{"id":"SUSE-RU-2021:3162-1","summary":"Recommended update for SUSE Manager 4.2.2 Release Notes","details":"This update for SUSE Manager 4.2.2 Release Notes provides the following additions:\n\nRelease notes for SUSE Manager:\n\n- Update to 4.2.2\n  * SUSE Manager is now able to manage Rocky Linux 8 clients\n  * Tech Preview: Inter-Server Sync V2\n  * Bugs mentioned\n    bsc#1171483, bsc#1173143, bsc#1181223, bsc#1186281,\n    bsc#1186339, bsc#1187335, bsc#1187549, bsc#1188032,\n    bsc#1188042, bsc#1188136, bsc#1188163, bsc#1188193,\n    bsc#1188260, bsc#1188393, bsc#1188400, bsc#1188503,\n    bsc#1188505, bsc#1188551, bsc#1188641, bsc#1188647,\n    bsc#1188656, bsc#1188853, bsc#1188855, bsc#1189011,\n    bsc#1189040, bsc#1189167, bsc#1189419, bsc#1189458,\n    - CVE-2021-40323: Fixed an arbitrary file disclosure/Template Injection (bsc#1189458)\n    - CVE-2021-40324: Fixed an arbitrary file write (bsc#1189458)\n    - CVE-2021-40325: Fixed a problem with the token validation (bsc#1189458)\n      - Please note that with these changes, a valid log data from Anamon (Red Hat Autoinstallation Process) uploaded \n        to cobbler may be rejected.\n\nRelease notes for SUSE Manager proxy:\n\n- Update to 4.2.2\n  * Bugs mentioned\n    bsc#1181223, bsc#1186026, bsc#1188042, bsc#1189011, bsc#1189263\n","modified":"2026-02-04T04:18:44.589328Z","published":"2021-09-20T15:24:13Z","related":["CVE-2021-40323","CVE-2021-40324","CVE-2021-40325"],"upstream":["CVE-2021-40323","CVE-2021-40324","CVE-2021-40325"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2021-3162/suse-ru-20213162-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1171483"},{"type":"REPORT","url":"https://bugzilla.suse.com/1173143"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181223"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186026"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186281"},{"type":"REPORT","url":"https://bugzilla.suse.com/1186339"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187335"},{"type":"REPORT","url":"https://bugzilla.suse.com/1187549"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188032"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188042"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188136"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188163"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188193"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188260"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188393"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188400"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188503"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188505"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188551"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188641"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188647"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188656"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1188855"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189011"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189040"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189167"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189263"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189419"},{"type":"REPORT","url":"https://bugzilla.suse.com/1189458"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-40323"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-40324"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-40325"}],"affected":[{"package":{"name":"release-notes-susemanager-proxy","ecosystem":"SUSE:Manager Proxy 4.2","purl":"pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.2-3.12.1"}]}],"ecosystem_specific":{"binaries":[{"release-notes-susemanager-proxy":"4.2.2-3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2021:3162-1.json"}},{"package":{"name":"release-notes-susemanager-proxy","ecosystem":"SUSE:Manager Retail Branch Server 4.2","purl":"pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.2-3.12.1"}]}],"ecosystem_specific":{"binaries":[{"release-notes-susemanager-proxy":"4.2.2-3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2021:3162-1.json"}},{"package":{"name":"release-notes-susemanager","ecosystem":"SUSE:Manager Server 4.2","purl":"pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.2-3.12.1"}]}],"ecosystem_specific":{"binaries":[{"release-notes-susemanager":"4.2.2-3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-RU-2021:3162-1.json"}}],"schema_version":"1.7.3"}