suse-su-2019:2317-1
Vulnerability from csaf_suse
Published
2019-09-06 07:15
Modified
2019-09-06 07:15
Summary
Security update for SUSE Manager Client Tools
Notes
Title of the patch
Security update for SUSE Manager Client Tools
Description of the patch
This update fixes the following issues:
golang-github-prometheus-prometheus:
- Add support for Uyuni/SUSE Manager service discovery
+ Added 0003-Add-Uyuni-service-discovery
- Readded _service file removed in error.
- Update to 2.11.1
+ Bug Fix:
* Fix potential panic when prometheus is watching multiple zookeeper paths.
- Update to 2.11.0
+ Bug Fix:
* resolve race condition in maxGauge.
* Fix ZooKeeper connection leak.
* Improved atomicity of .tmp block replacement during compaction for usual case.
* Fix 'unknown series references' after clean shutdown.
* Re-calculate block size when calling block.Delete.
* Fix unsafe snapshots with head block.
* prometheus_tsdb_compactions_failed_total is now incremented on any compaction failure.
+ Changes:
* Remove max_retries from queue_config (it has been unused since rewriting remote-write to utilize the write-ahead-log)
* The meta file BlockStats no longer holds size information. This is now dynamically calculated and kept in memory. It also includes the meta file size which was not included before
* Renamed metric from prometheus_tsdb_wal_reader_corruption_errors to prometheus_tsdb_wal_reader_corruption_errors_total
+ Features:
* Add option to use Alertmanager API v2.
* Added humanizePercentage function for templates.
* Include InitContainers in Kubernetes Service Discovery.
* Provide option to compress WAL records using Snappy.
+ Enhancements:
* Create new clean segment when starting the WAL.
* Reduce allocations in PromQL aggregations.
* Add storage warnings to LabelValues and LabelNames API results.
* Add prometheus_http_requests_total metric.
* Enable openbsd/arm build.
* Remote-write allocation improvements.
* Query performance improvement: Efficient iteration and search in HashForLabels and HashWithoutLabels.
* Allow injection of arbitrary headers in promtool.
* Allow passing external_labels in alert unit tests groups.
* Allows globs for rules when unit testing.
* Improved postings intersection matching.
* Reduced disk usage for WAL for small setups.
* Optimize queries using regexp for set lookups.
- Rebase patch002-Default-settings.patch
- Update to 2.10.0:
+ Bug Fixes:
* TSDB: Don't panic when running out of disk space and recover nicely from the condition
* TSDB: Correctly handle empty labels.
* TSDB: Don't crash on an unknown tombstone reference.
* Storage/remote: Remove queue-manager specific metrics if queue no longer exists.
* PromQL: Correctly display {__name__='a'}.
* Discovery/kubernetes: Use service rather than ingress as the name for the service workqueue.
* Discovery/azure: Don't panic on a VM with a public IP.
* Web: Fixed Content-Type for js and css instead of using /etc/mime.types.
* API: Encode alert values as string to correctly represent Inf/NaN.
+ Features:
* Template expansion: Make external labels available as $externalLabels in alert and console template expansion.
* TSDB: Add prometheus_tsdb_wal_segment_current metric for the WAL segment index that TSDB is currently writing to. tsdb
* Scrape: Add scrape_series_added per-scrape metric. #5546
+ Enhancements
* Discovery/kubernetes: Add labels __meta_kubernetes_endpoint_node_name and __meta_kubernetes_endpoint_hostname.
* Discovery/azure: Add label __meta_azure_machine_public_ip.
* TSDB: Simplify mergedPostings.Seek, resulting in better performance if there are many posting lists. tsdb
* Log filesystem type on startup.
* Cmd/promtool: Use POST requests for Query and QueryRange. client_golang
* Web: Sort alerts by group name.
* Console templates: Add convenience variables $rawParams, $params, $path.
