SUSE-SU-2018:1751-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2014-5326 CVE-2017-1000469

Published: 19 Jun 2018, 13:47

Last modified:04 Feb 2026, 02:20

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Jun 2018, 13:47

Published

Vulnerability first disclosed

04 Feb 2026, 02:20

Last Modified

Vulnerability information updated

Description

Security update for SUSE Manager Server 3.1 This update provides the following fixes and improvements for SUSE Manager Server 3.1: The following new package has been added: py26-compat-salt: This package provides compatibility with Python 2.6 for salt. This update includes the following new features: (fate#325476) Additonally, the following issues have been fixed: cobbler: - Detect if there is already another instance of 'cobbler sync' running and exit with failure if so. (bsc#1081714) - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594) - Add sles15 distro profile. (bsc#1090205) google-gson: - Update to version 2.8.2. (bsc#1091091) patterns-suse-manager: - Require py26-compat-salt and python3-salt to be able to connect with salt-ssh to a system which has python2.6 or python3 installed. (fate#325476) salt-netapi-client: - See https://github.com/SUSE/salt-netapi-client/releases/tag/v0.14.0 spacewalk-backend: - Do not fail boostrap if no ip6addr interface. (bsc#1090395) - Allow again to use a higher version of spacewalk-backend-libs with spacewalk-backend. (bsc#1092383) - SLE15 support: recommended/required flag for products and channels. spacewalk-branding: - Fix URL for new products page. (bsc#1092492) - SLE15 support: recommended/required flag for products and channels. - Show channel label when listing config channels. (bsc#1083278) spacewalk-certs-tools: - Fix bootstrap script for python3. (bsc#1091840) - Support SLE15 product family. spacewalk-java: - Do not create new product if product_id exists, update it instead (bsc#1096714) - Fix deletion of Taskomatic schedules via the GUI (bsc#1095569) - Fix unknown installed products when using salt-ssh. (bsc#1088861) - Prevent NPE when no image build history details are available. (bsc#1092161) - Uniform the notification message when scheduling HW refresh. (bsc#1082796) - Add SLES12 SP2 LTSS family. (bsc#1092194) - Fix token cleanup task crashing. (bsc#1090585) - HW refresh fails on SLE15 Salt client. (bsc#1090221) - Only show the most relevant (least effort) solutions. (bsc#1087071) - Add support for autoinstallation of SLE15. (bsc#1090205) - Update sles_register cobbler snippets to work with SLE15. (bsc#1090205) - Support SLE15 product family. - Show channel label when listing config channels. (bsc#1083278) - Fix equals to display channels with same name but different label. (bsc#1083278) - Avoid init.sls files with no revision on Config State Channels. (bsc#1091855) - Fix taskomatic deadlock in failure case. (bsc#1085471) - Render configuration files with UTF-8. (bsc#1088667) - Update google-gson to version 2.8.2. (bsc#1091091) - Fix updating Subscription cache. (bsc#1075466) - Fix NPE in websocket session configurator. (bsc#1080474) - Wait until minion is back to set RebootAction as COMPLETED. (bsc#1089401) - Add support for Prometheus monitoring. - Fix constraint violation errors when onboarding. (bsc#1089468) - Fix Advanced search for systems with installed packages. (bsc#1085838) spacewalk-utils: - Clone-by-date removes packages only if the list is not empty. (bsc#1089396) spacewalk-web: - Fix misleading message when syncing channels. (bsc#1089103) - Automatically select mandatory channels when selecting a base channel. (bsc#1083513) - Fix ace.js editor config to use soft tabs. (bsc#1090040) - Display always config channel name and label. (bsc#1083278) susemanager: - Add missing python3 packages to bootstrap JeOS image. (bsc#1085044) - Support SLE15 product family. - Fix crash on not properly configured environment. (bsc#1092275) - Provide full traditional stack in RES bootstrap repo. (bsc#1091667) - Fix bootstrap script for python3. (bsc#1091840) - Fix unknown installed products when using salt-ssh. (bsc#1088861) - Add python2-salt to RES7 and SLES12 bootstrap repository. - Fix bootstrapping RHEL 7 salt client (missing python-ipaddress). (bsc#1087055) susemanager-frontend-libs: - Enforce susemanager-nodejs-sdk-devel dependency version. (bsc#1095231) susemanager-docs_en: - Documentation: mgr-create-bootstrap-repo documented flag is not correct. (bsc#1090400) - Remove LTSS from SUSE Linux Enterprise 11 SP4 in gs. (bsc#1090401) - Configuration Macros do not work. (bsc#1084679) - Updated spacecmd with new functions. - Update bootstrap warning for sles 15 clients and python 3 - in reference and gs. susemanager-schema: - Add SLE15 distribution. (bsc#1090205) - SLE15 support: recommended/required flag for products and channels. - Support SLE15 product family. - Fix a race condition on lookup_evr. (bsc#1090059) susemanager-sls: - Install python2/3 salt flavours on buildhosts to generate a compatible thin for the dockerimage beeing build. (bsc#1092161) - Docker.login requires a list as input. (bsc#1092161) - Fix profileupdate sls to execute retrieval of kernel live patching info. (bsc#1091052) - Support SLE15 product family. - Fix hardware refresh when FQDN changes. (bsc#1073267) - Create bootstrap repo only if it exist in the server. (bsc#1087840) - Fix master tops merging when running salt>=2018. - Use dockermod with new salt and user repository/tag option for build. susemanager-sync-data: - Set SLE15 channel update tags to final version. - Add SLES12 SP2 LTSS family. (bsc#1092194) - Add SLES12-SP2-LTSS product classes. (bsc#1092194) - Add debuginfo channels for SLE15 products. - Add PackageHub 15 Products. - Add product sle-module-live-patching 15. - Add new HPC 15 Product. - Add missing channel to sle-module-basesystem 15. - Support SLE15 product family. susemanager-tftpsync: - Detect if there is already another instance of 'cobbler sync' running and exit with failure if so. (bsc#1081714)

