{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Recommended update for SUSE Manager Proxy 4.1","title":"Title of the patch"},{"category":"description","text":"This update fixes the following issues:\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Adapted to build on Enterprise Linux.\n- Fix build for Red Hat 7\n- Require Go >= 1.14 also for CentOS\n- Add support for CentOS\n- Replace %{?systemd_requires} with %{?systemd_ordering}\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Require building with Go 1.15\n- Add %license macro for LICENSE file \n\ngolang-github-prometheus-node_exporter:\n\n- CVE-2022-21698: Update vendor tarball with prometheus/client_golang 1.11.1\n  (bsc#1196338, jsc#SLE-24238, jsc#SLE-24239)\n- Update to 1.3.0\n  * [CHANGE] Add path label to rapl collector #2146\n  * [CHANGE] Exclude filesystems under /run/credentials #2157\n  * [CHANGE] Add TCPTimeouts to netstat default filter #2189\n  * [FEATURE] Add lnstat collector for metrics from /proc/net/stat/ #1771\n  * [FEATURE] Add darwin powersupply collector #1777\n  * [FEATURE] Add support for monitoring GPUs on Linux #1998\n  * [FEATURE] Add Darwin thermal collector #2032\n  * [FEATURE] Add os release collector #2094\n  * [FEATURE] Add netdev.address-info collector #2105\n  * [FEATURE] Add clocksource metrics to time collector #2197\n  * [ENHANCEMENT] Support glob textfile collector directories #1985\n  * [ENHANCEMENT] ethtool: Expose node_ethtool_info metric #2080\n  * [ENHANCEMENT] Use include/exclude flags for ethtool filtering #2165\n  * [ENHANCEMENT] Add flag to disable guest CPU metrics #2123\n  * [ENHANCEMENT] Add DMI collector #2131\n  * [ENHANCEMENT] Add threads metrics to processes collector #2164\n  * [ENHANCMMENT] Reduce timer GC delays in the Linux filesystem collector #2169\n  * [ENHANCMMENT] Add TCPTimeouts to netstat default filter #2189\n  * [ENHANCMMENT] Use SysctlTimeval for boottime collector on BSD #2208\n  * [BUGFIX] ethtool: Sanitize metric names #2093\n  * [BUGFIX] Fix ethtool collector for multiple interfaces #2126\n  * [BUGFIX] Fix possible panic on macOS #2133\n  * [BUGFIX] Collect flag_info and bug_info only for one core #2156\n  * [BUGFIX] Prevent duplicate ethtool metric names #2187\n- Update to 1.2.2\n  * Bug fixes\n     Fix processes collector long int parsing #2112\n- Update to 1.2.1\n  * Removed\n     Remove obsolete capture permission denied error patch already included upstream\n     Fix zoneinfo parsing prometheus/procfs#386\n     Fix nvme collector log noise #2091\n     Fix rapl collector log noise #2092\n- Update to 1.2.0\n  * Changes\n     Rename filesystem collector flags to match other collectors #2012\n     Make node_exporter print usage to STDOUT #203\n  * Features\n     Add conntrack statistics metrics #1155\n     Add ethtool stats collector #1832\n     Add flag to ignore network speed if it is unknown #1989\n     Add tapestats collector for Linux #2044\n     Add nvme collector #2062\n  * Enhancements\n     Add ErrorLog plumbing to promhttp #1887\n     Add more Infiniband counters #2019\n     netclass: retrieve interface names and filter before parsing #2033\n     Add time zone offset metric #2060\n     Handle errors from disabled PSI subsystem #1983\n     Fix panic when using backwards compatible flags #2000\n     Fix wrong value for OpenBSD memory buffer cache #2015\n     Only initiate collectors once #2048\n     Handle small backwards jumps in CPU idle #2067\n- Apply patch to capture permission denied error for 'energy_uj' file (bsc#1190535)\n      from https://github.com/prometheus/node_exporter/pull/2092\n\npatterns-suse-manager:\n\n- Golang-github-wrouesnel-postgres_exporter was renamed to prometheus-postgres_exporter\n\nspacecmd:\n\n- Version 4.1.18-1\n  * implement system.bootstrap (bsc#1194909)\n\nspacewalk-backend:\n\n- Version 4.1.31-1\n  * Fix traceback on calling spacewalk-repo-sync --show-packages\n    (bsc#1193238)\n  * Fix virt_notify SQL syntax error (bsc#1199528)\n  * Do not raise error on file:// based DEB repo when looking\n    for alternative Release files (bsc#1199142)\n  * Improve parsing deb packages dependencies (bsc#1194594)\n  * Fix reposync update notice formatting and date parsing (bsc#1194447)\n  * implement more decompression algorithms for reposync (bsc#1196704)\n\nspacewalk-web:\n\n- Version 4.1.33-1\n  * Added support for end of life notifications\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager proxy.