{"affected":[{"ecosystem_specific":{"binaries":[{"firewalld-prometheus-config":"0.1-150000.3.56.1","golang-github-prometheus-prometheus":"2.45.6-150000.3.56.1","mgrctl":"0.1.21-150000.1.8.2","mgrctl-bash-completion":"0.1.21-150000.1.8.2","mgrctl-lang":"0.1.21-150000.1.8.2","mgrctl-zsh-completion":"0.1.21-150000.1.8.2","python3-rhnlib":"5.0.4-150000.3.46.1","spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools 15","name":"golang-github-prometheus-prometheus","purl":"pkg:rpm/suse/golang-github-prometheus-prometheus&distro=SUSE%20Manager%20Client%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.45.6-150000.3.56.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"firewalld-prometheus-config":"0.1-150000.3.56.1","golang-github-prometheus-prometheus":"2.45.6-150000.3.56.1","mgrctl":"0.1.21-150000.1.8.2","mgrctl-bash-completion":"0.1.21-150000.1.8.2","mgrctl-lang":"0.1.21-150000.1.8.2","mgrctl-zsh-completion":"0.1.21-150000.1.8.2","python3-rhnlib":"5.0.4-150000.3.46.1","spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools 15","name":"rhnlib","purl":"pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.4-150000.3.46.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"firewalld-prometheus-config":"0.1-150000.3.56.1","golang-github-prometheus-prometheus":"2.45.6-150000.3.56.1","mgrctl":"0.1.21-150000.1.8.2","mgrctl-bash-completion":"0.1.21-150000.1.8.2","mgrctl-lang":"0.1.21-150000.1.8.2","mgrctl-zsh-completion":"0.1.21-150000.1.8.2","python3-rhnlib":"5.0.4-150000.3.46.1","spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools 15","name":"spacecmd","purl":"pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.9-150000.3.124.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"firewalld-prometheus-config":"0.1-150000.3.56.1","golang-github-prometheus-prometheus":"2.45.6-150000.3.56.1","mgrctl":"0.1.21-150000.1.8.2","mgrctl-bash-completion":"0.1.21-150000.1.8.2","mgrctl-lang":"0.1.21-150000.1.8.2","mgrctl-zsh-completion":"0.1.21-150000.1.8.2","python3-rhnlib":"5.0.4-150000.3.46.1","spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools 15","name":"uyuni-tools","purl":"pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.21-150000.1.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"mgrctl":"0.1.21-150000.1.8.2","mgrctl-bash-completion":"0.1.21-150000.1.8.2","mgrctl-lang":"0.1.21-150000.1.8.2","mgrctl-zsh-completion":"0.1.21-150000.1.8.2"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for SLE Micro 5","name":"uyuni-tools","purl":"pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.21-150000.1.8.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"spacecmd","purl":"pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.9-150000.3.124.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"spacecmd":"5.0.9-150000.3.124.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"spacecmd","purl":"pkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.9-150000.3.124.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update fixes the following issues:\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n  * CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038)\n  * CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556)\n\n- Require Go > 1.20 for building\n- Migrate from `disabled` to `manual` service mode\n- Update to 2.45.6 (jsc#PED-3577):\n  * Security fixes in dependencies\n- Update to 2.45.5:\n  * [BUGFIX] tsdb/agent: ensure that new series get written to WAL\n    on rollback.\n  * [BUGFIX] Remote write: Avoid a race condition when applying\n    configuration.\n- Update to 2.45.4:\n  * [BUGFIX] Remote read: Release querier resources before encoding\n    the results.\n- Update to 2.45.3:\n  * [BUGFIX] TSDB: Remove double memory snapshot on shutdown.\n- Update to 2.45.2:\n  * [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new\n    series.\n- Update to 2.45.1:\n  * [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used\n    by Hetzner in September.\n  * [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid\n    overflows on 386 architecture.\n  * [BUGFIX] TSDB: Handle TOC parsing failures.