Recommended update for SUSE Manager Server 2.1 SUSE Patch security@suse.de SUSE Security Team SUSE-RU-2015:0611-1 Final 1 1 2015-02-25T20:05:05Z current 2015-02-25T20:05:05Z 2015-02-25T20:05:05Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Recommended update for SUSE Manager Server 2.1 This collective update for SUSE Manager Server 2.1 provides the following new features: * Connect SUSE Manager to the SUSE Customer Center. * Manage SLE12 systems. * ISS: export/import information about cloned channels to support Service Pack migration on ISS slaves. (FATE#317789) * New API calls: system.scheduleSPMigration(), system.scheduleDistUpgrade(). (FATE#314785, FATE#314340) Additionally, several issues have been fixed: auditlog-keeper: * Fix value too long for type character varying(2048). (bnc#872351) * Fix init.d script restart. (bsc#872029) cobbler: * Require syslinux-x86_64 on s390x. (bsc#884051) * Fix fetching of profiles for auto-installation. (bsc#880936) * Fix port guessing in koan. (bsc#855389) * Add 'copy-default' option to grubby-compat. (bsc#855389) * Handle elilo in SUSE. (bsc#855389) * Fix wrong option 'text' in SUSE environment. (bsc#901058) * Fix re-installation on SLE with static network configuration. (bsc#883487) * Add RHEL 7 as a valid operating system version. oracle-config: * No need to pre-require Apache as its user and group are available in the base system. osad: * Enable and install osad during first installation. (bsc#901958) pxe-default-image: * Add bind-utils (dig) to packagelist. (bsc#889739) * Wait for gateway to become available before register. (bsc#895001) rhnlib: * Ensure bytes strings are sent to pyOpenSSL. (bnc#880388) rhnpush: * Add default path structure to proxy lookaside that avoids collisions. sm-ncc-sync-data: * Add SUSE Cloud 4 channels. (bnc#883057) * Add channels for SUSE Manager Server 2.1 s390x. * Fix parent label of the LTSS channel for SLMS. * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108) * Add support for RES7 in SUSE Manager. (bsc#897723, bsc#893608) smdba: * Fix 'system check breaks backup and other configuration'. * Implement rotating PostgreSQL backup. (bsc#896244) * Space reclamation caused ORA-00942: table or view does not exist. (bsc#906850) * Archival of PosgreSQL transaction log does not recover in case of no space left on device. (bsc#915140) spacecmd: * Fix listupgrades. (bsc#892707) * Make print_result a static method of SpacewalkShell. (bsc#889605) * Call listAutoinstallableChannels() for listing distributions. (bsc#887879) * Fix spacecmd schedule listing. (bsc#902494) * Fix call of setCustomOptions() during kickstart_importjson. (bsc#879904) * Fix configchannel export: do not create 'contents' key for directories. (bsc#908849) spacewalk-backend: * Insert update tag at the correct place for SLE12. (bsc#907677) * Trigger generation of metadata if the repo contains no packages. (bsc#870159) * Convert mtime to localtime to prevent invalid times because of DST. (bsc#914437) * Do not exit with error if a vendor channel has no URL associated. (bsc#914260) * Convert empty string to null for DMI values. (bsc#911272) spacewalk-branding: * CVE patches adapted for colour blind users. (bnc#872298) * Underline in icons is removed. (bnc#880001) * Fix link to macro documentation. (bsc#895961) * Fix branding in error message. (bsc#902503) spacewalk-certs-tools: * Fix removal of existing host key entries. (bsc#886391) * Remove duplicates from authorized_keys2 as well. (bsc#885889) * Do not allow registering a SUSE Manager server against itself. (bsc#841731) spacewalk-client-tools: * Allow unicode characters in proxy username and password. * Send correct hostname. (bsc#887538) spacewalk-config: * Add recommended Apache settings from the Security Team. spacewalk-java: * Fix human dates now() staying unmodified. (bnc#880081) * Allow for null evr and archs on event history detail. (bnc#880327) * Disable form autocompletion in some places. (bnc#879998) * Fix datepicker time at xx:xx PM pre-filled with xx:xx AM. (bnc#881522) * Fixed package upgrade via SSM when using the Oracle DB as backend. (bnc#889721) * This update fixes various cross-site scripting (XSS) issues in spacewalk-java. (CVE-2014-3654, bnc#902182) * Sync correct repositories. (bnc#904959) * Fix pxt page link to point to the ported version of that page. (bsc#903720) * Correctly apply patches to multiple systems in SSM. (bsc#898242) * Fix CVE audit when some packages of a patch are already installed. (bsc#899266) * Download CSV button does