\n2. Stop the proxy service:\nspacewalk-proxy stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Start the Spacewalk service:\nspacewalk-proxy start\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2022-2145,SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-2145","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2022_2145-1.json"},{"category":"self","summary":"URL for SUSE-RU-2022:2145-1","url":"https://www.suse.com/support/update/announcement//suse-ru-20222145-1/"},{"category":"self","summary":"E-Mail link for SUSE-RU-2022:2145-1","url":"https://lists.suse.com/pipermail/sle-updates/2022-June/023651.html"},{"category":"self","summary":"SUSE Bug 1190535","url":"https://bugzilla.suse.com/1190535"},{"category":"self","summary":"SUSE Bug 1193238","url":"https://bugzilla.suse.com/1193238"},{"category":"self","summary":"SUSE Bug 1194447","url":"https://bugzilla.suse.com/1194447"},{"category":"self","summary":"SUSE Bug 1194594","url":"https://bugzilla.suse.com/1194594"},{"category":"self","summary":"SUSE Bug 1194909","url":"https://bugzilla.suse.com/1194909"},{"category":"self","summary":"SUSE Bug 1196338","url":"https://bugzilla.suse.com/1196338"},{"category":"self","summary":"SUSE Bug 1196704","url":"https://bugzilla.suse.com/1196704"},{"category":"self","summary":"SUSE Bug 1199142","url":"https://bugzilla.suse.com/1199142"},{"category":"self","summary":"SUSE Bug 1199528","url":"https://bugzilla.suse.com/1199528"},{"category":"self","summary":"SUSE CVE CVE-2022-21698 page","url":"https://www.suse.com/security/cve/CVE-2022-21698/"}],"title":"Recommended update for SUSE Manager Proxy 4.1","tracking":{"current_release_date":"2022-06-20T14:12:56Z","generator":{"date":"2022-06-20T14:12:56Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-RU-2022:2145-1","initial_release_date":"2022-06-20T14:12:56Z","revision_history":[{"date":"2022-06-20T14:12:56Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64","product":{"name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64","product_id":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.aarch64"}},{"category":"product_version","name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64","product":{"name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64","product_id":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.aarch64"}},{"category":"product_version","name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64","product":{"name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64","product_id":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.aarch64"}},{"category":"product_version","name":"patterns-suma_proxy-4.1-150200.6.12.2.aarch64","product":{"name":"patterns-suma_proxy-4.1-150200.6.12.2.aarch64","product_id":"patterns-suma_proxy-4.1-150200.6.12.2.aarch64"}},{"category":"product_version","name":"patterns-suma_retail-4.1-150200.6.12.2.aarch64","product":{"name":"patterns-suma_retail-4.1-150200.6.12.2.aarch64","product_id":"patterns-suma_retail-4.1-150200.6.12.2.aarch64"}},{"category":"product_version","name":"patterns-suma_server-4.1-150200.6.12.2.aarch64","product":{"name":"patterns-suma_server-4.1-150200.6.12.2.aarch64","product_id":"patterns-suma_server-4.1-150200.6.12.2.aarch64"}},{"category":"product_version","name":"susemanager-4.1.36-150200.3.52.1.aarch64","product":{"name":"susemanager-4.1.36-150200.3.52.1.aarch64","product_id":"susemanager-4.1.36-150200.3.52.1.aarch64"}},{"category":"product_version","name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64","product":{"name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64","product_id":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.aarch64"}},{"category":"product_version","name":"susemanager-tools-4.1.36-150200.3.52.1.aarch64","product":{"name":"susemanager-tools-4.1.36-150200.3.52.1.aarch64","product_id":"susemanager-tools-4.1.36-150200.3.52.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"postgresql-jdbc-42.2.10-150200.3.8.2.noarch","product":{"name":"postgresql-jdbc-42.2.10-150200.3.8.2.noarch","product_id":"postgresql-jdbc-42.2.10-150200.3.8.2.noarch"}},{"category":"product_version","name":"prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch","product":{"name":"prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch","product_id":"prometheus-exporters-formula-0.9.5-150200.3.31.2.noarch"}},{"category":"product_version","name":"prometheus-formula-0.3.7-150200.3.21.2.noarch","product":{"name":"prometheus-formula-0.3.7-150200.3.21.2.noarch","product_id":"prometheus-formula-0.3.7-150200.3.21.2.noarch"}},{"category":"product_version","name":"py27-compat-salt-3000.3-150200.6.24.2.noarch","product":{"name":"py27-compat-salt-3000.3-150200.6.24.2.noarch","product_id":"py27-compat-salt-3000.3-150200.6.24.2.noarch"}},{"category":"product_version","name":"spacecmd-4.1.18-150200.4.39.3.noarch","product":{"name":"spacecmd-4.1.18-150200.4.39.3.noarch","product_id":"spacecmd-4.1.18-150200.4.39.3.noarch"}},{"category":"product_version","name":"spacewalk-backend-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-app-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-app-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-app-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-applet-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-cdn-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-config-files-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-config-files-common-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-config-files-tool-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-iss-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-iss-export-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-package-push-server-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-server-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-server-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-server-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