{"affected":[{"ecosystem_specific":{"binaries":[{"golang":"1.20.12-1.3.1","golang-bin":"1.20.12-1.3.1","golang-docs":"1.20.12-1.3.1","golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","golang-misc":"1.20.12-1.3.1","golang-src":"1.20.12-1.3.1","golang-tests":"1.20.12-1.3.1","mgradm":"0.1.23-1.11.1","mgradm-bash-completion":"0.1.23-1.11.1","mgradm-zsh-completion":"0.1.23-1.11.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","mgrpxy":"0.1.23-1.11.1","mgrpxy-bash-completion":"0.1.23-1.11.1","mgrpxy-zsh-completion":"0.1.23-1.11.1","scap-security-guide":"0.1.74-1.29.1","scap-security-guide-debian":"0.1.74-1.29.1","scap-security-guide-redhat":"0.1.74-1.29.1","scap-security-guide-ubuntu":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:EL-9:Update:Products:ManagerTools:Update","name":"golang","purl":"pkg:rpm/suse/golang&distro=SUSE:EL-9:Update:Products:ManagerTools:Update"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.20.12-1.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang":"1.20.12-1.3.1","golang-bin":"1.20.12-1.3.1","golang-docs":"1.20.12-1.3.1","golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","golang-misc":"1.20.12-1.3.1","golang-src":"1.20.12-1.3.1","golang-tests":"1.20.12-1.3.1","mgradm":"0.1.23-1.11.1","mgradm-bash-completion":"0.1.23-1.11.1","mgradm-zsh-completion":"0.1.23-1.11.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","mgrpxy":"0.1.23-1.11.1","mgrpxy-bash-completion":"0.1.23-1.11.1","mgrpxy-zsh-completion":"0.1.23-1.11.1","scap-security-guide":"0.1.74-1.29.1","scap-security-guide-debian":"0.1.74-1.29.1","scap-security-guide-redhat":"0.1.74-1.29.1","scap-security-guide-ubuntu":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:EL-9:Update:Products:ManagerTools:Update","name":"golang-github-lusitaniae-apache_exporter","purl":"pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE:EL-9:Update:Products:ManagerTools:Update"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.8-1.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang":"1.20.12-1.3.1","golang-bin":"1.20.12-1.3.1","golang-docs":"1.20.12-1.3.1","golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","golang-misc":"1.20.12-1.3.1","golang-src":"1.20.12-1.3.1","golang-tests":"1.20.12-1.3.1","mgradm":"0.1.23-1.11.1","mgradm-bash-completion":"0.1.23-1.11.1","mgradm-zsh-completion":"0.1.23-1.11.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","mgrpxy":"0.1.23-1.11.1","mgrpxy-bash-completion":"0.1.23-1.11.1","mgrpxy-zsh-completion":"0.1.23-1.11.1","scap-security-guide":"0.1.74-1.29.1","scap-security-guide-debian":"0.1.74-1.29.1","scap-security-guide-redhat":"0.1.74-1.29.1","scap-security-guide-ubuntu":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:EL-9:Update:Products:ManagerTools:Update","name":"scap-security-guide","purl":"pkg:rpm/suse/scap-security-guide&distro=SUSE:EL-9:Update:Products:ManagerTools:Update"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.74-1.29.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang":"1.20.12-1.3.1","golang-bin":"1.20.12-1.3.1","golang-docs":"1.20.12-1.3.1","golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","golang-misc":"1.20.12-1.3.1","golang-src":"1.20.12-1.3.1","golang-tests":"1.20.12-1.3.1","mgradm":"0.1.23-1.11.1","mgradm-bash-completion":"0.1.23-1.11.1","mgradm-zsh-completion":"0.1.23-1.11.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","mgrpxy":"0.1.23-1.11.1","mgrpxy-bash-completion":"0.1.23-1.11.1","mgrpxy-zsh-completion":"0.1.23-1.11.1","scap-security-guide":"0.1.74-1.29.1","scap-security-guide-debian":"0.1.74-1.29.1","scap-security-guide-redhat":"0.1.74-1.29.1","scap-security-guide-ubuntu":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:EL-9:Update:Products:ManagerTools:Update","name":"spacecmd","purl":"pkg:rpm/suse/spacecmd&distro=SUSE:EL-9:Update:Products:ManagerTools:Update"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.10-1.41.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang":"1.20.12-1.3.1","golang-bin":"1.20.12-1.3.1","golang-docs":"1.20.12-1.3.1","golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","golang-misc":"1.20.12-1.3.1","golang-src":"1.20.12-1.3.1","golang-tests":"1.20.12-1.3.1","mgradm":"0.1.23-1.11.1","mgradm-bash-completion":"0.1.23-1.11.1","mgradm-zsh-completion":"0.1.23-1.11.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","mgrpxy":"0.1.23-1.11.1","mgrpxy-bash-completion":"0.1.23-1.11.1","mgrpxy-zsh-completion":"0.1.23-1.11.1","scap-security-guide":"0.1.74-1.29.1","scap-security-guide-debian":"0.1.74-1.29.1","scap-security-guide-redhat":"0.1.74-1.29.1","scap-security-guide-ubuntu":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:EL-9:Update:Products:ManagerTools:Update","name":"uyuni-tools","purl":"pkg:rpm/suse/uyuni-tools&distro=SUSE:EL-9:Update:Products:ManagerTools:Update"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.23-1.11.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","scap-security-guide-redhat":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS","name":"golang-github-lusitaniae-apache_exporter","purl":"pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%20for%20RHEL,%20Liberty%20and%20Clones%209-CLIENT-TOOLS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.8-1.14.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","scap-security-guide-redhat":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS","name":"scap-security-guide","purl":"pkg:rpm/suse/scap-security-guide&distro=SUSE%20Manager%20Client%20Tools%20for%20RHEL,%20Liberty%20and%20Clones%209-CLIENT-TOOLS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.74-1.29.