not export all columns ('Base Channel' missing). (bsc#896238) * Read and display only a limited number of logfile lines. (bsc#883009) * Fix package upgrade via SSM. (bsc#889721) * Fix logrotate for /var/log/rhn/rhn_web_api.log. (bsc#884081) * Throw channel name exception if name is already used. (bnc#901675) * Don't commit when XMLRPCExceptions are thrown. (bsc#908320) * Remove 'Select All' button from system currency report. (bsc#653265) * Fix documentation search. (bsc#875452) * Add API listAutoinstallableChannels(). (bsc#887879) * Avoid ArrayIndexOutOfBoundsException with invalid URLs. (bsc#892711) * Avoid NumberFormatException in case of invalid URL. (bsc#892711) * Lookup kickstart tree only when org is found. (bsc#892711) * Fix NPE on GET /rhn/common/DownloadFile.do. (bsc#892711) * Port of the advanced provisioning option page to bootstrap. (bnc#862408) * mgr-sync refresh sets wrong permissions on JSON files. (bnc#907337) * Fix link to macro documentation. (bsc#895961) * Forward to 'raw mode' page in case this is an uploaded profile. (bsc#904841) * Enlarge big text area to use more available screen space. (bnc#867836) * Fix links to monitoring documentation. (bsc#906887) * Fix install type detection. (bsc#875231) * Point 'Register Clients' link to 'Client Configuration Guide'. (bsc#880026) * Change order of installer type: prefer SUSE Linux. (bsc#860299) * Fix ISE when clicking system currency. (bnc#905530) * Set cobbler hostname variable when calling system.createSystemRecord. (bnc#904699) * Fix wrong install=http://nullnull line when calling system.createSystemRecord. (bnc#904699) * Explain snapshot/rollback behavior better. (bsc#808947) * Fix patch syncing: prevent hibernate.NonUniqueObjectException androllback. (bsc#903880) * Remove 'Add Selected to SSM' from system overview page. (bsc#901776) * Fix CVE audit in case of multi-version package installed and patch in multi channels. (bsc#903723) * Update channel family membership when channel is updated. (bsc#901193) * Add log warning if uploaded file size > 1MB. (bnc#901927) * Fix channel package compare. (bsc#904690) * Fix automatic configuration file deployment via snippet. (bsc#898426) * Add client hostname or IP to log messages. (bsc#904732) * Fixed copying text from kickstart snippets. (bsc#880087) * Fix auditlog config yaml syntax. (bsc#913221) * Show Proxy tab if system is a proxy even when assigned to cloned channels. (bsc#913939) * Fixed uncaught error which prevent correct error handling. (bsc#858971) * Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035) * Fix more cross-site-scripting (XSS) issues. (CVE-2014-7811, bsc#902915) * Fix basic authentication for HTTP proxies. (bsc#912057) * Accept repos with same SCC ID and different URLs. (bsc#911808) * Avoid mgr-sync-refresh failure because clear_log_id was not called. (bsc#911166) * Fix cross-site-scripting (XSS) issue in system-group (CVE-2014-7812, bsc#912886) * Fix 'Select All' buttons display on rhn:list and make it consistent with new rl:list. (bsc#909724) * Fix List tag missing submit parameter for 'Select All' and others. (bnc#909724) * Sort filelist in configfile.compare event history alphabetically. (bsc#910243) * Allow parenthesis in system group description. (bsc#903064) * Provide new API documentation in PDF format. (bsc#896029) * Update the example scripts section. (bsc#896029) * Fixed wording issues on package lock page. (bsc#880022) * Make text more clear for package profile sync. (bsc#884350) spacewalk-reports: * Added channel- and server-group-ids to activation-keys. * Added spacewalk-report for systems with extra packages. spacewalk-search: * Fix package searching in shared channels. spacewalk-setup: * Setup /etc/sudoers in SUSE Manager upgrade scripts (bnc#881711) * No activation if database population should be skipped. (bsc#900956) * Do not enable spacewalk-service in runlevel 4. (bsc#879992) spacewalk-utils: * Fixed spacewalk-hostname-rename to work with PostgreSQL backend. * Added limitation of spacewalk-clone-by-date for RHEL4 and earlier. * Add openSUSE 13.2 repositories to spacewalk-common-channels. * Improve clone-by-date dependency resolution. * Add CentOS 7 and EPEL 7 channels. * Fix error if blacklist / removelist is not in scbd configurationfile. spacewalk-web: * Fix links to monitoring documentation. (bsc#906887) * Show Proxy tab if system is a proxy even when assigned to cloned channels. (bsc#913939) supportutils-plugin-susemanager: * Write current service and repository configuration into