{"affected":[],"aliases":[],"details":"This update fixes the following issues:\n\ngolang-github-prometheus-alertmanager:\n\n- CVE-2022-21698: Denial of service using InstrumentHandlerCounter\n  * Update vendor tarball with prometheus/client_golang 1.11.1 (bsc#1196338, jsc#SLE-24077)\n- Update to version 0.23.0:\n  * amtool: Detect version drift and warn users (#2672)\n  * Add ability to skip TLS verification for amtool (#2663)\n  * Fix empty isEqual in amtool. (#2668)\n  * Fix main tests (#2670)\n  * cli: add new template render command (#2538)\n  * OpsGenie: refer to alert instead of incident (#2609)\n  * Docs: target_match and source_match are DEPRECATED (#2665)\n  * Fix test not waiting for cluster member to be ready\n- Added hardening to systemd service(s) (bsc#1181400).\n\ngolang-github-prometheus-prometheus:\n\n- Build firewalld-prometheus-config only for SUSE Linux Enterprise 15, 15.1 and 15.2, and require firewalld for it\n- Firewalld-prometheus-config needs to be a Recommends, not a\n  Requires, as prometheus does not require it to run\n- Create firewalld-prometheus-config subpackage (bsc#1197042)\n- CVE-2022-21698: Denial of service using InstrumentHandlerCounter. \n  * Update vendor tarball with prometheus/client_golang 1.12.1  (bsc#1196338)\n\nmgr-cfg:\n\n- Version 4.3.6-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15 (bsc#1197579)\n\nmgr-osad:\n\n- Version 4.3.6-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15\n\nmgr-push:\n\n- Version 4.3.4-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15\n\nmgr-virtualization:\n\n- Version 4.3.5-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15\n\nrhnlib:\n\n- Version 4.3.4-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15\n\nsalt:\n\n- Prevent data pollution between actions proceesed at the same time (bsc#1197637)\n- Fix regression preventing bootstrapping new clients caused by redundant dependency on psutil (bsc#1197533)\n- Fixes for Python 3.10\n- Fix salt-ssh opts poisoning (bsc#1197637)\n- Fix multiple security issues for salt (bsc#1197417):\n  * CVE-2022-22935: Sign authentication replies to prevent MiTM.\n  * CVE-2022-22934: Sign pillar data to prevent MiTM attacks.\n  * CVE-2022-22936: Prevent job and fileserver replays. \n  * CVE-2022-22941: Fixed targeting bug, especially visible when using syndic and user auth.\n\nspacecmd:\n\n- Version 4.3.10-1\n  * parse boolean parameters correctly (bsc#1197689)\n  * Add parameter to set containerized proxy SSH port\n\nspacewalk-client-tools:\n\n- Version 4.3.9-1\n  * Fix the condition for preventing building python 2 subpackage\n    for SLE15\n\nspacewalk-koan:\n\n- Version 4.3.5-1\n  * Fix the condition for preventing building python 2 subpackage for SLE15\n\nspacewalk-oscap:\n\n- Version 4.3.5-1\n  * Fix the condition for preventing building python 2 subpackage for SLE15\n\nsuseRegisterInfo:\n\n- Version 4.3.3-1\n  * Fix the condition for preventing building python 2 subpackage for SLE15\n\nuyuni-common-libs:\n\n- Version 4.3.4-1\n  * implement more decompression algorithms for reposync (bsc#1196704)\n\nuyuni-proxy-systemd-services:\n\n- Version 4.3.2-1\n  * Harmonize systemd services names and container names  \n  * Adapted to work on Enterprise Linux.\n  * Add package to SLE and Client tools (jsc#SLE-24145)\n","id":"SUSE-SU-2022:1545-1","modified":"2022-05-05T10:11:10Z","published":"2022-05-05T10:11:10Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2022/suse-su-20221545-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181400"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196338"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196704"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197042"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197417"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197579"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197637"},{"type":"REPORT","url":"https://bugzilla.suse.com/1197689"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-21698"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-22934"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-22935"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-22936"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-22941"}],"related":["CVE-2022-21698","CVE-2022-22934","CVE-2022-22935","CVE-2022-22936","CVE-2022-22941"],"summary":"Security Beta update for SUSE Manager Client Tools","upstream":["CVE-2022-21698","CVE-2022-22934","CVE-2022-22935","CVE-2022-22936","CVE-2022-22941"]}