-sql-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-sql-postgresql-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-tools-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-xml-export-libs-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch","product":{"name":"spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch","product_id":"spacewalk-backend-xmlrpc-4.1.31-150200.4.50.4.noarch"}},{"category":"product_version","name":"spacewalk-base-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-base-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-base-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-dobby-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-dobby-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-dobby-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-html-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-html-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-html-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-html-debug-4.1.34-150200.3.47.6.noarch","product":{"name":"spacewalk-html-debug-4.1.34-150200.3.47.6.noarch","product_id":"spacewalk-html-debug-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"spacewalk-java-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-java-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-java-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-java-apidoc-sources-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-java-config-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-java-config-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-java-config-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-java-lib-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-java-lib-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-java-lib-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-java-postgresql-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-setup-4.1.11-150200.3.18.2.noarch","product":{"name":"spacewalk-setup-4.1.11-150200.3.18.2.noarch","product_id":"spacewalk-setup-4.1.11-150200.3.18.2.noarch"}},{"category":"product_version","name":"spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch","product":{"name":"spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch","product_id":"spacewalk-taskomatic-4.1.46-150200.3.71.5.noarch"}},{"category":"product_version","name":"spacewalk-utils-4.1.20-150200.3.30.2.noarch","product":{"name":"spacewalk-utils-4.1.20-150200.3.30.2.noarch","product_id":"spacewalk-utils-4.1.20-150200.3.30.2.noarch"}},{"category":"product_version","name":"spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch","product":{"name":"spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch","product_id":"spacewalk-utils-extras-4.1.20-150200.3.30.2.noarch"}},{"category":"product_version","name":"subscription-matcher-0.28-150200.3.15.2.noarch","product":{"name":"subscription-matcher-0.28-150200.3.15.2.noarch","product_id":"subscription-matcher-0.28-150200.3.15.2.noarch"}},{"category":"product_version","name":"susemanager-doc-indexes-4.1-150200.11.55.4.noarch","product":{"name":"susemanager-doc-indexes-4.1-150200.11.55.4.noarch","product_id":"susemanager-doc-indexes-4.1-150200.11.55.4.noarch"}},{"category":"product_version","name":"susemanager-docs_en-4.1-150200.11.55.2.noarch","product":{"name":"susemanager-docs_en-4.1-150200.11.55.2.noarch","product_id":"susemanager-docs_en-4.1-150200.11.55.2.noarch"}},{"category":"product_version","name":"susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch","product":{"name":"susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch","product_id":"susemanager-docs_en-pdf-4.1-150200.11.55.2.noarch"}},{"category":"product_version","name":"susemanager-schema-4.1.26-150200.3.45.4.noarch","product":{"name":"susemanager-schema-4.1.26-150200.3.45.4.noarch","product_id":"susemanager-schema-4.1.26-150200.3.45.4.noarch"}},{"category":"product_version","name":"susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch","product":{"name":"susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch","product_id":"susemanager-schema-sanity-4.1.26-150200.3.45.4.noarch"}},{"category":"product_version","name":"susemanager-sls-4.1.36-150200.3.64.2.noarch","product":{"name":"susemanager-sls-4.1.36-150200.3.64.2.noarch","product_id":"susemanager-sls-4.1.36-150200.3.64.2.noarch"}},{"category":"product_version","name":"susemanager-web-libs-4.1.34-150200.3.47.6.noarch","product":{"name":"susemanager-web-libs-4.1.34-150200.3.47.6.noarch","product_id":"susemanager-web-libs-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch","product":{"name":"susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch","product_id":"susemanager-web-libs-debug-4.1.34-150200.3.47.6.noarch"}},{"category":"product_version","name":"uyuni-config-modules-4.1.36-150200.3.64.2.noarch","product":{"name":"uyuni-config-modules-4.1.36-150200.3.64.2.noarch","product_id":"uyuni-config-modules-4.1.36-150200.3.64.2.noarch"}}],"category":"architecture","name":"noarch"},{"branches":[{"category":"product_version","name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le","product":{"name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le","product