supportconfig. susemanager-manuals_en, susemanager-jsp_en: * Clarification about supported Web browsers. (bsc#889905) * Update text and image files. (bnc#907527) * Document NCC to SCC switch with SUSE Manager 2.1. (bnc#907106, bnc#907643, bnc#907645, bnc#907646) * SUSE Manager server update description. (bnc#902373) * Activation keys and packages. (bnc#767279) * Cobbler (bnc#880027), Link fix (bnc#881225), Wagon (bnc#884366) * Install and ship the built PDFs. (bnc#907086) * Update text and image files (bsc#910494). * Firewall rules are incomplete - ssh-push and ssh-push-tunnel settings missing. (bsc#904703) * Document SP migration and ISS. (bsc#913215, partially). * Fix 'beta packages' mentioned in documentation. (bsc#886421). * User guide: Snapshots: clarify snaphot usage. (bsc#906851). * Document maximal supported configuration file limit. (bsc#910482). susemanager-schema: * Add SLE 12 distribution targets to database. * Fix evr_t schema upgrade. (bsc#881111) * Allow evr_t to be compared with NULL in Oracle. (bsc#881111) * Add support to ppc64le architecture. * Fix migration script names to fix bare-metal registration. (bsc#896109) * Create regular index instead and have one migration per DB. (bsc#905072) * Drop unique index on package ids. (bsc#905072) * Fix NPE by setting max_members to 0 instead of NULL. (bsc#912035) * Fix old migration for future reference. (bsc#911180) * Avoid NPE when migrating to SCC on Oracle migrated from 1.7. (bsc#911180) susemanager: * Update the sudoers file after SUSE Manager upgrade. (bnc#881711) * Fix oracle2postgres.sh (database configuration). * Replace /etc/motd after setup. (bsc#883379) * Make mgr-create-bootstrap-repo SCC and SLE 12 aware. * Abort setup when invalid SSL country code given. (bnc#882468) * Use noRepoSync parameter always. * Fixed error message on exception in mgr-sync. (bnc#905263) * Fixed add product to not trigger redundant addition of base channel. (bnc#901928) * Ask for the authentication beforehand. (bsc#908317) susemanager-sync-data: * Add channels for Public Cloud Module. (bsc#907586) * Add new channel families SLE-WE and SLE-LP. * Add ATI and nVidia channels for SLED11-SP3. (bsc#901108) * Add channels for IBM-DLPAR for SLE12 ppc64le. * Added support for RES7 in SUSE Manager. (bsc#897723, bsc#893608) suseRegisterInfo: * Re-add legacy suse_register_info to successfully perform the update. (bsc#898428) zypp-plugin-spacewalk: * Check for retrieveOnly option in up2date configuration and set download_only. (bsc#896254) * Changed the spec file to force usage of the official python VM. (bsc#889363) yum: * Preserve query parameters in URLs. (bsc#896844) struts: * CVE-2014-0114: The ActionForm object in Apache Struts 1.x through 1.3.10 allows remote attackers to 'manipulate' the ClassLoader and execute arbitrary code via the class parameter, which is passed to the getClass method. apache2-mod_wsgi: * CVE-2014-0242: Information exposure. (bnc#878553) * CVE-2014-0240: Local privilege escalation. (bnc#878550) * CVE-2014-8583: Failure to handle errors when attempting to drop group privileges. (bnc#903961) libyaml-0-2: * Assert failure when processing wrapped strings (bnc#907809, CVE-2014-9130) tanukiwrapper: * Allow more than 4G as -Xmx option. (bsc#914900) The following new packages have been added to the product: susemanager-sync-data, google-gson, python-enum34. How to apply this update: 1. Log in as root user to the SUSE Manager server. 2. Stop the Spacewalk service: spacewalk-service stop 3. Apply the patch using either zypper patch or YaST Online Update. 4. Upgrade the database schema with spacewalk-schema-upgrade 5. Start the Spacewalk service: spacewalk-service start Security Issues: * CVE-2014-0114 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114> * CVE-2014-0240 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240> * CVE-2014-0242 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242> * CVE-2014-3654 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3654> * CVE-2014-7811 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7811> * CVE-2014-7812 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7812> * CVE-2014-8583 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8583> * CVE-2014-9130 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130> The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sleman21-suse-manager-201503 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ Link for SUSE-RU-2015:0611-1 https://lists.suse.com/pipermail/sle-updates/2015-March/002829.html