\n\nrhnlib:\n    \n- Version 5.0.4-0\n  * Add the old TLS code for very old traditional clients still on\n    python 2.7 (bsc#1228198)\n\nspacecmd:\n\n- Version 5.0.9-0\n  * Update translation strings\n\nuyuni-tools:\n\n- Version 0.1.21-0\n  * mgrpxy: Fix typo on Systemd template\n- Version 0.1.20-0\n  * Update the push tag to 5.0.1\n  * mgrpxy: expose port on IPv6 network (bsc#1227951)\n- Version 0.1.19-0\n  * Skip updating Tomcat remote debug if conf file is not present\n- Version 0.1.18-0\n  * Setup Confidential Computing container during migration\n    (bsc#1227588)\n  * Add the /etc/uyuni/uyuni-tools.yaml path to the config help\n  * Split systemd config files to not loose configuration at upgrade\n    (bsc#1227718)\n  * Use the same logic for image computation in mgradm and mgrpxy\n    (bsc#1228026)\n  * Allow building with different Helm and container default\n    registry paths (bsc#1226191)\n  * Fix recursion in mgradm upgrade podman list --help\n  * Setup hub xmlrpc API service in migration to Podman (bsc#1227588)\n  * Setup disabled hub xmlrpc API service in all cases (bsc#1227584)\n  * Clean the inspection code to make it faster\n  * Properly detect IPv6 enabled on Podman network (bsc#1224349)\n  * Fix the log file path generation\n  * Write scripts output to uyuni-tools.log file\n  * Add uyuni-hubxml-rpc to the list of values in\n    mgradm scale --help\n  * Use path in mgradm support sql file input (bsc#1227505)\n  * On Ubuntu build with go1.21 instead of go1.20\n  * Enforce Cobbler setup (bsc#1226847)\n  * Expose port on IPv6 network (bsc#1227951)\n  * show output of podman image search --list-tags command\n  * Implement mgrpxy support config command\n  * During migration, ignore /etc/sysconfig/tomcat and\n    /etc/tomcat/tomcat.conf (bsc#1228183)\n  * During migration, remove java.annotation,com.sun.xml.bind and\n    UseConcMarkSweepGC settings\n  * Disable node exporter port for Kubernetes\n  * Fix start, stop and restart in Kubernetes\n  * Increase start timeout in Kubernetes\n  * Fix traefik query\n  * Fix password entry usability (bsc#1226437)\n  * Add --prepare option to migrate command\n  * Fix random error during installation of CA certificate\n    (bsc#1227245)\n  * Clarify and fix distro name guessing when not provided\n    (bsc#1226284)\n  * Replace not working Fatal error by plain error return\n    (bsc#1220136)\n  * Allow server installation with preexisting storage volumes\n  * Do not report error when purging mounted volume (bsc#1225349)\n  * Preserve PAGER settings from the host for interactive sql\n    usage (bsc#1226914)\n  * Add mgrpxy command to clear the Squid cache\n  * Use local images for Confidential Computing and\n    Hub containers (bsc#1227586)\n- Version 0.1.17-0\n  * Allow GPG files to be loaded from the local file (bsc#1227195)\n- Version 0.1.16-0\n  * Prefer local images in all migration steps (bsc#1227244)\n- Version 0.1.15-0\n  * Define --registry flag behaviour (bsc#1226793)\n- Version 0.1.14-0\n  * Do not rely on hardcoded registry, remove any FQDN\n- Version 0.1.13-0\n  * Fix mgradm support config tarball creation (bsc#1226759)\n- Version 0.1.12-0\n  * Detection of k8s on Proxy was wrongly influenced by Server\n    setting\n\n","id":"SUSE-SU-2024:3267-1","modified":"2024-09-17T07:43:02Z","published":"2024-09-17T07:43:02Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243267-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1220136"},{"type":"REPORT","url":"https://bugzilla.suse.com/1224349"},{"type":"REPORT","url":"https://bugzilla.suse.com/1225349"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226191"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226284"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226437"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226759"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226793"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226847"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226914"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227038"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227195"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227244"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227245"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227505"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227584"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227586"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227588"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227718"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227951"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228026"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228183"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228198"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228556"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-45142"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-6104"}],"related":["CVE-2023-45142","CVE-2024-6104"],"summary":"Security update for SUSE Manager Client Tools","upstream":["CVE-2023-45142","CVE-2024-6104"]}