Recommended update for SUSE Manager Client Tools SUSE Patch security@suse.de SUSE Security Team SUSE-RU-2017:0174-1 Final 1 1 2017-01-17T09:08:52Z current 2017-01-17T09:08:52Z 2017-01-17T09:08:52Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for SUSE Manager Client Tools This update fixes the following issues: osad: - Fix logfile option for osa-dispatcher. (bsc#980752) salt: - Update to 2015.8.12 - Add pre-require to salt for minions. - Do not restart salt-minion in salt package. - Add try-restart to sys-v init scripts. - Add 'Restart=on-failure' for salt-minion systemd service. - Various fixes for signal handling. - Successfully exit of salt-api child processes when SIGTERM is received. - Re-introduce 'KillMode=process' for salt-minion systemd service. - Fix setting default timezone. (bsc#1008933) - Fix possible information leak due to revoked keys still being used. (bsc#1012398, CVE-2016-9639) spacewalk-backend: - Handle non-unique machine_id after migrate from 2.1. (bsc#1013002) - Refer to scc.suse.com instead of bugzilla.novell.com in case of problem. (bsc#967818) - Fix selection of primary interface. (bsc#1009677) - Add link from satellite-sync to mgr-inter-sync man page. (bsc#1009435) - Reposync: Assign orphaned vendor packages to the default org. (bsc#995764) - Add missing reference for bsc#996609 supportutils-plugin-susemanager-client: - Include correct configuration file in the supportconfig. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). slesctsp3-client-tools-201612-12942,slesctsp4-client-tools-201612-12942 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement//suse-ru-20170174-1/ Link for SUSE-RU-2017:0174-1 https://lists.suse.com/pipermail/sle-updates/2017-January/005788.html E-Mail link for SUSE-RU-2017:0174-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1008933 SUSE Bug 1008933 https://bugzilla.suse.com/1009435 SUSE Bug 1009435 https://bugzilla.suse.com/1009677 SUSE Bug 1009677 https://bugzilla.suse.com/1012398 SUSE Bug 1012398 https://bugzilla.suse.com/1013002 SUSE Bug 1013002 https://bugzilla.suse.com/967818 SUSE Bug 967818 https://bugzilla.suse.com/980752 SUSE Bug 980752 https://bugzilla.suse.com/995764 SUSE Bug 995764 https://bugzilla.suse.com/996609 SUSE Bug 996609 https://www.suse.com/security/cve/CVE-2016-9639/ SUSE CVE CVE-2016-9639 page SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS osa-common-5.11.64.3-5.1 osad-5.11.64.3-5.1 salt-2015.8.12-27.1 salt-doc-2015.8.12-27.1 salt-minion-2015.8.12-27.1 spacewalk-backend-libs-2.5.24.7-16.1 supportutils-plugin-susemanager-client-3.0.5-5.1 osa-common-5.11.64.3-5.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS osad-5.11.64.3-5.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS salt-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS salt-doc-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS salt-minion-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS spacewalk-backend-libs-2.5.24.7-16.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS supportutils-plugin-susemanager-client-3.0.5-5.1 as a component of SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS osa-common-5.11.64.3-5.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS osad-5.11.64.3-5.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS salt-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS salt-doc-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS salt-minion-2015.8.12-27.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS spacewalk-backend-libs-2.5.24.7-16.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS supportutils-plugin-susemanager-client-3.0.5-5.1 as a component of SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching. CVE-2016-9639 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:osa-common-5.11.64.3-5.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:osad-5.11.64.3-5.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-doc-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:salt-minion-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:spacewalk-backend-libs-2.5.24.7-16.1 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS:supportutils-plugin-susemanager-client-3.0.5-5.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:osa-common-5.11.64.3-5.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:osad-5.11.64.3-5.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-doc-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:salt-minion-2015.8.12-27.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:spacewalk-backend-libs-2.5.24.7-16.1 SUSE Linux Enterprise Server 11 SP4-CLIENT-TOOLS:supportutils-plugin-susemanager-client-3.0.5-5.1 low 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20170174-1/ https://www.suse.com/security/cve/CVE-2016-9639.html CVE-2016-9639 https://bugzilla.suse.com/1012398 SUSE Bug 1012398