E-Mail link for SUSE-RU-2015:0611-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/653265 SUSE Bug 653265 https://bugzilla.suse.com/767279 SUSE Bug 767279 https://bugzilla.suse.com/808947 SUSE Bug 808947 https://bugzilla.suse.com/841731 SUSE Bug 841731 https://bugzilla.suse.com/855389 SUSE Bug 855389 https://bugzilla.suse.com/858971 SUSE Bug 858971 https://bugzilla.suse.com/860299 SUSE Bug 860299 https://bugzilla.suse.com/862408 SUSE Bug 862408 https://bugzilla.suse.com/867836 SUSE Bug 867836 https://bugzilla.suse.com/870159 SUSE Bug 870159 https://bugzilla.suse.com/872029 SUSE Bug 872029 https://bugzilla.suse.com/872298 SUSE Bug 872298 https://bugzilla.suse.com/872351 SUSE Bug 872351 https://bugzilla.suse.com/875231 SUSE Bug 875231 https://bugzilla.suse.com/875452 SUSE Bug 875452 https://bugzilla.suse.com/878550 SUSE Bug 878550 https://bugzilla.suse.com/878553 SUSE Bug 878553 https://bugzilla.suse.com/879904 SUSE Bug 879904 https://bugzilla.suse.com/879992 SUSE Bug 879992 https://bugzilla.suse.com/879998 SUSE Bug 879998 https://bugzilla.suse.com/880001 SUSE Bug 880001 https://bugzilla.suse.com/880022 SUSE Bug 880022 https://bugzilla.suse.com/880026 SUSE Bug 880026 https://bugzilla.suse.com/880027 SUSE Bug 880027 https://bugzilla.suse.com/880081 SUSE Bug 880081 https://bugzilla.suse.com/880087 SUSE Bug 880087 https://bugzilla.suse.com/880327 SUSE Bug 880327 https://bugzilla.suse.com/880388 SUSE Bug 880388 https://bugzilla.suse.com/880936 SUSE Bug 880936 https://bugzilla.suse.com/881111 SUSE Bug 881111 https://bugzilla.suse.com/881225 SUSE Bug 881225 https://bugzilla.suse.com/881522 SUSE Bug 881522 https://bugzilla.suse.com/881711 SUSE Bug 881711 https://bugzilla.suse.com/882468 SUSE Bug 882468 https://bugzilla.suse.com/883009 SUSE Bug 883009 https://bugzilla.suse.com/883057 SUSE Bug 883057 https://bugzilla.suse.com/883379 SUSE Bug 883379 https://bugzilla.suse.com/883487 SUSE Bug 883487 https://bugzilla.suse.com/884051 SUSE Bug 884051 https://bugzilla.suse.com/884081 SUSE Bug 884081 https://bugzilla.suse.com/884350 SUSE Bug 884350 https://bugzilla.suse.com/884366 SUSE Bug 884366 https://bugzilla.suse.com/885889 SUSE Bug 885889 https://bugzilla.suse.com/886391 SUSE Bug 886391 https://bugzilla.suse.com/886421 SUSE Bug 886421 https://bugzilla.suse.com/887538 SUSE Bug 887538 https://bugzilla.suse.com/887879 SUSE Bug 887879 https://bugzilla.suse.com/889363 SUSE Bug 889363 https://bugzilla.suse.com/889605 SUSE Bug 889605 https://bugzilla.suse.com/889721 SUSE Bug 889721 https://bugzilla.suse.com/889739 SUSE Bug 889739 https://bugzilla.suse.com/889905 SUSE Bug 889905 https://bugzilla.suse.com/892707 SUSE Bug 892707 https://bugzilla.suse.com/892711 SUSE Bug 892711 https://bugzilla.suse.com/893608 SUSE Bug 893608 https://bugzilla.suse.com/895001 SUSE Bug 895001 https://bugzilla.suse.com/895961 SUSE Bug 895961 https://bugzilla.suse.com/896029 SUSE Bug 896029 https://bugzilla.suse.com/896109 SUSE Bug 896109 https://bugzilla.suse.com/896238 SUSE Bug 896238 https://bugzilla.suse.com/896244 SUSE Bug 896244 https://bugzilla.suse.com/896254 SUSE Bug 896254 https://bugzilla.suse.com/896844 SUSE Bug 896844 https://bugzilla.suse.com/897723 SUSE Bug 897723 https://bugzilla.suse.com/898242 SUSE Bug 898242 https://bugzilla.suse.com/898426 SUSE Bug 898426 https://bugzilla.suse.com/898428 SUSE Bug 898428 https://bugzilla.suse.com/899266 SUSE Bug 899266 https://bugzilla.suse.com/900956 SUSE Bug 900956 https://bugzilla.suse.com/901058 SUSE Bug 901058 https://bugzilla.suse.com/901108 SUSE Bug 901108 https://bugzilla.suse.com/901193 SUSE Bug 901193 https://bugzilla.suse.com/901675 SUSE Bug 901675 https://bugzilla.suse.com/901776 SUSE Bug 901776 https://bugzilla.suse.com/901927 SUSE Bug 901927 https://bugzilla.suse.com/901928 SUSE Bug 901928 https://bugzilla.suse.com/901958 SUSE Bug 901958 https://bugzilla.suse.com/902182 SUSE Bug 902182 https://bugzilla.suse.com/902373 SUSE Bug 902373 https://bugzilla.suse.com/902494 SUSE Bug 902494 https://bugzilla.suse.com/902503 SUSE Bug 902503 https://bugzilla.suse.com/902915 SUSE Bug 902915 https://bugzilla.suse.com/903064 SUSE Bug 903064 https://bugzilla.suse.com/903720 SUSE Bug 903720 https://bugzilla.suse.com/903723 SUSE Bug 903723 https://bugzilla.suse.com/903880 SUSE Bug 903880 https://bugzilla.suse.com/903961 SUSE Bug 903961 https://bugzilla.suse.com/904690 SUSE Bug 904690 https://bugzilla.suse.com/904699 SUSE Bug 904699 https://bugzilla.suse.com/904703 SUSE Bug 904703 https://bugzilla.suse.com/904732 SUSE Bug 904732 