_id":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.ppc64le"}},{"category":"product_version","name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le","product":{"name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le","product_id":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.ppc64le"}},{"category":"product_version","name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le","product":{"name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le","product_id":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.ppc64le"}},{"category":"product_version","name":"patterns-suma_proxy-4.1-150200.6.12.2.ppc64le","product":{"name":"patterns-suma_proxy-4.1-150200.6.12.2.ppc64le","product_id":"patterns-suma_proxy-4.1-150200.6.12.2.ppc64le"}},{"category":"product_version","name":"patterns-suma_retail-4.1-150200.6.12.2.ppc64le","product":{"name":"patterns-suma_retail-4.1-150200.6.12.2.ppc64le","product_id":"patterns-suma_retail-4.1-150200.6.12.2.ppc64le"}},{"category":"product_version","name":"patterns-suma_server-4.1-150200.6.12.2.ppc64le","product":{"name":"patterns-suma_server-4.1-150200.6.12.2.ppc64le","product_id":"patterns-suma_server-4.1-150200.6.12.2.ppc64le"}},{"category":"product_version","name":"susemanager-4.1.36-150200.3.52.1.ppc64le","product":{"name":"susemanager-4.1.36-150200.3.52.1.ppc64le","product_id":"susemanager-4.1.36-150200.3.52.1.ppc64le"}},{"category":"product_version","name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le","product":{"name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le","product_id":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.ppc64le"}},{"category":"product_version","name":"susemanager-tools-4.1.36-150200.3.52.1.ppc64le","product":{"name":"susemanager-tools-4.1.36-150200.3.52.1.ppc64le","product_id":"susemanager-tools-4.1.36-150200.3.52.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x","product":{"name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x","product_id":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.s390x"}},{"category":"product_version","name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x","product":{"name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x","product_id":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.s390x"}},{"category":"product_version","name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x","product":{"name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x","product_id":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.s390x"}},{"category":"product_version","name":"patterns-suma_proxy-4.1-150200.6.12.2.s390x","product":{"name":"patterns-suma_proxy-4.1-150200.6.12.2.s390x","product_id":"patterns-suma_proxy-4.1-150200.6.12.2.s390x"}},{"category":"product_version","name":"patterns-suma_retail-4.1-150200.6.12.2.s390x","product":{"name":"patterns-suma_retail-4.1-150200.6.12.2.s390x","product_id":"patterns-suma_retail-4.1-150200.6.12.2.s390x"}},{"category":"product_version","name":"patterns-suma_server-4.1-150200.6.12.2.s390x","product":{"name":"patterns-suma_server-4.1-150200.6.12.2.s390x","product_id":"patterns-suma_server-4.1-150200.6.12.2.s390x"}},{"category":"product_version","name":"susemanager-4.1.36-150200.3.52.1.s390x","product":{"name":"susemanager-4.1.36-150200.3.52.1.s390x","product_id":"susemanager-4.1.36-150200.3.52.1.s390x"}},{"category":"product_version","name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x","product":{"name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x","product_id":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.s390x"}},{"category":"product_version","name":"susemanager-tools-4.1.36-150200.3.52.1.s390x","product":{"name":"susemanager-tools-4.1.36-150200.3.52.1.s390x","product_id":"susemanager-tools-4.1.36-150200.3.52.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","product":{"name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","product_id":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64"}},{"category":"product_version","name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","product":{"name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","product_id":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64"}},{"category":"product_version","name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","product":{"name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","product_id":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64"}},{"category":"product_version","name":"patterns-suma_proxy-4.1-150200.6.12.2.x86_64","product":{"name":"patterns-suma_proxy-4.1-150200.6.12.2.x86_64","product_id":"patterns-suma_proxy-4.1-150200.6.12.2.x86_64"}},{"category":"product_version","name":"patterns-suma_retail-4.1-150200.6.12.2.x86_64","product":{"name":"patterns-suma_retail-4.1-150200.6.12.2.x86_64","product_id":"patterns-suma_retail-4.1-150200.6.12.2.x86_64"}},{"category":"product_version","name":"patterns-suma_server-4.1-150200.6.12.2.x86_64","product":{"name":"patterns-suma_server-4.1-150200.6.12.2.x86_64","product_id":"patterns-suma_server-4.1-150200.6.12.2.x86_64"}},{"category":"product_version","name":"susemanager-4.1.36-150200.3.52.1.x86_64","product":{"name":"susemanager-4.1.36-150200.3.52.1.x86_64","product_id":"susemanager-4.1.36-150200.3.52.1.x86_64"}},{"category":"product_version","name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64","product":{"name":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64","product_id":"susemanager-nodejs-sdk-devel-4.1.13-150200.3.24.3.x86_64"}},{"category":"product_version","name":"susemanager-tools-4.1.36-150200.3.52.1.x86_64","product":{"name":"susemanager-tools-4.1.36-150200.3.52.1.x86_64","product_id":"susemanager-tools-4.1.36-150200.3.52.