html-2.8.7.23-3.45.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-java-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-2.8.7.10-3.25.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch"
},
"product_reference": "spacewalk-setup-2.8.7.10-3.25.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-2.8.78.28-3.47.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch"
},
"product_reference": "spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-2.8.18.6-3.12.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch"
},
"product_reference": "spacewalk-utils-2.8.18.6-3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "subscription-matcher-0.25-4.15.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch"
},
"product_reference": "subscription-matcher-0.25-4.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.23-3.40.2.ppc64le as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le"
},
"product_reference": "susemanager-3.2.23-3.40.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.23-3.40.2.s390x as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x"
},
"product_reference": "susemanager-3.2.23-3.40.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-3.2.23-3.40.2.x86_64 as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64"
},
"product_reference": "susemanager-3.2.23-3.40.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-3.2.30-3.44.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch"
},
"product_reference": "susemanager-sls-3.2.30-3.44.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-3.2.19-3.35.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch"
},
"product_reference": "susemanager-sync-data-3.2.19-3.35.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.23-3.40.2.ppc64le as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le"
},
"product_reference": "susemanager-tools-3.2.23-3.40.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.23-3.40.2.s390x as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x"
},
"product_reference": "susemanager-tools-3.2.23-3.40.2.s390x",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-3.2.23-3.40.2.x86_64 as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64"
},
"product_reference": "susemanager-tools-3.2.23-3.40.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-2.8.7.23-3.45.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
},
"product_reference": "susemanager-web-libs-2.8.7.23-3.45.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1077"
}
],
"notes": [
{
"category": "general",
"text": "Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1077",
"url": "https://www.suse.com/security/cve/CVE-2018-1077"
},
{
"category": "external",
"summary": "SUSE Bug 1085414 for CVE-2018-1077",
"url": "https://bugzilla.suse.com/1085414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-02T14:48:30Z",
"details": "moderate"
}
],
"title": "CVE-2018-1077"
},
{
"cve": "CVE-2020-1693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1693"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1693",
"url": "https://www.suse.com/security/cve/CVE-2020-1693"
},
{
"category": "external",
"summary": "SUSE Bug 1164120 for CVE-2020-1693",
"url": "https://bugzilla.suse.com/1164120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Server 3.2:py26-compat-salt-2016.11.10-6.35.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:python2-spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:redstone-xmlrpc-1.1_20071120-0.11.3.1.noarch",
"SUSE Manager Server 3.2:spacecmd-2.8.25.14-3.32.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.6-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-app-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-applet-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-common-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-config-files-tool-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-iss-export-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-package-push-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-server-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-oracle-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-sql-postgresql-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-tools-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xml-export-libs-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-backend-xmlrpc-2.8.57.22-3.48.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-certs-tools-2.8.8.14-3.23.1.noarch",
"SUSE Manager Server 3.2:spacewalk-client-tools-2.8.22.7-3.12.1.noarch",
"SUSE Manager Server 3.2:spacewalk-html-2.8.7.23-3.45.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.10-3.25.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.28-3.47.1.noarch",
"SUSE Manager Server 3.2:spacewalk-utils-2.8.18.6-3.12.1.noarch",
"SUSE Manager Server 3.2:subscription-matcher-0.25-4.15.1.noarch",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-sls-3.2.30-3.44.1.noarch",
"SUSE Manager Server 3.2:susemanager-sync-data-3.2.19-3.35.1.noarch",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.ppc64le",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.s390x",
"SUSE Manager Server 3.2:susemanager-tools-3.2.23-3.40.2.x86_64",
"SUSE Manager Server 3.2:susemanager-web-libs-2.8.7.23-3.45.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-02T14:48:30Z",
"details": "important"
}
],
"title": "CVE-2020-1693"
}
]
}
cnvd-2020-13497
Vulnerability from cnvd
Title
spacewalk代码问题漏洞
Description
spacewalk是一套开源的Linux系统管理解决方案。
Spacewalk 2.9及之前版本中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。目前没有详细的漏洞细节提供。
Severity
高
VLAI Severity ?