https://bugzilla.suse.com/904841 SUSE Bug 904841 https://bugzilla.suse.com/904959 SUSE Bug 904959 https://bugzilla.suse.com/905072 SUSE Bug 905072 https://bugzilla.suse.com/905263 SUSE Bug 905263 https://bugzilla.suse.com/905530 SUSE Bug 905530 https://bugzilla.suse.com/906850 SUSE Bug 906850 https://bugzilla.suse.com/906851 SUSE Bug 906851 https://bugzilla.suse.com/906887 SUSE Bug 906887 https://bugzilla.suse.com/907086 SUSE Bug 907086 https://bugzilla.suse.com/907106 SUSE Bug 907106 https://bugzilla.suse.com/907337 SUSE Bug 907337 https://bugzilla.suse.com/907527 SUSE Bug 907527 https://bugzilla.suse.com/907586 SUSE Bug 907586 https://bugzilla.suse.com/907643 SUSE Bug 907643 https://bugzilla.suse.com/907645 SUSE Bug 907645 https://bugzilla.suse.com/907646 SUSE Bug 907646 https://bugzilla.suse.com/907677 SUSE Bug 907677 https://bugzilla.suse.com/907809 SUSE Bug 907809 https://bugzilla.suse.com/908317 SUSE Bug 908317 https://bugzilla.suse.com/908320 SUSE Bug 908320 https://bugzilla.suse.com/908849 SUSE Bug 908849 https://bugzilla.suse.com/909724 SUSE Bug 909724 https://bugzilla.suse.com/910243 SUSE Bug 910243 https://bugzilla.suse.com/910482 SUSE Bug 910482 https://bugzilla.suse.com/910494 SUSE Bug 910494 https://bugzilla.suse.com/911166 SUSE Bug 911166 https://bugzilla.suse.com/911180 SUSE Bug 911180 https://bugzilla.suse.com/911272 SUSE Bug 911272 https://bugzilla.suse.com/911808 SUSE Bug 911808 https://bugzilla.suse.com/912035 SUSE Bug 912035 https://bugzilla.suse.com/912057 SUSE Bug 912057 https://bugzilla.suse.com/912886 SUSE Bug 912886 https://bugzilla.suse.com/913215 SUSE Bug 913215 https://bugzilla.suse.com/913221 SUSE Bug 913221 https://bugzilla.suse.com/913939 SUSE Bug 913939 https://bugzilla.suse.com/914260 SUSE Bug 914260 https://bugzilla.suse.com/914437 SUSE Bug 914437 https://bugzilla.suse.com/914900 SUSE Bug 914900 https://bugzilla.suse.com/915140 SUSE Bug 915140 https://bugzilla.suse.com/919448 SUSE Bug 919448 https://www.suse.com/security/cve/CVE-2014-0114/ SUSE CVE CVE-2014-0114 page https://www.suse.com/security/cve/CVE-2014-0240/ SUSE CVE CVE-2014-0240 page https://www.suse.com/security/cve/CVE-2014-0242/ SUSE CVE CVE-2014-0242 page https://www.suse.com/security/cve/CVE-2014-3654/ SUSE CVE CVE-2014-3654 page https://www.suse.com/security/cve/CVE-2014-7811/ SUSE CVE CVE-2014-7811 page https://www.suse.com/security/cve/CVE-2014-7812/ SUSE CVE CVE-2014-7812 page https://www.suse.com/security/cve/CVE-2014-8583/ SUSE CVE CVE-2014-8583 page https://www.suse.com/security/cve/CVE-2014-9130/ SUSE CVE CVE-2014-9130 page SUSE Manager 2.1 apache2-mod_wsgi-3.3-5.7.17 auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 cobbler-2.2.2-0.54.9 google-gson-2.2.4-0.7.52 libyaml-0-2-0.1.3-0.10.16.11 oracle-config-1.1-0.10.10.16 osa-dispatcher-5.11.33.7-0.7.16 perl-Class-Singleton-1.4-4.13.38 perl-NOCpulse-Object-1.26.13.2-0.7.13 perl-Satcon-1.20.2-0.7.6 perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 postgresql91-pltcl-9.1.15-0.3.1 pxe-default-image-0.1-0.20.56 python-enum34-1.0-0.7.33 python-gzipstream-1.10.2.2-0.7.6 rhn-custom-info-5.4.22.6-0.7.13 rhnlib-2.5.69.6-0.7.6 rhnmd-5.3.18.4-0.7.15 rhnpush-5.5.71.7-0.7.16 sm-ncc-sync-data-2.1.9-0.7.6 smdba-1.5.1-0.7.6 spacecmd-2.1.25.7-0.7.9 spacewalk-admin-2.1.2.4-0.7.6 spacewalk-backend-2.1.55.15-0.7.11 spacewalk-backend-app-2.1.55.15-0.7.11 spacewalk-backend-applet-2.1.55.15-0.7.11 spacewalk-backend-config-files-2.1.55.15-0.7.11 spacewalk-backend-config-files-common-2.1.55.15-0.7.11 spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 spacewalk-backend-iss-2.1.55.15-0.7.11 spacewalk-backend-iss-export-2.1.55.15-0.7.11 spacewalk-backend-libs-2.1.55.15-0.7.11 spacewalk-backend-package-push-server-2.1.55.15-0.7.11 spacewalk-backend-server-2.1.55.15-0.7.11 spacewalk-backend-sql-2.1.55.15-0.7.11 spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 spacewalk-backend-tools-2.1.55.15-0.7.11 spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 spacewalk-base-2.1.60.12-0.7.7 spacewalk-base-minimal-2.1.60.12-0.7.7 spacewalk-base-minimal-config-2.1.60.12-0.7.7 spacewalk-branding-2.1.33.10-0.7.16 spacewalk-certs-tools-2.1.6.5-0.7.10 spacewalk-check-2.1.16.6-0.7.9 spacewalk-client-setup-2.1.16.6-0.7.9 spacewalk-client-tools-2.1.16.6-0.7.9 spacewalk-config-2.1.5.4-0.7.15 spacewalk-doc-indexes-2.1.2.3-0.7.26 spacewalk-grail-2.1.60.12-0.7.7 spacewalk-html-2.1.60.12-0.7.7 spacewalk-java-2.1.165.14-0.7.16 spacewalk-java-config-2.1.165.14-0.7.16 spacewalk-java-lib-2.1.165.14-0.7.16 spacewalk-java-oracle-2.1.165.14-0.7.16 