{"affected":[{"ecosystem_specific":{"binaries":[{"rmt-server":"2.1.4-lp150.2.16.1","rmt-server-pubcloud":"2.1.4-lp150.2.16.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.0","name":"rmt-server","purl":"pkg:rpm/opensuse/rmt-server&distro=openSUSE%20Leap%2015.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.4-lp150.2.16.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for rmt-server to version 2.1.4 fixes the following issues:\n\n- Fix duplicate nginx location in rmt-server-pubcloud (bsc#1135222)\n- Mirror additional repos that were enabled during mirroring (bsc#1132690)\n- Make service IDs consistent across different RMT instances (bsc#1134428)\n- Make SMT data import scripts faster (bsc#1134190)\n- Fix incorrect triggering of registration sharing (bsc#1129392)\n- Fix license mirroring issue in some non-SUSE repositories (bsc#1128858)\n- Set CURLOPT_LOW_SPEED_LIMIT to prevent downloads from getting stuck (bsc#1107806)\n- Truncate the RMT lockfile when writing a new PID (bsc#1125770)\n- Fix missing trailing slashes on custom repository import from SMT (bsc#1118745)\n- Zypper authentication plugin (fate#326629)\n- Instance verification plugin in rmt-server-pubcloud (fate#326629)\n- Update dependencies to fix vulnerabilities in rails (CVE-2019-5419, bsc#1129271) and nokogiri (CVE-2019-11068, bsc#1132160)\n- Allow RMT registration to work under HTTP as well as HTTPS.\n- Offline migration from SLE 15 to SLE 15 SP1 will add Python2 module \n- Online migrations will automatically add additional modules to the client systems depending on the base product\n- Supply log severity to journald\n- Breaking Change: Added headers to generated CSV files\n\nThis update was imported from the SUSE:SLE-15:Update update project.","id":"openSUSE-SU-2019:1527-1","modified":"2019-06-07T15:13:07Z","published":"2019-06-07T15:13:07Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6IH56YOTZGFXNOIR75H2UYJCQOA2UAJA/#6IH56YOTZGFXNOIR75H2UYJCQOA2UAJA"},{"type":"REPORT","url":"https://bugzilla.suse.com/1107806"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117722"},{"type":"REPORT","url":"https://bugzilla.suse.com/1118745"},{"type":"REPORT","url":"https://bugzilla.suse.com/1125770"},{"type":"REPORT","url":"https://bugzilla.suse.com/1128858"},{"type":"REPORT","url":"https://bugzilla.suse.com/1129271"},{"type":"REPORT","url":"https://bugzilla.suse.com/1129392"},{"type":"REPORT","url":"https://bugzilla.suse.com/1132160"},{"type":"REPORT","url":"https://bugzilla.suse.com/1132690"},{"type":"REPORT","url":"https://bugzilla.suse.com/1134190"},{"type":"REPORT","url":"https://bugzilla.suse.com/1134428"},{"type":"REPORT","url":"https://bugzilla.suse.com/1135222"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-11068"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5419"}],"related":["CVE-2019-11068","CVE-2019-5419"],"summary":"Security update for rmt-server","upstream":["CVE-2019-11068","CVE-2019-5419"]}