- Upadte to 2.9.2
+ Bug Fixes:
* Make sure subquery range is taken into account for selection
* Exhaust every request body before closing it
* Cmd/promtool: return errors from rule evaluations
* Remote Storage: string interner should not panic in release
* Fix memory allocation regression in mergedPostings.Seek tsdb
- Update to 2.9.1
+ Bug Fixes:
* Discovery/kubernetes: fix missing label sanitization
* Remote_write: Prevent reshard concurrent with calling stop
- Update to 2.9.0
+ Feature:
* Add honor_timestamps scrape option.
+ Enhancements:
* Update Consul to support catalog.ServiceMultipleTags.
* Discovery/kubernetes: add present labels for labels/annotations.
* OpenStack SD: Add ProjectID and UserID meta labels.
* Add GODEBUG and retention to the runtime page.
* Add support for POSTing to /series endpoint.
* Support PUT methods for Lifecycle and Admin APIs.
* Scrape: Add global jitter for HA server.
* Check for cancellation on every step of a range evaluation.
* String interning for labels & values in the remote_write path.
* Don't lose the scrape cache on a failed scrape.
* Reload cert files from disk automatically. common
* Use fixed length millisecond timestamp format for logs. common
* Performance improvements for postings.
Bug Fixes:
* Remote Write: fix checkpoint reading.
* Check if label value is valid when unmarshaling external labels from YAML.
* Promparse: sort all labels when parsing.
* Reload rules: copy state on both name and labels.
* Exponentation operator to drop metric name in result of operation.
* Config: resolve more file paths.
* Promtool: resolve relative paths in alert test files.
* Set TLSHandshakeTimeout in HTTP transport. common
* Use fsync to be more resilient to machine crashes.
* Keep series that are still in WAL in checkpoints.
- Update to 2.8.1
+ Bug Fixes
* Display the job labels in /targets which was removed accidentally
- Update to 2.8.0
+ Change:
* This release uses Write-Ahead Logging (WAL) for the remote_write API. This currently causes a slight increase in memory usage, which will be addressed in future releases.
* Default time retention is used only when no size based retention is specified. These are flags where time retention is specified by the flag --storage.tsdb.retention and size retention by --storage.tsdb.retention.size.
* prometheus_tsdb_storage_blocks_bytes_total is now prometheus_tsdb_storage_blocks_bytes.
+ Feature:
* (EXPERIMENTAL) Time overlapping blocks are now allowed; vertical compaction and vertical query merge. It is an optional feature which is controlled by the --storage.tsdb.allow-overlapping-blocks flag, disabled by default.
+ Enhancements:
* Use the WAL for remote_write API.
* Query performance improvements.
* UI enhancements with upgrade to Bootstrap 4.
* Reduce time that Alertmanagers are in flux when reloaded.
* Limit number of metrics displayed on UI to 10000.
* (1) Remember All/Unhealthy choice on target-overview when reloading page. (2) Resize text-input area on Graph page on mouseclick.
* In histogram_quantile merge buckets with equivalent le values.
* Show list of offending labels in the error message in many-to-many scenarios.
* Show Storage Retention criteria in effect on /status page.
+ Bug Fixes:
+ Fix sorting of rule groups.
+ Fix support for password_file and bearer_token_file in Kubernetes SD.
+ Scrape: catch errors when creating HTTP clients
+ Adds new metrics:
prometheus_target_scrape_pools_total
prometheus_target_scrape_pools_failed_total
prometheus_target_scrape_pool_reloads_total
prometheus_target_scrape_pool_reloads_failed_total
+ Fix panic when aggregator param is not a literal.
mgr-cfg:
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-daemon:
- Fix systemd timer configuration on SLE12 (bsc#1142038)
mgr-osad:
- Fix obsolete for old osad packages, to allow installing mgr-osad
even by using osad at yum/zyppper install (bsc#1139453)
- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)
mgr-virtualization:
- Fix missing python 3 ugettext (bsc#1138494)
- Fix package dependencies to prevent file conflict (bsc#1143856)
rhnlib:
- Add SNI support for clients
- Fix initialize ssl connection (bsc#1144155)
- Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)
spacecmd:
- Bugfix: referenced variable before assignment.
- Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
- Add unit tests for custominfo, snippet, scap, ssm, cryptokey and distribution
- Fix missing runtime dependencies that made spacecmd return old versions of
packages in some cases, even if newer ones were available (bsc#1148311)
spacewalk-backend:
- Do not overwrite comps and module data with older versions
- Fix issue with 'dists' keyword in url hostname
- Import packages from all collections of a patch not just first one
- Ensure bytes type when using hashlib to avoid traceback
on XMLRPC call to 'registration.register_osad' (bsc#1138822)
- Do not duplicate 'http://' protocol when using proxies with 'deb'
repositories (bsc#1138313)
- Fix reposync when dealing with RedHat CDN (bsc#1138358)
- Fix for CVE-2019-10136. An attacker with a valid, but expired,
authenticated set of headers could move some digits around,
artificially extending the session validity without modifying
the checksum. (bsc#1136480)
- Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)
- Add journalctl output to spacewalk-debug tarballs
- Prevent unnecessary triggering of channel-repodata tasks when GPG
signing is disabled (bsc#1137715)
- Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)
- Add support for ULN repositories on new Zypper based reposync.
- Don't skip Deb package tags on package import (bsc#1130040)
- For backend-libs subpackages, exclude files for the server
(already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
- prevent duplicate key violates on repo-sync with long changelog
entries (bsc#1144889)
spacewalk-remote-utils:
- Add RHEL8
Patchnames
SUSE-2019-2317,SUSE-SLE-Manager-Tools-15-2019-2317,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2317,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2317
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\ngolang-github-prometheus-prometheus:\n\n- Add support for Uyuni/SUSE Manager service discovery\n + Added 0003-Add-Uyuni-service-discovery \n- Readded _service file removed in error. \n- Update to 2.11.1 \n + Bug Fix:\n * Fix potential panic when prometheus is watching multiple zookeeper paths.\n- Update to 2.11.0\n + Bug Fix:\n * resolve race condition in maxGauge. \n * Fix ZooKeeper connection leak. \n * Improved atomicity of .tmp block replacement during compaction for usual case. \n * Fix \u0027unknown series references\u0027 after clean shutdown. \n * Re-calculate block size when calling block.Delete. \n * Fix unsafe snapshots with head block. \n * prometheus_tsdb_compactions_failed_total is now incremented on any compaction failure. \n + Changes:\n * Remove max_retries from queue_config (it has been unused since rewriting remote-write to utilize the write-ahead-log)\n * The meta file BlockStats no longer holds size information. This is now dynamically calculated and kept in memory. It also includes the meta file size which was not included before\n * Renamed metric from prometheus_tsdb_wal_reader_corruption_errors to prometheus_tsdb_wal_reader_corruption_errors_total\n + Features:\n * Add option to use Alertmanager API v2. \n * Added humanizePercentage function for templates. \n * Include InitContainers in Kubernetes Service Discovery. \n * Provide option to compress WAL records using Snappy. \n + Enhancements:\n * Create new clean segment when starting the WAL. \n * Reduce allocations in PromQL aggregations. \n * Add storage warnings to LabelValues and LabelNames API results. \n * Add prometheus_http_requests_total metric. \n * Enable openbsd/arm build. \n * Remote-write allocation improvements. \n * Query performance improvement: Efficient iteration and search in HashForLabels and HashWithoutLabels. \n * Allow injection of arbitrary headers in promtool. \n * Allow passing external_labels in alert unit tests groups. \n * Allows globs for rules when unit testing.\n * Improved postings intersection matching. \n * Reduced disk usage for WAL for small setups. \n * Optimize queries using regexp for set lookups. \n- Rebase patch002-Default-settings.patch \n- Update to 2.10.0:\n + Bug Fixes:\n * TSDB: Don\u0027t panic when running out of disk space and recover nicely from the condition\n * TSDB: Correctly handle empty labels.\n * TSDB: Don\u0027t crash on an unknown tombstone reference. \n * Storage/remote: Remove queue-manager specific metrics if queue no longer exists. \n * PromQL: Correctly display {__name__=\u0027a\u0027}. \n * Discovery/kubernetes: Use service rather than ingress as the name for the service workqueue. \n * Discovery/azure: Don\u0027t panic on a VM with a public IP. \n * Web: Fixed Content-Type for js and css instead of using /etc/mime.types.