Recommended update 4.3.15 for Multi-Linux Manager Client Tools SUSE Patch security@suse.de SUSE Security Team SUSE-RU-2025:0791-1 Final 1 1 2025-03-06T05:28:17Z current 2025-03-06T05:28:17Z 2025-03-06T05:28:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update 4.3.15 for Multi-Linux Manager Client Tools This update fixes the following issues: ansible: - Security issues fixed: * CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be exposed in plaintext (bsc#1230601) spacewalk-client-tools: - Version 4.3.22-0 * Allow translation to wrap strings as weblate forces it * Show Source String change for translations uyuni-proxy-systemd-services: - Version 4.3.15-0 * Update to Multi-Linux Manager 4.3.15 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-791,SUSE-SLE-Manager-Tools-15-2025-791,SUSE-SLE-Manager-Tools-For-Micro-5-2025-791,SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2025-791,openSUSE-SLE-15.6-2025-791 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/-2025-791/suse-ru-20250791-1/ Link for SUSE-RU-2025:0791-1 https://lists.suse.com/pipermail/sle-updates/2025-March/038632.html E-Mail link for SUSE-RU-2025:0791-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1230601 SUSE Bug 1230601 https://www.suse.com/security/cve/CVE-2024-8775/ SUSE CVE CVE-2024-8775 page SUSE Manager Client Tools 15 SUSE Manager Client Tools for SLE Micro 5 SUSE Manager Proxy Module 4.3 openSUSE Leap 15.6 ansible-2.9.27-150000.1.20.1 ansible-doc-2.9.27-150000.1.20.1 ansible-test-2.9.27-150000.1.20.1 python3-spacewalk-check-4.3.22-150000.3.100.1 python3-spacewalk-client-setup-4.3.22-150000.3.100.1 python3-spacewalk-client-tools-4.3.22-150000.3.100.1 spacewalk-check-4.3.22-150000.3.100.1 spacewalk-client-setup-4.3.22-150000.3.100.1 spacewalk-client-tools-4.3.22-150000.3.100.1 uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 ansible-2.9.27-150000.1.20.1 as a component of SUSE Manager Client Tools 15 ansible-doc-2.9.27-150000.1.20.1 as a component of SUSE Manager Client Tools 15 python3-spacewalk-check-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 python3-spacewalk-client-setup-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 python3-spacewalk-client-tools-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 spacewalk-check-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 spacewalk-client-setup-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 spacewalk-client-tools-4.3.22-150000.3.100.1 as a component of SUSE Manager Client Tools 15 uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 as a component of SUSE Manager Client Tools 15 uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 as a component of SUSE Manager Client Tools for SLE Micro 5 ansible-2.9.27-150000.1.20.1 as a component of SUSE Manager Proxy Module 4.3 ansible-doc-2.9.27-150000.1.20.1 as a component of SUSE Manager Proxy Module 4.3 uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 as a component of SUSE Manager Proxy Module 4.3 ansible-2.9.27-150000.1.20.1 as a component of openSUSE Leap 15.6 ansible-doc-2.9.27-150000.1.20.1 as a component of openSUSE Leap 15.6 ansible-test-2.9.27-150000.1.20.1 as a component of openSUSE Leap 15.6 A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions. CVE-2024-8775 SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.20.1 SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.20.1 SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:python3-spacewalk-client-tools-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:spacewalk-check-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:spacewalk-client-setup-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:spacewalk-client-tools-4.3.22-150000.3.100.1 SUSE Manager Client Tools 15:uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 SUSE Manager Client Tools for SLE Micro 5:uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 SUSE Manager Proxy Module 4.3:ansible-2.9.27-150000.1.20.1 SUSE Manager Proxy Module 4.3:ansible-doc-2.9.27-150000.1.20.1 SUSE Manager Proxy Module 4.3:uyuni-proxy-systemd-services-4.3.15-150000.1.30.1 openSUSE Leap 15.6:ansible-2.9.27-150000.1.20.1 openSUSE Leap 15.6:ansible-doc-2.9.27-150000.1.20.1 openSUSE Leap 15.6:ansible-test-2.9.27-150000.1.20.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/-2025-791/suse-ru-20250791-1/ https://www.suse.com/security/cve/CVE-2024-8775.html CVE-2024-8775 https://bugzilla.suse.com/1230601 SUSE Bug 1230601