Affected Systems

suse•cobbler&distro=SUSE Manager Server 3.1
< 2.6.6-5.10.4
suse•google-gson&distro=SUSE Manager Server 3.1
< 2.8.2-3.3.6
suse•patterns-suse-manager&distro=SUSE Manager Server 3.1
< 3.1-3.3.2
suse•prometheus-client-java&distro=SUSE Manager Server 3.1
< 0.3.0-1.3.5
suse•py26-compat-salt&distro=SUSE Manager Server 3.1
< 2016.11.4-1.7.2
suse•salt-netapi-client&distro=SUSE Manager Server 3.1
< 0.14.0-3.9.5
suse•spacewalk-backend&distro=SUSE Manager Server 3.1
< 2.7.73.13-2.19.5
suse•spacewalk-branding&distro=SUSE Manager Server 3.1
< 2.7.2.13-2.19.5
suse•spacewalk-certs-tools&distro=SUSE Manager Server 3.1
< 2.7.0.10-2.12.4
suse•spacewalk-java&distro=SUSE Manager Server 3.1
< 2.7.46.14-2.25.1
suse•spacewalk-utils&distro=SUSE Manager Server 3.1
< 2.7.10.7-2.10.4
suse•spacewalk-web&distro=SUSE Manager Server 3.1
< 2.7.1.16-2.19.5
suse•susemanager-docs_en&distro=SUSE Manager Server 3.1
< 3.1-10.20.7
suse•susemanager-frontend-libs&distro=SUSE Manager Server 3.1
< 3.1.1-3.3.2
suse•susemanager-schema&distro=SUSE Manager Server 3.1
< 3.1.17-2.23.3
suse•susemanager-sls&distro=SUSE Manager Server 3.1
< 3.1.17-2.23.2
suse•susemanager-sync-data&distro=SUSE Manager Server 3.1
< 3.1.14-2.23.2
suse•susemanager-tftpsync&distro=SUSE Manager Server 3.1
< 3.1.3-3.6.2
suse•susemanager&distro=SUSE Manager Server 3.1
< 3.1.14-2.19.5

SUSE-SU-2018:1751-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (46)