\n * API: Encode alert values as string to correctly represent Inf/NaN. \n + Features:\n * Template expansion: Make external labels available as $externalLabels in alert and console template expansion. \n * TSDB: Add prometheus_tsdb_wal_segment_current metric for the WAL segment index that TSDB is currently writing to. tsdb\n * Scrape: Add scrape_series_added per-scrape metric. #5546\n + Enhancements\n * Discovery/kubernetes: Add labels __meta_kubernetes_endpoint_node_name and __meta_kubernetes_endpoint_hostname. \n * Discovery/azure: Add label __meta_azure_machine_public_ip. \n * TSDB: Simplify mergedPostings.Seek, resulting in better performance if there are many posting lists. tsdb\n * Log filesystem type on startup. \n * Cmd/promtool: Use POST requests for Query and QueryRange. client_golang\n * Web: Sort alerts by group name. \n * Console templates: Add convenience variables $rawParams, $params, $path.\n- Upadte to 2.9.2\n + Bug Fixes:\n * Make sure subquery range is taken into account for selection \n * Exhaust every request body before closing it \n * Cmd/promtool: return errors from rule evaluations \n * Remote Storage: string interner should not panic in release \n * Fix memory allocation regression in mergedPostings.Seek tsdb\n- Update to 2.9.1\n + Bug Fixes:\n * Discovery/kubernetes: fix missing label sanitization \n * Remote_write: Prevent reshard concurrent with calling stop \n- Update to 2.9.0 \n + Feature: \n * Add honor_timestamps scrape option.\n + Enhancements:\t\n * Update Consul to support catalog.ServiceMultipleTags.\n * Discovery/kubernetes: add present labels for labels/annotations.\n * OpenStack SD: Add ProjectID and UserID meta labels.\n * Add GODEBUG and retention to the runtime page. \n * Add support for POSTing to /series endpoint. \n * Support PUT methods for Lifecycle and Admin APIs.\n * Scrape: Add global jitter for HA server.\n * Check for cancellation on every step of a range evaluation. \n * String interning for labels \u0026 values in the remote_write path.\n * Don\u0027t lose the scrape cache on a failed scrape.\n * Reload cert files from disk automatically. common\n * Use fixed length millisecond timestamp format for logs. common\n * Performance improvements for postings. \n Bug Fixes:\n * Remote Write: fix checkpoint reading. \n * Check if label value is valid when unmarshaling external labels from YAML. \n * Promparse: sort all labels when parsing. \n * Reload rules: copy state on both name and labels. \n * Exponentation operator to drop metric name in result of operation. \n * Config: resolve more file paths. \n * Promtool: resolve relative paths in alert test files. \n * Set TLSHandshakeTimeout in HTTP transport. common\n * Use fsync to be more resilient to machine crashes. \n * Keep series that are still in WAL in checkpoints.\n- Update to 2.8.1\n + Bug Fixes\n * Display the job labels in /targets which was removed accidentally\n- Update to 2.8.0 \n + Change:\n * This release uses Write-Ahead Logging (WAL) for the remote_write API. This currently causes a slight increase in memory usage, which will be addressed in future releases.\n * Default time retention is used only when no size based retention is specified. These are flags where time retention is specified by the flag --storage.tsdb.retention and size retention by --storage.tsdb.retention.size. \n * prometheus_tsdb_storage_blocks_bytes_total is now prometheus_tsdb_storage_blocks_bytes. \n + Feature:\n * (EXPERIMENTAL) Time overlapping blocks are now allowed; vertical compaction and vertical query merge. It is an optional feature which is controlled by the --storage.tsdb.allow-overlapping-blocks flag, disabled by default.\n + Enhancements: \n\t* Use the WAL for remote_write API.\n * Query performance improvements. \n * UI enhancements with upgrade to Bootstrap 4. \n * Reduce time that Alertmanagers are in flux when reloaded. \n * Limit number of metrics displayed on UI to 10000. \n * (1) Remember All/Unhealthy choice on target-overview when reloading page. (2) Resize text-input area on Graph page on mouseclick. \n * In histogram_quantile merge buckets with equivalent le values. \n * Show list of offending labels in the error message in many-to-many scenarios. \n * Show Storage Retention criteria in effect on /status page. \n + Bug Fixes: \n + Fix sorting of rule groups. \n + Fix support for password_file and bearer_token_file in Kubernetes SD. \n + Scrape: catch errors when creating HTTP clients \n + Adds new metrics:\n prometheus_target_scrape_pools_total\n prometheus_target_scrape_pools_failed_total\n prometheus_target_scrape_pool_reloads_total\n prometheus_target_scrape_pool_reloads_failed_total\n + Fix panic when aggregator param is not a literal.\n\nmgr-cfg:\n\n- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)\n\nmgr-daemon:\n\n- Fix systemd timer configuration on SLE12 (bsc#1142038)\n\nmgr-osad:\n\n- Fix obsolete for old osad packages, to allow installing mgr-osad\n even by using osad at yum/zyppper install (bsc#1139453)\n- Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)\n\nmgr-virtualization:\n\n- Fix missing python 3 ugettext (bsc#1138494)\n- Fix package dependencies to prevent file conflict (bsc#1143856)\n\nrhnlib:\n\n- Add SNI support for clients\n- Fix initialize ssl connection (bsc#1144155)\n- Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)\n\nspacecmd:\n\n- Bugfix: referenced variable before assignment.