spacewalk-java-postgresql-2.1.165.14-0.7.16 spacewalk-pxt-2.1.60.12-0.7.7 spacewalk-reports-2.1.14.8-0.7.10 spacewalk-search-2.1.14.6-0.7.18 spacewalk-setup-2.1.14.9-0.7.6 spacewalk-setup-jabberd-2.1.0.2-0.7.6 spacewalk-sniglets-2.1.60.12-0.7.7 spacewalk-taskomatic-2.1.165.14-0.7.16 spacewalk-utils-2.1.27.12-0.7.25 spacewalksd-5.0.14.6-0.7.15 struts-1.2.9-162.33.22 supportutils-plugin-susemanager-1.0.3-0.5.5 supportutils-plugin-susemanager-client-1.0.4-0.5.5 suseRegisterInfo-2.1.9-0.7.29 susemanager-2.1.17-0.7.11 susemanager-client-config_en-pdf-2.1-0.15.24 susemanager-install_en-pdf-2.1-0.15.24 susemanager-jsp_en-2.1-0.15.23 susemanager-manuals_en-2.1-0.15.24 susemanager-proxy-quick_en-pdf-2.1-0.15.24 susemanager-reference_en-pdf-2.1-0.15.24 susemanager-schema-2.1.50.11-0.7.8 susemanager-sync-data-2.1.5-0.7.6 susemanager-tools-2.1.17-0.7.11 susemanager-user_en-pdf-2.1-0.15.24 tanukiwrapper-3.2.3-0.10.12 yum-3.2.29-0.19.30 yum-common-3.2.29-0.19.30 zypp-plugin-spacewalk-0.9.8-0.15.51 apache2-mod_wsgi-3.3-5.7.17 as a component of SUSE Manager 2.1 auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 cobbler-2.2.2-0.54.9 as a component of SUSE Manager 2.1 google-gson-2.2.4-0.7.52 as a component of SUSE Manager 2.1 libyaml-0-2-0.1.3-0.10.16.11 as a component of SUSE Manager 2.1 oracle-config-1.1-0.10.10.16 as a component of SUSE Manager 2.1 osa-dispatcher-5.11.33.7-0.7.16 as a component of SUSE Manager 2.1 perl-Class-Singleton-1.4-4.13.38 as a component of SUSE Manager 2.1 perl-NOCpulse-Object-1.26.13.2-0.7.13 as a component of SUSE Manager 2.1 perl-Satcon-1.20.2-0.7.6 as a component of SUSE Manager 2.1 perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 as a component of SUSE Manager 2.1 postgresql91-pltcl-9.1.15-0.3.1 as a component of SUSE Manager 2.1 pxe-default-image-0.1-0.20.56 as a component of SUSE Manager 2.1 python-enum34-1.0-0.7.33 as a component of SUSE Manager 2.1 python-gzipstream-1.10.2.2-0.7.6 as a component of SUSE Manager 2.1 rhn-custom-info-5.4.22.6-0.7.13 as a component of SUSE Manager 2.1 rhnlib-2.5.69.6-0.7.6 as a component of SUSE Manager 2.1 rhnmd-5.3.18.4-0.7.15 as a component of SUSE Manager 2.1 rhnpush-5.5.71.7-0.7.16 as a component of SUSE Manager 2.1 sm-ncc-sync-data-2.1.9-0.7.6 as a component of SUSE Manager 2.1 smdba-1.5.1-0.7.6 as a component of SUSE Manager 2.1 spacecmd-2.1.25.7-0.7.9 as a component of SUSE Manager 2.1 spacewalk-admin-2.1.2.4-0.7.6 as a component of SUSE Manager 2.1 spacewalk-backend-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-app-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-applet-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-config-files-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-config-files-common-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-iss-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-iss-export-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-libs-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-package-push-server-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-server-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-sql-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-tools-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 as a component of SUSE Manager 2.1 spacewalk-base-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-base-minimal-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-base-minimal-config-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-branding-2.1.33.10-0.7.16 as a component of SUSE Manager 2.1 spacewalk-certs-tools-2.1.6.5-0.7.10 as a component of SUSE Manager 2.1 spacewalk-check-2.1.16.6-0.7.9 as a component of SUSE Manager 2.1 spacewalk-client-setup-2.1.16.6-0.7.9 as a component of SUSE Manager 2.1 spacewalk-client-tools-2.1.16.6-0.7.9 as a component of SUSE Manager 2.1 spacewalk-config-2.1.5.4-0.7.15 as a component of SUSE Manager 2.1 spacewalk-doc-indexes-2.1.2.3-0.7.26 as a component of SUSE Manager 2.1 spacewalk-grail-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-html-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-java-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-java-config-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-java-lib-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-java-oracle-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-java-postgresql-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-pxt-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-reports-2.1.14.8-0.7.10 as a component of SUSE