Security update for SUSE Manager Server 1.7 (important)

2015-05-2200:05:32

lists.opensuse.org

0.007 Low

EPSS

Percentile

80.7%

JSON

This collective update for SUSE Manager 1.7 provides several fixes and
enhancements.

smdba:

   * Space reclamation caused ORA-00942 (table or view does not exist).
     (bsc#906850)
   * Optimized space reclamation for Oracle.
   * Implement fully hot operations for PostgreSQL.
   * System check breaks backup and other configuration.
   * Implement rotating PostgreSQL backup feature. (bsc#896244)
   * Set PostgreSQL max connections to the same value as for Oracle.

sm-ncc-sync-data:

   * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108)

spacecmd:

   * Fix call to setCustomOptions(). (bsc#879904)

spacewalk-backend:

   * Fix encoding of submit message.
   * Trigger generation of metadata if the repository contains no
     packages. (bsc#870159)

spacewalk-branding:

   * Update default Spacewalk entitlement certificate.

spacewalk-java:

   * Introduce improved parser for xmlrpc. (CVE-2014-8162, bsc#922525)
   * Fix more cross-site scripting bugs. (CVE-2014-7811, bsc#902915)
   * Ffix CVE audit in case of multiversion package installed and patch
     in multi channels. (bsc#903723)
   * Fix automatic configuration file deployment via snippet. (bsc#898426)
   * Download CSV button does not export all columns (&quot;Base Channel&quot;
     missing). (bsc#896238)
   * Fix cross-site scripting in system-group. (CVE-2014-7812, bsc#912886)

spacewalk-setup:

   * Fix XML RPC API External Entities file disclosure. (CVE-2014-8162,
     bsc#922525)
   * No activation if db population should be skipped. (bsc#900956)

susemanager-schema:

   * Fix evr_t schema upgrade. (bsc#881111)

susemanager:

   * Add tool to update the spacewalk public cert in the DB.
   * Fix the test for the mirror credentials. (bsc#864246)

How to apply this update:

Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk
service: spacewalk-service stop 3. Apply the patch using either zypper
patch or YaST Online Update. 4. Upgrade the database schema with
spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service
start

Security Issues:

   * CVE-2014-7811
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7811">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7811</a>&gt;
   * CVE-2014-7812
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7812">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7812</a>&gt;
   * CVE-2014-8162
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8162">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8162</a>&gt;

OSVersionArchitecturePackageVersionFilename
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-sql< 1.7.38.34-0.5.1spacewalk-backend-sql-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2noarchspacewalk-java-config< 1.7.54.34-0.5.1spacewalk-java-config-1.7.54.34-0.5.1.noarch.rpm
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-tools< 1.7.38.34-0.5.1spacewalk-backend-tools-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2noarchspacewalk-java-lib< 1.7.54.34-0.5.1spacewalk-java-lib-1.7.54.34-0.5.1.noarch.rpm
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-applet< 1.7.38.34-0.5.1spacewalk-backend-applet-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-config-files-common< 1.7.38.34-0.5.1spacewalk-backend-config-files-common-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-sql-oracle< 1.7.38.34-0.5.1spacewalk-backend-sql-oracle-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2x86_64spacewalk-backend-xmlrpc< 1.7.38.34-0.5.1spacewalk-backend-xmlrpc-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE11.2x86_64susemanager< 1.7.30-0.5.2susemanager-1.7.30-0.5.2.x86_64.rpm
SUSE Manager 1.7 for SLE11.2x86_64smdba< 1.5-0.6.2.1smdba-1.5-0.6.2.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-sql	< 1.7.38.34-0.5.1	spacewalk-backend-sql-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	noarch	spacewalk-java-config	< 1.7.54.34-0.5.1	spacewalk-java-config-1.7.54.34-0.5.1.noarch.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-tools	< 1.7.38.34-0.5.1	spacewalk-backend-tools-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	noarch	spacewalk-java-lib	< 1.7.54.34-0.5.1	spacewalk-java-lib-1.7.54.34-0.5.1.noarch.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-applet	< 1.7.38.34-0.5.1	spacewalk-backend-applet-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-config-files-common	< 1.7.38.34-0.5.1	spacewalk-backend-config-files-common-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-sql-oracle	< 1.7.38.34-0.5.1	spacewalk-backend-sql-oracle-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	spacewalk-backend-xmlrpc	< 1.7.38.34-0.5.1	spacewalk-backend-xmlrpc-1.7.38.34-0.5.1.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	susemanager	< 1.7.30-0.5.2	susemanager-1.7.30-0.5.2.x86_64.rpm
SUSE Manager 1.7 for SLE	11.2	x86_64	smdba	< 1.5-0.6.2.1	smdba-1.5-0.6.2.1.x86_64.rpm