\n- Bugfix: \u0027dict\u0027 object has no attribute \u0027iteritems\u0027 (bsc#1135881)\n- Add unit tests for custominfo, snippet, scap, ssm, cryptokey and distribution\n- Fix missing runtime dependencies that made spacecmd return old versions of\n packages in some cases, even if newer ones were available (bsc#1148311)\n\n\nspacewalk-backend:\n\n- Do not overwrite comps and module data with older versions\n- Fix issue with \u0027dists\u0027 keyword in url hostname\n- Import packages from all collections of a patch not just first one\n- Ensure bytes type when using hashlib to avoid traceback\n on XMLRPC call to \u0027registration.register_osad\u0027 (bsc#1138822)\n- Do not duplicate \u0027http://\u0027 protocol when using proxies with \u0027deb\u0027\n repositories (bsc#1138313)\n- Fix reposync when dealing with RedHat CDN (bsc#1138358)\n- Fix for CVE-2019-10136. An attacker with a valid, but expired,\n authenticated set of headers could move some digits around,\n artificially extending the session validity without modifying\n the checksum. (bsc#1136480)\n- Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)\n- Add journalctl output to spacewalk-debug tarballs\n- Prevent unnecessary triggering of channel-repodata tasks when GPG\n signing is disabled (bsc#1137715)\n- Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)\n- Add support for ULN repositories on new Zypper based reposync.\n- Don\u0027t skip Deb package tags on package import (bsc#1130040)\n- For backend-libs subpackages, exclude files for the server\n (already part of spacewalk-backend) to avoid conflicts (bsc#1148125)\n- prevent duplicate key violates on repo-sync with long changelog\n entries (bsc#1144889)\n\nspacewalk-remote-utils:\n\n- Add RHEL8\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2019-2317,SUSE-SLE-Manager-Tools-15-2019-2317,SUSE-SLE-Module-Development-Tools-OBS-15-2019-2317,SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2317",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2317-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:2317-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192317-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:2317-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-September/005887.html"
},
{
"category": "self",
"summary": "SUSE Bug 1130040",
"url": "https://bugzilla.suse.com/1130040"
},
{
"category": "self",
"summary": "SUSE Bug 1135881",
"url": "https://bugzilla.suse.com/1135881"
},
{
"category": "self",
"summary": "SUSE Bug 1136029",
"url": "https://bugzilla.suse.com/1136029"
},
{
"category": "self",
"summary": "SUSE Bug 1136480",
"url": "https://bugzilla.suse.com/1136480"
},
{
"category": "self",
"summary": "SUSE Bug 1137715",
"url": "https://bugzilla.suse.com/1137715"
},
{
"category": "self",
"summary": "SUSE Bug 1137940",
"url": "https://bugzilla.suse.com/1137940"
},
{
"category": "self",
"summary": "SUSE Bug 1138313",
"url": "https://bugzilla.suse.com/1138313"
},
{
"category": "self",
"summary": "SUSE Bug 1138358",
"url": "https://bugzilla.suse.com/1138358"
},
{
"category": "self",
"summary": "SUSE Bug 1138494",
"url": "https://bugzilla.suse.com/1138494"
},
{
"category": "self",
"summary": "SUSE Bug 1138822",
"url": "https://bugzilla.suse.com/1138822"
},
{
"category": "self",
"summary": "SUSE Bug 1139453",
"url": "https://bugzilla.suse.com/1139453"
},
{
"category": "self",
"summary": "SUSE Bug 1142038",
"url": "https://bugzilla.suse.com/1142038"
},
{
"category": "self",
"summary": "SUSE Bug 1143856",
"url": "https://bugzilla.suse.com/1143856"
},
{
"category": "self",
"summary": "SUSE Bug 1144155",
"url": "https://bugzilla.suse.com/1144155"
},
{
"category": "self",
"summary": "SUSE Bug 1144889",
"url": "https://bugzilla.suse.com/1144889"
},
{
"category": "self",
"summary": "SUSE Bug 1148125",
"url": "https://bugzilla.suse.com/1148125"
},
{
"category": "self",
"summary": "SUSE Bug 1148177",
"url": "https://bugzilla.suse.com/1148177"
},
{
"category": "self",
"summary": "SUSE Bug 1148311",
"url": "https://bugzilla.suse.com/1148311"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10136 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10136/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2019-09-06T07:15:46Z",
"generator": {
"date": "2019-09-06T07:15:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:2317-1",
"initial_release_date": "2019-09-06T07:15:46Z",
"revision_history": [
{
"date": "2019-09-06T07:15:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"product_id": "golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.i586",
"product": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.i586",
"product_id": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.i586",
"product": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.i586",
