openSUSE Security Update : cobbler (openSUSE-2021-46)

critical Nessus Plugin ID 145357

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for cobbler fixes the following issues :

- Add cobbler-tests subpackage for unit testing for openSUSE/SLE

- Adds LoadModule definitions for openSUSE/SLE

- Switch to new refactored auth module.

- use systemctl to restart cobblerd on logfile rotation (boo#1169207) Mainline logrotate conf file uses already /sbin/service instead of outdated: /etc/init.d/cobblerd

- Fix cobbler sync for DHCP or DNS (boo#1169553) Fixed mainline by commit 2d6cfe42da

- Signatures file now uses 'default_autoinstall' which fixes import problem happening with some distributions (boo#1159010)

- Fix for kernel and initrd detection (boo#1159010)

- New :

- For the distro there is now a parameter remote_boot_initrd and remote_boot_kernel ()

- For the profile there is now a parameter filename for DHCP. (#2280)

- Signatures for ESXi 6 and 7 (#2308)

- The hardlink command is now detected more dynamically and thus more error resistant (#2297)

- HTTPBoot will now work in some cases out of the bug.
(#2295)

- Additional DNS query for a case where the wrong record was queried in the nsupdate system case (#2285)

- Changes :

- Enabled a lot of tests, removed some and implemented new. (#2202)

- Removed not used files from the codebase. (#2302)

- Exchanged mkisofs to xorrisofs. (#2296)

- Removed duplicate code. (#2224)

- Removed unreachable code. (#2223)

- Snippet creation and deletion now works again via xmlrpc. (#2244)

- Replace createrepo with createrepo_c. (#2266)

- Enable Kerberos through having a case sensitive users.conf. (#2272)

- Bugfixes :

- General various Bugfixes (#2331, )

- Makefile usage and commands. (#2344, #2304)

- Fix the dhcp template. (#2314)

- Creation of the management classes and gPXE. (#2310)

- Fix the scm_track module. (#2275, #2279)

- Fix passing the netdevice parameter correctly to the linuxrc. (#2263)

- powerstatus from cobbler now works thanks to a wrapper for ipmitool. (#2267)

- In case the LDAP is used for auth, it now works with ADs. (#2274)

- Fix passthru authentication. (#2271)

- Other :

- Add Codecov. (#2229)

- Documentation updates. (#2333, #2326, #2305, #2249, #2268)

- Buildprocess :

- Recreation and cleanup of Grub2. (#2278)

- Fix small errors for openSUSE Leap. (#2233)

- Fix rpmlint errors. (#2237)

- Maximum compatibility for debbuild package creation.
(#2255, #2292, #2242, #2300)

- Fixes related to our CI Pipeline (#2254, #2269)

- Internal Code cleanup (#2273, #2270)

- Breaking Changes :

- Hash handling in users.digest file. (#2299)

- Updated to version 3.1.1.

- Introduce new packaging from upstream

- Changelog see below

- New :

- We are now having a cross-distro specfile which can be build in the OBS (#2220) - before rewritten it was improved by #2144 & #2174

- Grub Submenu for net-booting machines (#2217)

- Building the Cent-OS RPMs in Docker (#2190 #2189)

- Reintroduced manpage build in setup.py (#2185)

- mgmt_parameters are now passed to the dhcp template (#2182)

- Using the standard Pyhton3 logger instead of a custom one (#2160 #2139 #2151)

- Script for converting the settings file from 3.0.0 to 3.0.1 (#2154)

- Docs now inside the repo instead of cobbler.github.io and improved with sphinx (#2117)

- Changes :

- The default tftpboot directory is now /var/lib/tftpboot instead of previously /srv/tftpboot (#2220)

- Distro signatures were adjusted where necessary (#2219 #2134)

- Removed requirements.txt and placed the requirements in setup.py (#2204)

- Display only entries in grub which are from the same arch (#2191 #2216)

- Change the name of the cobbler manpage form cobbler-cli to cobbler back and move it to section 8 (#2188 #2186)

- Bugfixes :

- Incremented Version to 3.1.1 from 3.0.1

- S390 Support was cleaned up (#2207 #2178)

- PowerPC Support was cleaned up (#2178)

- Added a missing import while importing a distro with cobbler import (#2201)

- Fixed a case where a stacktrace would be produced so pass none instead (#2203)

- Rename of suse_kopts_textmode_overwrite to kops_overwrite to utils (#2143 #2200)

- Fix rsync subprocess call (#2199 #2179)

- Fixed an error where the template rendering did not work (#2176)

- Fixed some cobbler import errors (#2172)

- Wrong shebang in various scripts (#2148)

- Fix some imports which fixes errors introduced by the remodularization (#2150 #2153)

- Other :

- Issue Templates for Github (#2187)

- Update to latest git HEAD code base This version (from mainline so for quite a while already) also includes fixes for 'boo#1149075' and boo#1151875

- Fix for cobbler import and buildiso (boo#1156574)

- Adjusted manpage creation (needs sphinx as BuildRequires)

- Fix cobbler sync for dhcp and dns enabled due to latest module renaming patches

- Update to latest git HEAD

- Fixes permission denied in apache2 context when trying to write cobbler log

- Fixes a bad import in import_signature (item)

- Fixes bad shebang bash path in mkgrub.sh (used in post section)

- Now track Github master branch WARNING: This release contains breaking changes for your settings file!

- Notable changes :

- Now using standard python logger

- Updated dhcpd.template

- Removed fix_shebang.patch: now in upstream.

- added -s parameter to fdupes call to prevent hardlink across partititons

- Update to latest v3.0.0 cobbler release

- Add previouly added patch:
exclude_get-loaders_command.patch to the list of patches to apply.

- Fix log file world readable (as suggested by Matthias Gerstner) and change file attributes via attr in spec file

- Do not allow get-loaders command (download of third-party provided network boot loaders we do not trust)

- Mainline fixes: 3172d1df9b9cc8 Add missing help text in redhat_management_key field c8f5490e507a72 Set default interface if cobbler system add has no

--interface= param 31a1aa31d26c4a Remove apache IfVersion tags from apache configs

- Integrated fixes that came in from mainline from other products (to calm down obs regression checker):
CVE-2011-4953, fate#312397, boo#660126, boo#671212, boo#672471, boo#682665 boo#687891, boo#695955, boo#722443, boo#722445, boo#757062, boo#763610 boo#783671, boo#790545, boo#796773, boo#811025, boo#812948, boo#842699 boo#846580, boo#869371, boo#884051, boo#976826, boo#984998 Some older bugs need boo# references as well: boo#660126, boo#671212, boo#672471, boo#682665 boo#687891, boo#695955, boo#722443, boo#722445, boo#757062, boo#763610 boo#783671, boo#790545, boo#796773, boo#811025, boo#812948, boo#842699 boo#846580, boo#869371, boo#884051

- Fix for redhat_management_key not being listed as a choice during profile rename (boo#1134588)

- Added :

- rhn-mngmnt-key-field-fix.diff

- Fixes distribution detection in setup.py for SLESo

- Added :

- changes-detection-to-distro-like-for-suse-distributions.
diff

- Moving to pytest and adding Docker test integration

- Added :

- add-docker-integration-testing.diff

- refactor-unittest-to-pytest.diff

- Additional compatability changes for old Koan versions.

- Modified :

- renamed-methods-alias-part2.patch

- Old Koan versions not only need method aliases, but also need compatible responses

- Added :

- renamed-methods-alias-part2.patch

- Add the redhat_managment_* fields again to enable templating in SUMA.

- Added :

- revert-redhat-management-removal.patch

- Changes return of last_modified_time RPC to float

- Added :

- changes-return-to-float.diff

- provide old name aliases for all renamed methods :

- get_distro_for_koan => get_distro_as_rendered

- get_profile_for_koan => get_profile_as_rendered

- get_system_for_koan => get_system_as_rendered

- get_repo_for_koan => get_repo_as_rendered

- get_image_for_koan => get_image_as_rendered

- get_mgmtclass_for_koan => get_mgmtclass_as_rendered

- get_package_for_koan => get_package_as_rendered

- get_file_for_koan => get_file_as_rendered

- Renamed: get_system_for_koan.patch => renamed-methods-alias.patch

- provide renamed method 'get_system_for_koan' under old name for old clients.