Patch Name
spacewalk代码问题漏洞的补丁
Patch Description
spacewalk是一套开源的Linux系统管理解决方案。
Spacewalk 2.9及之前版本中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。目前没有详细的漏洞细节提供。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-1693
Impacted products
| Name | spacewalk spacewalk <=2.9 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-1693",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-1693"
}
},
"description": "spacewalk\u662f\u4e00\u5957\u5f00\u6e90\u7684Linux\u7cfb\u7edf\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\n\nSpacewalk 2.9\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7684\u4ee3\u7801\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5b58\u5728\u8bbe\u8ba1\u6216\u5b9e\u73b0\u4e0d\u5f53\u7684\u95ee\u9898\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-13497",
"openTime": "2020-02-26",
"patchDescription": "spacewalk\u662f\u4e00\u5957\u5f00\u6e90\u7684Linux\u7cfb\u7edf\u7ba1\u7406\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nSpacewalk 2.9\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u7684\u4ee3\u7801\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5b58\u5728\u8bbe\u8ba1\u6216\u5b9e\u73b0\u4e0d\u5f53\u7684\u95ee\u9898\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "spacewalk\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "spacewalk spacewalk \u003c=2.9"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-1693",
"serverity": "\u9ad8",
"submitTime": "2020-02-24",
"title": "spacewalk\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}
gsd-2020-1693
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-1693",
"description": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"id": "GSD-2020-1693",
"references": [
"https://www.suse.com/security/cve/CVE-2020-1693.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-1693"
],
"details": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"id": "GSD-2020-1693",
"modified": "2023-12-13T01:21:57.756276Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "spacewalk",
"version": {
"version_data": [
{
"version_value": "All spacewalk versions up 2.9"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "8.6/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"name": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c",
"refsource": "MISC",
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"name": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/",
"refsource": "MISC",
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:spacewalk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-1693"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"name": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c",
"refsource": "MISC",
"tags": [
"Patch"
],
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"name": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-02-20T20:49Z",
"publishedDate": "2020-02-17T20:15Z"
}
}
}
ghsa-79v3-cg9r-f55q
Vulnerability from github
Published
2022-05-24 17:09
Modified
2022-05-24 17:09
VLAI Severity ?
Details
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.
{
"affected": [],
"aliases": [
"CVE-2020-1693"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-02-17T20:15:00Z",
"severity": "HIGH"
},
"details": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.",
"id": "GHSA-79v3-cg9r-f55q",
"modified": "2022-05-24T17:09:09Z",
"published": "2022-05-24T17:09:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1693"
},
{
"type": "WEB",
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"type": "WEB",
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2020-1693
Vulnerability from fkie_nvd
Published
2020-02-17 20:15
Modified
2024-11-21 05:11
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693 | Issue Tracking, Vendor Advisory | |
| secalert@redhat.com | https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c | Patch | |
| secalert@redhat.com | https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/ | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:spacewalk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4B886FD-F1BB-4C1E-B778-0656C1286091",
"versionEndExcluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve the content of certain files and trigger a denial of service, or in certain circumstances, execute arbitrary code on the Spacewalk server."
},
{
"lang": "es",
"value": "Se dertect\u00f3 un fallo en Spacewalk hasta la versi\u00f3n 2.9, donde era vulnerable a ataques de entidades internas XML por medio del endpoint /rpc/api. Un atacante remoto no autenticado podr\u00eda utilizar este fallo para recuperar el contenido de ciertos archivos y desencadenar una denegaci\u00f3n de servicio, o en determinadas circunstancias, ejecutar c\u00f3digo arbitrario en el servidor de Spacewalk."
}
],
"id": "CVE-2020-1693",
"lastModified": "2024-11-21T05:11:10.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-17T20:15:11.350",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/spacewalkproject/spacewalk/commit/74e28ec61d916c42061ef4347121650a1c962b0c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://zeroauth.ltd/blog/2020/02/18/proof-of-concept-exploit-for-cve-2020-1693-spacewalk/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…