SUSE-SU-2017:0475-1
Vulnerability Summary
Timeline
Description
Security update for susestudio This update provides SUSE Studio Runner 1.3.14, which brings fixes for the following issues: - bsc#968797: 11 SP3 appliance gets invalid distribution upgrade from SLMS. - bsc#947225: Second build of appliance will not register to SLMS, wrong product name. - bsc#983404: UEFI boot missing for SLE11 SP4. - bsc#972406: Kiwi export config.sh script has /build-custom out of order. - bsc#981095: Add user 'ldap' to default_users list for assigning owners for overlay files. - bsc#972425: Runlevel 3 is being ignored in appliance configuration. - bsc#983999: SLES 12 appliance build does not include gpg keys from base product. - bsc#979110: SLES 12 will not build for EC2. - bsc#929102: Plaintext Password Local Disclosure in rubygem-rest-client. (CVE-2015-3448) - bsc#963741: Security fixes for Rails v3.2.22. (CVE-2015-7576, CVE-2015-7577, CVE-2016-0751, CVE-2016-0752)
Affected Systems
- suse•libjansson&distro=SUSE Studio Onsite 1.3
< 2.2.1-0.9.11.6
- suse•libjansson&distro=SUSE Studio Onsite Runner 1.3
< 2.2.1-0.9.11.6
- suse•qemu-ext2&distro=SUSE Studio Onsite 1.3
< 0.1.1-0.9.4.19
- suse•qemu-ext2&distro=SUSE Studio Onsite Runner 1.3
< 0.1.1-0.9.4.19
- suse•rubygem-bundler19&distro=SUSE Studio Onsite 1.3
< 1.7.0-0.13.10
- suse•rubygem-bundler19&distro=SUSE Studio Onsite Runner 1.3
< 1.7.0-0.13.10
- suse•studio-help&distro=SUSE Studio Onsite 1.3
< 1.3.20-0.6.9
- suse•studio-help&distro=SUSE Studio Onsite Runner 1.3
< 1.3.20-0.6.9
- suse•susestudio&distro=SUSE Studio Onsite 1.3
< 1.3.14-52.1
- suse•susestudio&distro=SUSE Studio Onsite Runner 1.3
< 1.3.14-52.1
References (22)
- https://www.suse.com/support/update/announcement/2017/suse-su-20170475-1/
- https://bugzilla.suse.com/870697
- https://bugzilla.suse.com/887489
- https://bugzilla.suse.com/929102
- https://bugzilla.suse.com/942185
- https://bugzilla.suse.com/947225
- https://bugzilla.suse.com/963741
- https://bugzilla.suse.com/968797
- https://bugzilla.suse.com/969322
- https://bugzilla.suse.com/972406
- https://bugzilla.suse.com/972425
- https://bugzilla.suse.com/974130
- https://bugzilla.suse.com/979110
- https://bugzilla.suse.com/979124
- https://bugzilla.suse.com/981095
- https://bugzilla.suse.com/983404
- https://bugzilla.suse.com/983999
- https://www.suse.com/security/cve/CVE-2015-3448
- https://www.suse.com/security/cve/CVE-2015-7576
- https://www.suse.com/security/cve/CVE-2015-7577
- https://www.suse.com/security/cve/CVE-2016-0751
- https://www.suse.com/security/cve/CVE-2016-0752