"product_id": "golang-github-prometheus-prometheus-2.11.1-3.6.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-cfg-4.0.9-1.6.5.noarch",
"product": {
"name": "mgr-cfg-4.0.9-1.6.5.noarch",
"product_id": "mgr-cfg-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product": {
"name": "mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product_id": "mgr-cfg-actions-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-client-4.0.9-1.6.5.noarch",
"product": {
"name": "mgr-cfg-client-4.0.9-1.6.5.noarch",
"product_id": "mgr-cfg-client-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "mgr-cfg-management-4.0.9-1.6.5.noarch",
"product": {
"name": "mgr-cfg-management-4.0.9-1.6.5.noarch",
"product_id": "mgr-cfg-management-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "mgr-daemon-4.0.7-1.8.1.noarch",
"product": {
"name": "mgr-daemon-4.0.7-1.8.1.noarch",
"product_id": "mgr-daemon-4.0.7-1.8.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product": {
"name": "mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product_id": "mgr-osa-dispatcher-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-osad-4.0.9-1.6.2.noarch",
"product": {
"name": "mgr-osad-4.0.9-1.6.2.noarch",
"product_id": "mgr-osad-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product": {
"name": "mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product_id": "mgr-virtualization-host-4.0.8-1.8.4.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-4.0.9-1.6.5.noarch",
"product": {
"name": "python2-mgr-cfg-4.0.9-1.6.5.noarch",
"product_id": "python2-mgr-cfg-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product": {
"name": "python2-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product_id": "python2-mgr-cfg-actions-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-client-4.0.9-1.6.5.noarch",
"product": {
"name": "python2-mgr-cfg-client-4.0.9-1.6.5.noarch",
"product_id": "python2-mgr-cfg-client-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-cfg-management-4.0.9-1.6.5.noarch",
"product": {
"name": "python2-mgr-cfg-management-4.0.9-1.6.5.noarch",
"product_id": "python2-mgr-cfg-management-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-common-4.0.9-1.6.2.noarch",
"product": {
"name": "python2-mgr-osa-common-4.0.9-1.6.2.noarch",
"product_id": "python2-mgr-osa-common-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product": {
"name": "python2-mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product_id": "python2-mgr-osa-dispatcher-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-osad-4.0.9-1.6.2.noarch",
"product": {
"name": "python2-mgr-osad-4.0.9-1.6.2.noarch",
"product_id": "python2-mgr-osad-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"product": {
"name": "python2-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"product_id": "python2-mgr-virtualization-common-4.0.8-1.8.4.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product": {
"name": "python2-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product_id": "python2-mgr-virtualization-host-4.0.8-1.8.4.noarch"
}
},
{
"category": "product_version",
"name": "python2-rhnlib-4.0.11-3.10.1.noarch",
"product": {
"name": "python2-rhnlib-4.0.11-3.10.1.noarch",
"product_id": "python2-rhnlib-4.0.11-3.10.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-4.0.9-1.6.5.noarch",
"product": {
"name": "python3-mgr-cfg-4.0.9-1.6.5.noarch",
"product_id": "python3-mgr-cfg-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product": {
"name": "python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"product_id": "python3-mgr-cfg-actions-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"product": {
"name": "python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"product_id": "python3-mgr-cfg-client-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"product": {
"name": "python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"product_id": "python3-mgr-cfg-management-4.0.9-1.6.5.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"product": {
"name": "python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"product_id": "python3-mgr-osa-common-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product": {
"name": "python3-mgr-osa-dispatcher-4.0.9-1.6.2.noarch",
"product_id": "python3-mgr-osa-dispatcher-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-osad-4.0.9-1.6.2.noarch",
"product": {
"name": "python3-mgr-osad-4.0.9-1.6.2.noarch",
"product_id": "python3-mgr-osad-4.0.9-1.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"product": {
"name": "python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"product_id": "python3-mgr-virtualization-common-4.0.8-1.8.4.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product": {
"name": "python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"product_id": "python3-mgr-virtualization-host-4.0.8-1.8.4.noarch"
}
},
{
"category": "product_version",
