Описание
Security update for python-azure-agent
This update for python-azure-agent fixes the following issues:
Update to version 2.2.45 (jsc#ECO-80)
- Add support for Gen2 VM resource disks
- Use alternate systemd detection
- Fix /proc/net/route requirement that causes errors on FreeBSD
- Add cloud-init auto-detect to prevent multiple provisioning mechanisms from relying on configuration for coordination
- Disable cgroups when daemon is setup incorrectly
- Remove upgrade extension loop for the same goal state
- Add container id for extension telemetry events
- Be more exact when detecting IMDS service health
- Changing add_event to start sending missing fields
Update to version 2.2.44:
- Remove outdated extension ZIP packages
- Improved error handling when starting extensions using systemd
- Reduce provisioning time of some custom images
- Improve the handling of extension download errors
- New API for extension authors to handle errors during extension update
- Fix handling of errors in calls to openssl
- Improve logic to determine current distro
- Reduce verbosity of several logging statements
Update to version 2.2.42:
- Poll for artifact blob, addresses goal state procesing issue
Update to version 2.2.41:
- Rewriting the mechanism to start the extension using systemd-run for systems using systemd for managing
- Refactoring of resource monitoring framework using cgroup for both systemd and non-systemd approaches [#1530, #1534]
- Telemetry pipeline for resource monitoring data
Update to version 2.2.40:
- Fixed tracking of memory/cpu usage
- Do not prevent extensions from running if setting up cgroups fails
- Enable systemd-aware deprovisioning on all versions >= 18.04
- Add systemd support for Debian Jessie, Stretch, and Buster
- Support for Linux Openwrt
Update to version 2.2.38:
- CVE-2019-0804: An issue with swapfile handling in the agent creates a data leak situation that exposes system memory data. (bsc#1127838)
- Add fixes for handling swap file and other nit fixes
Update to 2.2.37:
- Improves re-try logic to handle errors while downloading extensions
Список пакетов
Image SLES12-SP4-Azure-BYOS
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP4-SAP-Azure
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP4-SAP-Azure-BYOS
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-BYOS
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-Basic-On-Demand
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-HPC-BYOS
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-HPC-On-Demand
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-SAP-BYOS
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-SAP-On-Demand
python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-Standard-On-Demand
python-azure-agent-2.2.45-34.20.1
SUSE Linux Enterprise Module for Public Cloud 12
python-azure-agent-2.2.45-34.20.1
Ссылки
- Link for SUSE-SU-2019:3394-1
- E-Mail link for SUSE-SU-2019:3394-1
- SUSE Security Ratings
- SUSE Bug 1127838
- SUSE Bug 1159639
- SUSE CVE CVE-2019-0804 page
- SUSE Bug ECO-80
Описание
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
Затронутые продукты
Image SLES12-SP4-Azure-BYOS:python-azure-agent-2.2.45-34.20.1
Image SLES12-SP4-SAP-Azure-BYOS:python-azure-agent-2.2.45-34.20.1
Image SLES12-SP4-SAP-Azure:python-azure-agent-2.2.45-34.20.1
Image SLES12-SP5-Azure-BYOS:python-azure-agent-2.2.45-34.20.1
Ссылки
- CVE-2019-0804
- SUSE Bug 1127838
- SUSE Bug 1152980