Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
openSUSE: Security Advisory for SUSE (openSUSE-SU-2021:1162-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'SUSE' package(s) announced via the openSUSE-SU-2021:1162-1 advisory.
Insight
Insight
This update fixes the following issues: ansible: - The support level for ansible is l2, not l3 dracut-saltboot: - Force installation of libexpat.so.1 (bsc#1188846) - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE Linux Enterprise 15, 15 SP1, 15 SP2 - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mapped memory is referenced after the file is closed. #8723 * Scaleway Discovery: Fix nil pointer dereference. #8737 * Consul Discovery: Restart no longer required after config update with no targets. #8766 + Features: * Promtool: Retroactive rule evaluation functionality. * Configuration: Environment variable expansion for external labels. Behind ' --enable-feature=expand-external-labels' flag. * Add a flag ' --storage.tsdb.max-block-chunk-segment-size' to control the max chunks file size of the blocks for small Prometheus instances. * UI: Add a dark theme. * AWS Lightsail Discovery: Add AWS Lightsail Discovery. * Docker Discovery: Add Docker Service Discovery. * OAuth: Allow OAuth 2.0 to be used anywhere an HTTP client is used. * Remote Write: Send exemplars via remote write. Experimental and disabled by default. + Enhancements: * Digital Ocean Discovery: Add ' __meta_digitalocean_vpc' label. * Scaleway Discovery: Read Scaleway secret from a file. * Scrape: Add configurable limits for label size and count. * UI: Add 16w and 26w time range steps. * Templating: Enable parsing strings in humanize functions. - Update package with changes from `server:monitoring` (bsc#1175478) Left out removal of ' firewalld' related configuration files as SUSE Linux Enterprise 15-SP1' s `firewalld` package does not contain ' prometheus' configuration yet. mgr-cfg: - No visible impact for the user mgr-custom-info: - No visible impact for the user mgr-osad: - No vi ... Description truncated. Please see the references for more information.
Affected Software
Affected Software
'SUSE' package(s) on openSUSE Leap 15.2.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).