"name": "python3-rhnlib-4.0.11-3.10.1.noarch",
"product": {
"name": "python3-rhnlib-4.0.11-3.10.1.noarch",
"product_id": "python3-rhnlib-4.0.11-3.10.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"product": {
"name": "python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"product_id": "python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.0.14-3.26.1.noarch",
"product": {
"name": "spacecmd-4.0.14-3.26.1.noarch",
"product_id": "spacecmd-4.0.14-3.26.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-app-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-app-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-app-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-applet-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-applet-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-applet-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-cdn-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-cdn-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-cdn-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-config-files-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-common-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-common-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-config-files-common-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-config-files-tool-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-config-files-tool-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-config-files-tool-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-iss-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-iss-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-iss-export-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-iss-export-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-iss-export-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-libs-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-package-push-server-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-package-push-server-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-package-push-server-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-server-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-server-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-server-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-sql-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-sql-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-oracle-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-sql-oracle-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-sql-oracle-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-sql-postgresql-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-sql-postgresql-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-sql-postgresql-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-tools-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-tools-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-tools-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xml-export-libs-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-xml-export-libs-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-xml-export-libs-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-backend-xmlrpc-4.0.25-3.23.1.noarch",
"product": {
"name": "spacewalk-backend-xmlrpc-4.0.25-3.23.1.noarch",
"product_id": "spacewalk-backend-xmlrpc-4.0.25-3.23.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-remote-utils-4.0.5-3.9.2.noarch",
"product": {
"name": "spacewalk-remote-utils-4.0.5-3.9.2.noarch",
"product_id": "spacewalk-remote-utils-4.0.5-3.9.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"product_id": "golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"product_id": "golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"product_id": "golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-cfg-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-cfg-4.0.9-1.6.5.noarch"
},
"product_reference": "mgr-cfg-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-cfg-actions-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-cfg-actions-4.0.9-1.6.5.noarch"
},
"product_reference": "mgr-cfg-actions-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-cfg-client-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-cfg-client-4.0.9-1.6.5.noarch"
},
"product_reference": "mgr-cfg-client-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-cfg-management-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-cfg-management-4.0.9-1.6.5.noarch"
},
"product_reference": "mgr-cfg-management-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-daemon-4.0.7-1.8.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-daemon-4.0.7-1.8.1.noarch"
},
"product_reference": "mgr-daemon-4.0.7-1.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-osad-4.0.9-1.6.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-osad-4.0.9-1.6.2.noarch"
},