Manager 2.1 spacewalk-search-2.1.14.6-0.7.18 as a component of SUSE Manager 2.1 spacewalk-setup-2.1.14.9-0.7.6 as a component of SUSE Manager 2.1 spacewalk-setup-jabberd-2.1.0.2-0.7.6 as a component of SUSE Manager 2.1 spacewalk-sniglets-2.1.60.12-0.7.7 as a component of SUSE Manager 2.1 spacewalk-taskomatic-2.1.165.14-0.7.16 as a component of SUSE Manager 2.1 spacewalk-utils-2.1.27.12-0.7.25 as a component of SUSE Manager 2.1 spacewalksd-5.0.14.6-0.7.15 as a component of SUSE Manager 2.1 struts-1.2.9-162.33.22 as a component of SUSE Manager 2.1 supportutils-plugin-susemanager-1.0.3-0.5.5 as a component of SUSE Manager 2.1 supportutils-plugin-susemanager-client-1.0.4-0.5.5 as a component of SUSE Manager 2.1 suseRegisterInfo-2.1.9-0.7.29 as a component of SUSE Manager 2.1 susemanager-2.1.17-0.7.11 as a component of SUSE Manager 2.1 susemanager-client-config_en-pdf-2.1-0.15.24 as a component of SUSE Manager 2.1 susemanager-install_en-pdf-2.1-0.15.24 as a component of SUSE Manager 2.1 susemanager-jsp_en-2.1-0.15.23 as a component of SUSE Manager 2.1 susemanager-manuals_en-2.1-0.15.24 as a component of SUSE Manager 2.1 susemanager-proxy-quick_en-pdf-2.1-0.15.24 as a component of SUSE Manager 2.1 susemanager-reference_en-pdf-2.1-0.15.24 as a component of SUSE Manager 2.1 susemanager-schema-2.1.50.11-0.7.8 as a component of SUSE Manager 2.1 susemanager-sync-data-2.1.5-0.7.6 as a component of SUSE Manager 2.1 susemanager-tools-2.1.17-0.7.11 as a component of SUSE Manager 2.1 susemanager-user_en-pdf-2.1-0.15.24 as a component of SUSE Manager 2.1 tanukiwrapper-3.2.3-0.10.12 as a component of SUSE Manager 2.1 yum-3.2.29-0.19.30 as a component of SUSE Manager 2.1 yum-common-3.2.29-0.19.30 as a component of SUSE Manager 2.1 zypp-plugin-spacewalk-0.9.8-0.15.51 as a component of SUSE Manager 2.1 Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. CVE-2014-0114 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-0114.html CVE-2014-0114 https://bugzilla.suse.com/778464 SUSE Bug 778464 https://bugzilla.suse.com/875455 SUSE Bug 875455 https://bugzilla.suse.com/885963 SUSE Bug 885963 The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes. CVE-2014-0240 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 important 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-0240.html CVE-2014-0240 https://bugzilla.suse.com/878550 SUSE Bug 878550 mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread. CVE-2014-0242 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 important 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-0242.html CVE-2014-0242 https://bugzilla.suse.com/878553 SUSE Bug 878553 Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java 2.0.2 in Spacewalk and Red Hat Network (RHN) Satellite 5.5 and 5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) kickstart/cobbler/CustomSnippetList.do, (2) channels/software/Entitlements.do, or (3) admin/multiorg/OrgUsers.do. CVE-2014-3654 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-3654.html CVE-2014-3654 https://bugzilla.suse.com/902182 SUSE Bug 902182 Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted XML data to the REST API. CVE-2014-7811 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-7811.html CVE-2014-7811 https://bugzilla.suse.com/902915 SUSE Bug 902915 https://bugzilla.suse.com/912886 SUSE Bug 912886 https://bugzilla.suse.com/922740 SUSE Bug 922740 https://bugzilla.suse.com/969911 SUSE Bug 969911 Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allows remote authenticated users to inject arbitrary web script or HTML via the System Groups field. CVE-2014-7812 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 low 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-7812.html CVE-2014-7812 https://bugzilla.suse.com/912886 SUSE Bug 912886 mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors. CVE-2014-8583 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-8583.html CVE-2014-8583 https://bugzilla.suse.com/903961 SUSE Bug 903961 https://bugzilla.suse.com/907649 SUSE Bug 907649 https://bugzilla.suse.com/983032 SUSE Bug 983032 scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping. CVE-2014-9130 SUSE Manager 2.1:apache2-mod_wsgi-3.3-5.7.17 SUSE Manager 2.1:auditlog-keeper-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-rdbms-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-spacewalk-validator-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-syslog-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:auditlog-keeper-xmlout-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:cobbler-2.2.2-0.54.9 