ELSA-2022-10024

ELSA-2022-10024 - spacewalk-backend spacewalk-java security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-12-05

Description


spacewalk-backend
[2.10.28-1.0.13]
- Fix HTTP 500 and ORA-01830 on client scap report [Orabug: 34823889]

[2.10.28-1.0.12]
- Handle remote commands that return no output. [Orabug: 32530545]

[2.10.28-1.0.11]
- Make spacewalk-debug copy symlink target instead of the symlink itself. [Orabug: 32514543]

[2.10.28-1.0.9]
- spacewalk-repo-sync set /modules owner to tomcat [Orabug: 32537482]
- Make spacewalk-repo-sync sync modules.yaml file for ULN [Orabug: 32542907]

[2.10.28-1.0.8]
- Disable mirror lists for ULN repos. [Orabug: 32165904]

[2.10.28-1.0.7]
- Remove default RHN config referencing satellite.rhn.redhat.com [Orabug: 32121947]

[2.10.28-1.0.6]
- Rebrand Spacewalk to Oracle Linux Manager [LINUX-9551] [LINUX-9552]

[2.10.28-1.0.5]
- Fix spacewalk-repo-sync resetting /var/satellite/rhn/modules permissions to 750 [Orabug: 31973025]

[2.10.28-1.0.4]
- Make reposync set rhn/modules group writable [LINUX-7708]
- Make modules metadata folder group-writable on spacewalk-backend upgrade [LINUX-7708]

[2.10.28-1.0.3]
- Fix erroneous failure status for successful remote command execution [Orabug: 31589572]

[2.10.28-1.0.1]
- Remove upstream reference [OraBug 22475639]
- Fix text references to satellite server [OraBug 20596345]

[2.10.28-1]
- added treeinfo file to download list

[2.10.27-1]
spacewalk-java
[2.10.19-1.0.15]
- Fix CVE-2022-43753 [Orabug: 34814068]

[2.10.19-1.0.14]
- Add module:stream manipulation remote commands. [OLDIS-6915]

[2.10.19-1.0.13]
- Fix errata scheduled job link ID number formatting. [Orabug: 32581542]

[2.10.19-1.0.12]
- Fix custom errata adding unassociated packages [Orabug: 32613033]

[2.10.19-1.0.11]
- Remove default RHN config referencing satellite.rhn.redhat.com [Orabug: 32121947]

[2.10.19-1.0.10]
- Handle modules.yaml file in spacewalk-manage-channel-lifecycle [LINUX-9346]
- Rebrand Spacewalk to Oracle Linux Manager [LINUX-9551] [LINUX-9552]

[2.10.19-1.0.9]
- Update modules.yaml when adding modular packages to channel [LINUX-8154] [Orabug: 31960970]

[2.10.19-1.0.8]
- Copy modules.yaml metadata file when cloning channels. [LINUX-7708]

[2.10.19-1.0.7]
- Fix Internal Server Error when scheduling package snapshot rollback [Orabug: 31658857]

[2.10.19-1.0.6]
- Remove upstream warning message on package upgrade page [LINUX-7465] [LINUX-7593] [Orabug: 31639744]

[2.10.19-1.0.5]
- Allow spacecmd and XMLRPC API to apply modular errata [Orabug: 31665403] [Jira: LINUX-7026]

[2.10.19-1.0.4]
- Fix wrong kickstart generated for the OL8 [Orabug: 31564892]

[2.10.19-1.0.3]
- Update footer Copyright and links to Oracle's. [Orabug: 31444703]
- Replace bugfix bug22652131.patch with oracle-footer.jsp.patch.