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Manager Proxy Module 4.1","product":{"name":"SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-suse-manager-proxy:4.1"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64 as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64"},"product_reference":"golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64 as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64"},"product_reference":"golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64 as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64"},"product_reference":"golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"patterns-suma_proxy-4.1-150200.6.12.2.x86_64 as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:patterns-suma_proxy-4.1-150200.6.12.2.x86_64"},"product_reference":"patterns-suma_proxy-4.1-150200.6.12.2.x86_64","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"spacecmd-4.1.18-150200.4.39.3.noarch as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch"},"product_reference":"spacecmd-4.1.18-150200.4.39.3.noarch","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"spacewalk-backend-4.1.31-150200.4.50.4.noarch as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch"},"product_reference":"spacewalk-backend-4.1.31-150200.4.50.4.noarch","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch"},"product_reference":"spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"},{"category":"default_component_of","full_product_name":{"name":"spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch as component of SUSE Manager Proxy Module 4.1","product_id":"SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"},"product_reference":"spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch","relates_to_product_reference":"SUSE Manager Proxy Module 4.1"}]},"vulnerabilities":[{"cve":"CVE-2022-21698","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2022-21698"}],"notes":[{"category":"general","text":"client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods. In order to be affected, an instrumented software must use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`; not filter any specific methods (e.g GET) before middleware; pass metric with `method` label name to our middleware; and not have any firewall/LB/proxy that filters away requests with unknown `method`. client_golang version 1.11.1 contains a patch for this issue. Several workarounds are available, including removing the `method` label name from counter/gauge used in the InstrumentHandler; turning off affected promhttp handlers; adding custom middleware before promhttp handler that will sanitize the request method given by Go http.Request; and using a reverse proxy or web application firewall, configured to only allow a limited set of methods.","title":"CVE description"}],"product_status":{"recommended":["SUSE Manager Proxy Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","SUSE Manager Proxy Module 4.1:patterns-suma_proxy-4.1-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch","SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"]},"references":[{"category":"external","summary":"CVE-2022-21698","url":"https://www.suse.com/security/cve/CVE-2022-21698"},{"category":"external","summary":"SUSE Bug 1196338 for CVE-2022-21698","url":"https://bugzilla.suse.com/1196338"},{"category":"external","summary":"SUSE Bug 1248689 for CVE-2022-21698","url":"https://bugzilla.suse.com/1248689"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Manager Proxy Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","SUSE Manager Proxy Module 4.1:patterns-suma_proxy-4.1-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch","SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"]}],"scores":[{"cvss_v3":{"baseScore":7.5,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"products":["SUSE Manager Proxy Module 4.1:golang-github-QubitProducts-exporter_exporter-0.4.0-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-lusitaniae-apache_exporter-0.7.0-150200.2.6.2.x86_64","SUSE Manager Proxy Module 4.1:golang-github-prometheus-node_exporter-1.3.0-150200.3.9.3.x86_64","SUSE Manager Proxy Module 4.1:patterns-suma_proxy-4.1-150200.6.12.2.x86_64","SUSE Manager Proxy Module 4.1:spacecmd-4.1.18-150200.4.39.3.noarch","SUSE Manager Proxy Module 4.1:spacewalk-backend-4.1.31-150200.4.50.4.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-4.1.34-150200.3.47.6.noarch","SUSE Manager Proxy Module 4.1:spacewalk-base-minimal-config-4.1.34-150200.3.47.6.noarch"]}],"threats":[{"category":"impact","date":"2022-06-20T14:12:56Z","details":"important"}],"title":"CVE-2022-21698"}]}