SUSE Manager 2.1:google-gson-2.2.4-0.7.52 SUSE Manager 2.1:libyaml-0-2-0.1.3-0.10.16.11 SUSE Manager 2.1:oracle-config-1.1-0.10.10.16 SUSE Manager 2.1:osa-dispatcher-5.11.33.7-0.7.16 SUSE Manager 2.1:perl-Class-Singleton-1.4-4.13.38 SUSE Manager 2.1:perl-NOCpulse-Object-1.26.13.2-0.7.13 SUSE Manager 2.1:perl-Satcon-1.20.2-0.7.6 SUSE Manager 2.1:perl-auditlog-keeper-client-0.2.3+git.1417708457.eabd1a9-0.7.58 SUSE Manager 2.1:postgresql91-pltcl-9.1.15-0.3.1 SUSE Manager 2.1:pxe-default-image-0.1-0.20.56 SUSE Manager 2.1:python-enum34-1.0-0.7.33 SUSE Manager 2.1:python-gzipstream-1.10.2.2-0.7.6 SUSE Manager 2.1:rhn-custom-info-5.4.22.6-0.7.13 SUSE Manager 2.1:rhnlib-2.5.69.6-0.7.6 SUSE Manager 2.1:rhnmd-5.3.18.4-0.7.15 SUSE Manager 2.1:rhnpush-5.5.71.7-0.7.16 SUSE Manager 2.1:sm-ncc-sync-data-2.1.9-0.7.6 SUSE Manager 2.1:smdba-1.5.1-0.7.6 SUSE Manager 2.1:spacecmd-2.1.25.7-0.7.9 SUSE Manager 2.1:spacewalk-admin-2.1.2.4-0.7.6 SUSE Manager 2.1:spacewalk-backend-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-app-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-applet-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-common-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-config-files-tool-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-iss-export-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-package-push-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-server-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-oracle-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-sql-postgresql-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-tools-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xml-export-libs-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-backend-xmlrpc-2.1.55.15-0.7.11 SUSE Manager 2.1:spacewalk-base-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-base-minimal-config-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-branding-2.1.33.10-0.7.16 SUSE Manager 2.1:spacewalk-certs-tools-2.1.6.5-0.7.10 SUSE Manager 2.1:spacewalk-check-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-setup-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-client-tools-2.1.16.6-0.7.9 SUSE Manager 2.1:spacewalk-config-2.1.5.4-0.7.15 SUSE Manager 2.1:spacewalk-doc-indexes-2.1.2.3-0.7.26 SUSE Manager 2.1:spacewalk-grail-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-html-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-java-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-config-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-lib-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-oracle-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-java-postgresql-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-pxt-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-reports-2.1.14.8-0.7.10 SUSE Manager 2.1:spacewalk-search-2.1.14.6-0.7.18 SUSE Manager 2.1:spacewalk-setup-2.1.14.9-0.7.6 SUSE Manager 2.1:spacewalk-setup-jabberd-2.1.0.2-0.7.6 SUSE Manager 2.1:spacewalk-sniglets-2.1.60.12-0.7.7 SUSE Manager 2.1:spacewalk-taskomatic-2.1.165.14-0.7.16 SUSE Manager 2.1:spacewalk-utils-2.1.27.12-0.7.25 SUSE Manager 2.1:spacewalksd-5.0.14.6-0.7.15 SUSE Manager 2.1:struts-1.2.9-162.33.22 SUSE Manager 2.1:supportutils-plugin-susemanager-1.0.3-0.5.5 SUSE Manager 2.1:supportutils-plugin-susemanager-client-1.0.4-0.5.5 SUSE Manager 2.1:suseRegisterInfo-2.1.9-0.7.29 SUSE Manager 2.1:susemanager-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-client-config_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-install_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-jsp_en-2.1-0.15.23 SUSE Manager 2.1:susemanager-manuals_en-2.1-0.15.24 SUSE Manager 2.1:susemanager-proxy-quick_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-reference_en-pdf-2.1-0.15.24 SUSE Manager 2.1:susemanager-schema-2.1.50.11-0.7.8 SUSE Manager 2.1:susemanager-sync-data-2.1.5-0.7.6 SUSE Manager 2.1:susemanager-tools-2.1.17-0.7.11 SUSE Manager 2.1:susemanager-user_en-pdf-2.1-0.15.24 SUSE Manager 2.1:tanukiwrapper-3.2.3-0.10.12 SUSE Manager 2.1:yum-3.2.29-0.19.30 SUSE Manager 2.1:yum-common-3.2.29-0.19.30 SUSE Manager 2.1:zypp-plugin-spacewalk-0.9.8-0.15.51 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement//suse-ru-20150611-1/ https://www.suse.com/security/cve/CVE-2014-9130.html CVE-2014-9130 https://bugzilla.suse.com/907809 SUSE Bug 907809 https://bugzilla.suse.com/911782 SUSE Bug 911782 https://bugzilla.suse.com/921588 SUSE Bug 921588