- Added :

- get_system_for_koan.patch

- Bring back power_system method in the XML-RPC API

- Changed lanplus option to lanplus=true in fence_ipmitool.template

- Added :

- power_system_xmlrpc_api.patch

- Changed :

- fence_ipmitool.template

- Disables nsupdate_enabled by default

- Added :

- disable_nsupdate_enabled_by_default.diff

- Fixes issue in distribution detection with 'lower' function call.

- Modified :

- remodeled-distro-detection.diff

- Adds imporoved distribution detection. Since now all base products get detected correctly, we no longer need the SUSE Manager patch.

- Added :

- remodeled-distro-detection.diff

- fix grub directory layout

- Added :

- create-system-directory-at-the-correct-place.patch

- fix HTTP status code of XMLRPC service

- Added :

- fix-http-status-code.patch

- touch /etc/genders when it not exists (boo#1128926)

- Add patches to fix logging

- Added :

- return-the-name-of-the-unknown-method.patch

- call-with-logger-where-possible.patch

- Switching version schema from 3.0 to 3.0.0

- Fixes case where distribution detection returns None (boo#1130658)

- Added :

- fixes-distro-none-case.diff

- Removes newline from token, which caused authentication error (boo#1128754)

- Added :

- remove-newline-from-token.diff

- Added a patch which fixes an exception when login in with a non-root user.

- Added :

- fix-login-error.patch

- Added a patch which fixes an exception when login in with a non-root user.

- Added :

- fix-login-error.patch



- Remove patch merged at upstream :

- 0001-return-token-as-string.patch

- change grub2-x86_64-efi dependency to Recommends

- grub2-i386pc is not really required. Changed to recommended to allow building for architectures other than x86_64

- Use cdrtools starting with SLE-15 and Leap-15 again.
(boo#1081739)

- Update cobbler loaders server hostname (boo#980577)

- Update outdated apache config (boo#956264)

- Replace builddate with changelog date to fix build-compare (boo#969538)

- LOCKFILE usage removed on openSUSE (boo#714618)

- Power management subsystem completely re-worked to prevent command-injection (CVE-2012-2395)

- Removed patch merged at upstream :

- cobblerd_needs_apache2_service_started.patch

- Checking bug fixes of released products are in latest develop pkg :

- remove fix-nameserver-search.fix; bug is invalid (boo#1029276)

-> not needed anymore

- fix cobbler yaboot handling (boo#968406, boo#966622)

-> no yaboot support anymore

- support UEFI boot with cobbler generated tftp tree (boo#1020376)

-> upstream

- Enabling PXE grub2 support for PowerPC (boo#986978)

-> We have grub2 support for ppc64le

- (boo#1048183) fix missing args and location for xen

-> is in

- no koan support anymore: boo#969541, boo#924118, boo#967523

- not installed (boo#966841) works.

- These still have to be looked at: SUSE system as systemd only (boo#952844) handle list value for kernel options correctly (boo#973413) entry in pxe menu (boo#988889)

- This still has to be switched off (at least in internal cobbler versions): Disabling 'get-loaders' command and 'check' fixed. boo#973418

- Add explicity require to tftp, so it is used for both SLE and openSUSE (originally from [email protected])

- Moved Recommends according to spec_cleaner

- Require latest apache2-mod_wsgi-python3 package This fixes interface to http://localhost/cblr/svc/...

- Use latest github cobbler/cobbler master branch in
_service file

- cobblerd_needs_apache2_service_started.patch reverted, that is mainline now :

- Only recommend grub2-arm and grub2-ppc packages or we might not be able to build on factory where arm/ppc might not be built

- Remove genders package requires. A genders file is generated, but we do not need/use the genders package.

