SUSE-SU-2019:14163-1

Описание

This update fixes the following issues:

mgr-cfg:

• Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

mgr-daemon:

• Fix systemd timer configuration on SLE12 (bsc#1142038)

mgr-osad:

• Fix obsolete for old osad packages, to allow installing mgr-osad even by using osad at yum/zyppper install (bsc#1139453)
• Ensure bytes type when using hashlib to avoid traceback (bsc#1138822)

mgr-virtualization:

• Fix missing python 3 ugettext (bsc#1138494)
• Fix package dependencies to prevent file conflict (bsc#1143856)

rhnlib:

• Add SNI support for clients
• Fix initialize ssl connection (bsc#1144155)
• Fix bootstrapping SLE11SP4 trad client with SSL enabled (bsc#1148177)

python-gzipstream:

• SPEC cleanup
• add makefile and pylint configuration
• Add Uyuni URL to package
• Bump version to 4.0.0 (bsc#1104034)
• Fix copyright for the package specfile (bsc#1103696)

spacecmd:

• Bugfix: referenced variable before assignment.
• Bugfix: 'dict' object has no attribute 'iteritems' (bsc#1135881)
• Add unit tests for custominfo, snippet, scap, ssm, cryptokey and distribution
• Fix missing runtime dependencies that made spacecmd return old versions of packages in some cases, even if newer ones were available (bsc#1148311)

spacewalk-backend:

• Do not overwrite comps and module data with older versions
• Fix issue with 'dists' keyword in url hostname
• Import packages from all collections of a patch not just first one
• Ensure bytes type when using hashlib to avoid traceback on XMLRPC call to 'registration.register_osad' (bsc#1138822)
• Do not duplicate 'http://' protocol when using proxies with 'deb' repositories (bsc#1138313)
• Fix reposync when dealing with RedHat CDN (bsc#1138358)
• Fix for CVE-2019-10136. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum. (bsc#1136480)
• Prevent FileNotFoundError: repomd.xml.key traceback (bsc#1137940)
• Add journalctl output to spacewalk-debug tarballs
• Prevent unnecessary triggering of channel-repodata tasks when GPG signing is disabled (bsc#1137715)
• Fix spacewalk-repo-sync for Ubuntu repositories in mirror case (bsc#1136029)
• Add support for ULN repositories on new Zypper based reposync.
• Don't skip Deb package tags on package import (bsc#1130040)
• For backend-libs subpackages, exclude files for the server (already part of spacewalk-backend) to avoid conflicts (bsc#1148125)
• prevent duplicate key violates on repo-sync with long changelog entries (bsc#1144889)

spacewalk-remote-utils:

• Add RHEL8