"product_reference": "mgr-osad-4.0.9-1.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-virtualization-host-4.0.8-1.8.4.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgr-virtualization-host-4.0.8-1.8.4.noarch"
},
"product_reference": "mgr-virtualization-host-4.0.8-1.8.4.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-cfg-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-cfg-4.0.9-1.6.5.noarch"
},
"product_reference": "python3-mgr-cfg-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-cfg-actions-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-cfg-actions-4.0.9-1.6.5.noarch"
},
"product_reference": "python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-cfg-client-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-cfg-client-4.0.9-1.6.5.noarch"
},
"product_reference": "python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-cfg-management-4.0.9-1.6.5.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-cfg-management-4.0.9-1.6.5.noarch"
},
"product_reference": "python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osa-common-4.0.9-1.6.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-osa-common-4.0.9-1.6.2.noarch"
},
"product_reference": "python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-osad-4.0.9-1.6.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-osad-4.0.9-1.6.2.noarch"
},
"product_reference": "python3-mgr-osad-4.0.9-1.6.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-virtualization-common-4.0.8-1.8.4.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.0.8-1.8.4.noarch"
},
"product_reference": "python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-virtualization-host-4.0.8-1.8.4.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.0.8-1.8.4.noarch"
},
"product_reference": "python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rhnlib-4.0.11-3.10.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-rhnlib-4.0.11-3.10.1.noarch"
},
"product_reference": "python3-rhnlib-4.0.11-3.10.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch"
},
"product_reference": "python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.14-3.26.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacecmd-4.0.14-3.26.1.noarch"
},
"product_reference": "spacecmd-4.0.14-3.26.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-remote-utils-4.0.5-3.9.2.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacewalk-remote-utils-4.0.5-3.9.2.noarch"
},
"product_reference": "spacewalk-remote-utils-4.0.5-3.9.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10136"
}
],
"notes": [
{
"category": "general",
"text": "It was found that Spacewalk, all versions through 2.9, did not safely compute client token checksums. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"SUSE Manager Client Tools 15:mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-daemon-4.0.7-1.8.1.noarch",
"SUSE Manager Client Tools 15:mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-rhnlib-4.0.11-3.10.1.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.0.14-3.26.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-remote-utils-4.0.5-3.9.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10136",
"url": "https://www.suse.com/security/cve/CVE-2019-10136"
},
{
"category": "external",
"summary": "SUSE Bug 1136480 for CVE-2019-10136",
"url": "https://bugzilla.suse.com/1136480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"SUSE Manager Client Tools 15:mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-daemon-4.0.7-1.8.1.noarch",
"SUSE Manager Client Tools 15:mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-rhnlib-4.0.11-3.10.1.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.0.14-3.26.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-remote-utils-4.0.5-3.9.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.16.2-3.3.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-2.11.1-3.6.2.x86_64",
"SUSE Manager Client Tools 15:mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:mgr-daemon-4.0.7-1.8.1.noarch",
"SUSE Manager Client Tools 15:mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-actions-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-client-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-cfg-management-4.0.9-1.6.5.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osa-common-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-osad-4.0.9-1.6.2.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-common-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-mgr-virtualization-host-4.0.8-1.8.4.noarch",
"SUSE Manager Client Tools 15:python3-rhnlib-4.0.11-3.10.1.noarch",
"SUSE Manager Client Tools 15:python3-spacewalk-backend-libs-4.0.25-3.23.1.noarch",
"SUSE Manager Client Tools 15:spacecmd-4.0.14-3.26.1.noarch",
"SUSE Manager Client Tools 15:spacewalk-remote-utils-4.0.5-3.9.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-09-06T07:15:46Z",
"details": "moderate"
}
],
"title": "CVE-2019-10136"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…