SUSE-RU-2025:0791-1

Опубликовано: 06 мар. 2025

Источник: suse-cvrf

Описание

Recommended update 4.3.15 for Multi-Linux Manager Client Tools

This update fixes the following issues:

ansible:

Security issues fixed:
- CVE-2024-8775: Fixed issue where sensitive information stored in Ansible Vault files could be exposed in plaintext (bsc#1230601)

spacewalk-client-tools:

Version 4.3.22-0
- Allow translation to wrap strings as weblate forces it
- Show Source String change for translations

uyuni-proxy-systemd-services:

Version 4.3.15-0
- Update to Multi-Linux Manager 4.3.15

Список пакетов

SUSE Manager Client Tools 15

ansible-2.9.27-150000.1.20.1

ansible-doc-2.9.27-150000.1.20.1

python3-spacewalk-check-4.3.22-150000.3.100.1

python3-spacewalk-client-setup-4.3.22-150000.3.100.1

python3-spacewalk-client-tools-4.3.22-150000.3.100.1

spacewalk-check-4.3.22-150000.3.100.1

spacewalk-client-setup-4.3.22-150000.3.100.1

spacewalk-client-tools-4.3.22-150000.3.100.1

uyuni-proxy-systemd-services-4.3.15-150000.1.30.1

SUSE Manager Client Tools for SLE Micro 5

uyuni-proxy-systemd-services-4.3.15-150000.1.30.1

SUSE Manager Proxy Module 4.3

ansible-2.9.27-150000.1.20.1

ansible-doc-2.9.27-150000.1.20.1

uyuni-proxy-systemd-services-4.3.15-150000.1.30.1

openSUSE Leap 15.6

ansible-2.9.27-150000.1.20.1

ansible-doc-2.9.27-150000.1.20.1

ansible-test-2.9.27-150000.1.20.1

Ссылки

https://www.suse.com/support/update/announcement/-2025-791/suse-ru-20250791-1/
Link for SUSE-RU-2025:0791-1
https://lists.suse.com/pipermail/sle-updates/2025-March/038632.html
E-Mail link for SUSE-RU-2025:0791-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1230601
SUSE Bug 1230601
https://www.suse.com/security/cve/CVE-2024-8775/
SUSE CVE CVE-2024-8775 page

Описание

A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.

Затронутые продукты

SUSE Manager Client Tools 15:ansible-2.9.27-150000.1.20.1

SUSE Manager Client Tools 15:ansible-doc-2.9.27-150000.1.20.1

SUSE Manager Client Tools 15:python3-spacewalk-check-4.3.22-150000.3.100.1

SUSE Manager Client Tools 15:python3-spacewalk-client-setup-4.3.22-150000.3.100.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-8775.html
CVE-2024-8775
https://bugzilla.suse.com/1230601
SUSE Bug 1230601

SUSE-RU-2025:0791-1

Описание

Список пакетов

SUSE Manager Client Tools 15

SUSE Manager Client Tools for SLE Micro 5

SUSE Manager Proxy Module 4.3

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2024-8775

Описание

Затронутые продукты

Ссылки