[2.10.19-1.0.2]
- Update taskomatic to use instant client to 18.5 [Orabug: 31413086]

[2.10.19-1.0.1]
- fix login UI footer string [orabug 22652131]
- fix max length of channel label [bug 22509037]
- remove packages that rely on geronimo-specs-poms and jakarta-commons-beanutils (livy.ge@orale.com)
- remove sw2.6 jpp packages during upgrade [bug 27792543]

[2.10.19-1]
- 1791111 - improved performance of cleanup-data-bunch

[2.10.18-1]
- fixed checkstyle header

[2.10.17-1]
- updated API version for the new release

[2.10.16-1]


Related CVEs


CVE-2022-43753

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) spacewalk-backend-2.10.28-1.0.13.el7.src.rpmb377a931ff1d6c964bef05b863dfa9e3-
spacewalk-java-2.10.19-1.0.15.el7.src.rpm71624c3c92bf5901db46570d95211d68-
spacewalk-backend-2.10.28-1.0.13.el7.noarch.rpmaaba62988a277ece89aa448ab25e1586-
spacewalk-backend-app-2.10.28-1.0.13.el7.noarch.rpm3aa6a72891f69e1635697221768d83f6-
spacewalk-backend-applet-2.10.28-1.0.13.el7.noarch.rpm6445ab865d6833a3b1c5b1a7b0b3ef62-
spacewalk-backend-cdn-2.10.28-1.0.13.el7.noarch.rpm05c4048eaf0eb7c26b9aea8233937217-
spacewalk-backend-config-files-2.10.28-1.0.13.el7.noarch.rpm65224427822477fc96788d285e784ff2-
spacewalk-backend-config-files-common-2.10.28-1.0.13.el7.noarch.rpm020144374be42e954929191d9f45ac0b-
spacewalk-backend-config-files-tool-2.10.28-1.0.13.el7.noarch.rpm7bf12d15ee8ccef6098a1fbd3a58960c-
spacewalk-backend-iss-2.10.28-1.0.13.el7.noarch.rpm2c1728fbd1c4a5f03dd26357f3bb882a-
spacewalk-backend-iss-export-2.10.28-1.0.13.el7.noarch.rpm738aa644b87611070c4d79e6c1138da3-
spacewalk-backend-libs-2.10.28-1.0.13.el7.noarch.rpmd847fd1184cea2e28cdf1a2dc6fd5b52-
spacewalk-backend-package-push-server-2.10.28-1.0.13.el7.noarch.rpm8413c5c519eeed605327f62e00301c54-
spacewalk-backend-server-2.10.28-1.0.13.el7.noarch.rpm8d045834a7dd7804cc5f07e470eb101c-
spacewalk-backend-sql-2.10.28-1.0.13.el7.noarch.rpm82239196005273f2dc8aa331cd9e0bf3-
spacewalk-backend-sql-oracle-2.10.28-1.0.13.el7.noarch.rpm65f8dfff7f0494eca3f2ad62638b25a2-
spacewalk-backend-sql-postgresql-2.10.28-1.0.13.el7.noarch.rpm2c8c9b23532774e7d17855e4d64e7d71-
spacewalk-backend-tools-2.10.28-1.0.13.el7.noarch.rpmbbad8c58325cf07b8103bcce660ca67d-
spacewalk-backend-xml-export-libs-2.10.28-1.0.13.el7.noarch.rpm8ca4979c6ee4f5df87693135b8bbf3cf-
spacewalk-backend-xmlrpc-2.10.28-1.0.13.el7.noarch.rpm891c4027104e349f8aacc64276645180-
spacewalk-java-2.10.19-1.0.15.el7.noarch.rpm07a816677bc86298d627f66855ac35b9-
spacewalk-java-config-2.10.19-1.0.15.el7.noarch.rpm37b32ef4afcddd1ace7badd69962e7ec-
spacewalk-java-lib-2.10.19-1.0.15.el7.noarch.rpm5c976ee24c870f05ec7490c23a27598d-
spacewalk-java-oracle-2.10.19-1.0.15.el7.noarch.rpm974e7e1b1126abf946e496361caf07a9-
spacewalk-java-postgresql-2.10.19-1.0.15.el7.noarch.rpmafe5a096321fc42e834196caa35c2f9e-
spacewalk-java-tests-2.10.19-1.0.15.el7.noarch.rpmf119b9225bb4d1a05ce3d5101cfed12e-
spacewalk-taskomatic-2.10.19-1.0.15.el7.noarch.rpm66a754f92e18fbfe87453d6e4cab85c5-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete