58 matches found
CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...
CVE-2025-46809 Multi Linux Manager epxoses the plain text HTTP Proxy user:password in logs
A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x8664/proxy-httpd:5.0.5.7.23.1: from ? befor...
CVE-2025-46809
CVE-2025-46809 is a vulnerability described as plaintext storage of a password: it exposes HTTP proxy credentials found in log files for SUSE Manager components. The affected items include container images and modules such as suse/manager/4.3/proxy-httpd, suse/manager/5.0/x86_64/proxy-httpd and -...
Security update 5.1.0 GM for Multi-Linux Manager Client Tools
This update fixes the following issues: spacecmd: Version update from 5.1.6-0 to 5.1.8-0 with the following key change: Update translation strings uyuni-tools: Version 5.1.14-0: Fix mgradm backup create handling of images and systemd files bsc1244563 migrate existing TLS certificates from 4.3...
SUSE SLES15: cobbler / grafana-formula / inter-server-sync / mgr-daemon / etc (SUSE-SU-2025:02475-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02475-1 advisory. cobbler: - Prevent crash during Cobbler startup on NFS environments bsc1240666 - Synchronize cobbler add and sync actions bsc1233371 - Exclude...
SUSE-SU-2025:20504-1 Security update 5.0.5 for Multi-Linux Manager Client Tools, Salt and Salt Bundle
This update fixes the following issues: golang-github-prometheus-nodeexporter: - Security issues fixed: - CVE-2025-22870: Prevent a matching of hosts against proxy patterns to improperly treat an IPv6 zone ID as a hostname component bsc1238686 - Other bugs fixed: - Fixed Darwin memory leak -...
Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2024-38822: Fixed Minion token validation bsc1244561 CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 CVE-2024-38824: Fixed directory traversal...
SUSE-SU-2025:02492-1 Security update 5.0.5 for Multi-Linux Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2024-38822: Fixed Minion token validation bsc1244561 - CVE-2024-38823: Fixed server vulnerability to replay attacks when not using a TLS encrypted transport bsc1244564 - CVE-2024-38824: Fixed directory...
Maintenance update for Multi-Linux Manager 4.3 Release Notes Release Notes
Description: This update fixes the following issues: release-notes-susemanager-proxy: Update to SUSE Manager 4.3.16 CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809 Bugs mentioned: bsc1236601, bsc1236635, bsc1236779, bsc1237294, bsc1238922 bsc1239826, bsc1240386, bsc1242004, bsc1243460,...
PT-2025-30623 · Undefined · Undefined
🚨 Breaking: SUSE-2025-02476-1 patch drops for Multi-Linux Manager 4.3. 9 CVEs patched—including remote code execution CVE-2025-18432 and privilege escalation exploits. 🔧 Step-by-step guide + risk matrix: ⚠️ Patch within 72 hrs! Read more: 👉 https://t.co/evlHbRJ4Fr Linux https://t.co/3Fxej90SEg...
SUSE-SU-2025:01989-1 Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 - Other bugs fixes from version 2.53.4...
SUSE-SU-2025:01987-1 Security update for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-prometheus-prometheus was updated to version 2.53.4: - Security issues fixed: CVE-2023-45288: Require Go = 1.23 for building bsc1236516 CVE-2025-22870: Bumped golang.org/x/net to version 0.39.0 bsc1238686 - Other bugs fixes from version 2.53.4...
SUSE SLES15: spacewalk-java / spacewalk-java-config / spacewalk-java-lib / etc (SUSE-SU-2025:1321-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1321-1 advisory. spacewalk-java: - Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Tenable has extracted the preceding description...
SUSE-SU-2025:1321-1 Security update for Multi-Linux Manager 4.3: Server
This update fixes the following issues: spacewalk-java: - Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826...
Maintenance update for Multi-Linux Manager 4.3: Server
This update fixes the following issues: spacewalk-java: Version 4.3.85-0: CVE-2025-23392: Filter user input in systems list page. bsc1239826 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...
Security update for Multi-Linux Manager 5.0: Server, Proxy and Retail Server
Description: This update fixes the following issues: proxy-helm: Version 5.0.12: Image rebuilt to the newest version with updated dependencies proxy-httpd-image: Version 5.0.10: Fixed wrong IP address set on susemanager-tftpsync-recv.conf Image rebuilt to the newest version with updated...
SUSE SLES15 / openSUSE 15 : Recommended update 4.3.15 for Multi-Linux Manager Client Tools (SUSE-SU-SUSE-RU-2025:0791-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-RU-2025:0791-1 advisory. ansible: - Security issues fixed: CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be...
SUSE-RU-2025:0791-1 Recommended update 4.3.15 for Multi-Linux Manager Client Tools
This update fixes the following issues: ansible: - Security issues fixed: CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be exposed in plaintext bsc1230601 spacewalk-client-tools: - Version 4.3.22-0 Allow translation to wrap strings as weblate forces it...