SUSE-SU-2017:1347-1

Описание

The following security issue in spacewalk-backend has been fixed:

• Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. (bsc#1026633, CVE-2017-7470)

Additionally, the following non-security issues have been fixed:

rhnlib:

• Support all TLS versions in rpclib. (bsc#1025312)

spacecmd:

• Improve output on error for listrepo. (bsc#1027426)
• Reword spacecmd removal message. (bsc#1024406)

spacewalk-backend:

• Do not fail with traceback when media.1 does not exist. (bsc#1032256)
• Create scap files directory beforehand. (bsc#1029755)
• Fix error if SPACEWALK_DEBUG_NO_REPORTS environment variable is not present.
• Don't skip 'rhnErrataPackage' cleanup during an errata update. (bsc#1023233)
• Add support for running spacewalk-debug without creating reports. (bsc#1024714)
• Set scap store directory mod to 775 and group owner to susemanager.
• incomplete_package_import: Do import rhnPackageFile as it breaks some package installations.
• Added traceback printing to the exception block.
• Change postgresql starting commands.

spacewalk-client-tools:

• Fix reboot message to use correct product name. (bsc#1031667)