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","scap-security-guide-redhat":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS","name":"spacecmd","purl":"pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%20for%20RHEL,%20Liberty%20and%20Clones%209-CLIENT-TOOLS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"5.0.10-1.41.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"golang-github-lusitaniae-apache_exporter":"1.0.8-1.14.1","mgrctl":"0.1.23-1.11.1","mgrctl-bash-completion":"0.1.23-1.11.1","mgrctl-zsh-completion":"0.1.23-1.11.1","scap-security-guide-redhat":"0.1.74-1.29.1","spacecmd":"5.0.10-1.41.1"}]},"package":{"ecosystem":"SUSE:Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS","name":"uyuni-tools","purl":"pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20RHEL,%20Liberty%20and%20Clones%209-CLIENT-TOOLS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.1.23-1.11.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter was updated from version 1.0.1 to 1.0.8:\n\n- Security issues fixed:\n\n  * CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 (bsc#1213933)\n\n- Bugs fixed:\n\n  * Require Go 1.20 when building for RedHat derivatives\n  * Version 1.0.8 (bsc#1227341):\n\n    + Update prometheus/client_golang to version 1.19.1\n    + Update x/net to version 0.23.0\n\n  * Version 1.0.7:\n\n    + Update protobuf to version 1.33.0\n    + Update prometheus/client_golang to version 1.19.0\n    + Update prometheus/common to version 0.46.0\n    + Standardize landing page\n\n  * Version 1.0.6:\n\n    + Update prometheus/exporter-toolkit to version 0.11.0\n    + Update prometheus/client_golang to version 1.18.0\n    + Added User-Agent header\n\n  * Version 1.0.4:\n\n    + Update x/crypto to version 0.17.0\n    + Update alecthomas/kingpin/v2 to version 2.4.0\n    + Update prometheus/common to version 0.45.0\n\n  * Version 1.0.3:\n\n    + Update prometheus/client_golang to version 1.17.0\n    + Update x/net 0.17.0\n\n  * Version 1.0.1:\n\n    + Update prometheus/exporter-toolkit to version 0.10.0\n    + Update prometheus/common to version 0.44.0\n    + Update prometheus/client_golang to version 1.16.0\n\nscap-security-guide was updated from version 0.1.73 to 0.1.74:\n\n- Version 0.1.74 (jsc#ECO-3319):\n    \n  * Added Amazon Linux 2023 product\n  * Introduce new remediation type Kickstart\n  * Make PAM macros more flexible to variables\n  * Remove Debian 10 Product\n  * Remove Red Hat Enterprise Linux 7 product\n  * Update CIS RHEL9 control file to v2.0.0\n\nspacecmd was updated from version 5.0.9-0 to 5.0.10-0:\n\n- Version 5.0.10-0:\n\n  * Speed up softwarechannel_removepackages (bsc#1227606)\n  * Fixed error in 'kickstart_delete' when using wildcards\n    (bsc#1227578)\n  * Spacecmd bootstrap now works with specified port (bsc#1229437)\n  * Fixed sls backup creation as directory with spacecmd (bsc#1230745)\n\nuyuni-tools was updated from version 0.1.21-0 to 0.1.23-0:\n\n- Version 0.1.23-0:\n\n  * Ensure namespace is defined in all kubernetes commands\n  * Use SCC credentials to authenticate against registry.suse.com\n    for kubernetes (bsc#1231157)\n  * Fixed namespace usage on mgrctl cp command\n\n- Version 0.1.22-0:\n\n  * Set projectId also for test packages/images\n  * mgradm migration should not pull Confidential Computing and Hub\n    image is replicas == 0 (bsc#1229432, bsc#1230136)\n  * Do not allow SUSE Manager downgrade\n  * Prevent completion issue when /var/log/uyuni-tools.log is missing\n  * Fixed proxy shared volume flag\n  * During migration, exclude mgr-sync configuration file (bsc#1228685)\n  * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and\n    postgresql.conf files (bsc#1231206)\n  * During migration, handle empty autoinstallation path (bsc#1230285)\n  * During migration, handle symlinks (bsc#1230288)\n  * During migration, trust the remote sender's file list (bsc#1228424)\n  * Use SCC flags during podman pull\n  * Restore SELinux permission after migration (bsc#1229501)\n  * Share volumes between containers (bsc#1223142)\n  * Save supportconfig in current directory (bsc#1226759)\n  * Fixed error code handling on reinstallation (bsc#1230139)\n  * Fixed creation of first user and organization\n  * Added missing variable quotes for install vars (bsc#1229108)\n  * Added API login and logout calls to allow persistent login\n\n","id":"SUSE-SU-2024:4019-1","modified":"2024-11-18T13:24:46Z","published":"2024-11-18T13:24:46Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20244019-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213933"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223142"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226759"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227341"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227578"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227606"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228424"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228685"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229108"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229432"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229437"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229501"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230136"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230139"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230285"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230288"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230745"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231157"},{"type":"REPORT","url":"https://bugzilla.suse.com/1231206"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-3978"}],"related":["CVE-2023-3978"],"summary":"Security update for SUSE Manager Client Tools","upstream":["CVE-2023-3978"]}