- Update to latest cobbler version 3.0 mainline git HEAD version and remove already integrated or not needed anymore patches.

- Serial console support added, did some testing already Things should start to work as expected

- Add general grub2 support

- Put mkgrub.* into mkgrub.sh

- Add git date and commit to version string for now

- Add grub2 mkimage scripts: mkgrub.i386-pc mkgrub.powerpc-ieee1275 mkgrub.x86_64-efi mkgrub.arm64-efi and generate grub executables with them in the %post section



- build server wants explicite package in BuildRequires;
use tftp

- require tftp(server) instead of atftp

- cleanup: cobbler is noarch, so arch specific requires do not make sense

- SLES15 is using /etc/os-release instead of /etc/SuSE-release, use this one for checking also

- add sles15 distro profile (boo#1090205)

- fix signature for SLES15 (boo#1075014)

- fix signature for SLES15 (boo#1075014)

- fix koan wait parameter initialization

- Fix koan shebang

- Escape shell parameters provided by the user for the reposync action (CVE-2017-1000469) (boo#1074594)

- detect if there is already another instance of 'cobbler sync' running and exit with failure if so (boo#1081714)

- do not try to hardlink to a symlink. The result will be a dangling symlink in the general case (boo#1097733)

- fix service restart after logrotate for cobblerd (boo#1113747)

- rotate cobbler logs at higher frequency to prevent disk fillup (boo#1113747)

- Forbid exposure of private methods in the API (CVE-2018-10931) (CVE-2018-1000225) (boo#1104287) (boo#1104189) (boo#1105442)

- Check access token when calling 'modify_setting' API endpoint (boo#1104190) (boo#1105440) (CVE-2018-1000226)

Solution

Update the affected cobbler packages.

See Also

http://localhost/cblr/svc/...

https://bugzilla.opensuse.org/show_bug.cgi?id=1020376

https://bugzilla.opensuse.org/show_bug.cgi?id=1029276

https://bugzilla.opensuse.org/show_bug.cgi?id=1048183

https://bugzilla.opensuse.org/show_bug.cgi?id=1074594

https://bugzilla.opensuse.org/show_bug.cgi?id=1075014

https://bugzilla.opensuse.org/show_bug.cgi?id=1081714

https://bugzilla.opensuse.org/show_bug.cgi?id=1081739

https://bugzilla.opensuse.org/show_bug.cgi?id=1090205

https://bugzilla.opensuse.org/show_bug.cgi?id=1097733

https://bugzilla.opensuse.org/show_bug.cgi?id=1101670

https://bugzilla.opensuse.org/show_bug.cgi?id=1104189

https://bugzilla.opensuse.org/show_bug.cgi?id=1104190

https://bugzilla.opensuse.org/show_bug.cgi?id=1104287

https://bugzilla.opensuse.org/show_bug.cgi?id=1105440

https://bugzilla.opensuse.org/show_bug.cgi?id=1105442

https://bugzilla.opensuse.org/show_bug.cgi?id=1113747

https://bugzilla.opensuse.org/show_bug.cgi?id=1128754

https://bugzilla.opensuse.org/show_bug.cgi?id=1128926

https://bugzilla.opensuse.org/show_bug.cgi?id=1130658

https://bugzilla.opensuse.org/show_bug.cgi?id=1134588

https://bugzilla.opensuse.org/show_bug.cgi?id=1149075

https://bugzilla.opensuse.org/show_bug.cgi?id=1151875

https://bugzilla.opensuse.org/show_bug.cgi?id=1156574

https://bugzilla.opensuse.org/show_bug.cgi?id=1159010

https://bugzilla.opensuse.org/show_bug.cgi?id=1169207

https://bugzilla.opensuse.org/show_bug.cgi?id=1169553

https://bugzilla.opensuse.org/show_bug.cgi?id=1169779

https://bugzilla.opensuse.org/show_bug.cgi?id=1170462

https://bugzilla.opensuse.org/show_bug.cgi?id=660126

https://bugzilla.opensuse.org/show_bug.cgi?id=671212

https://bugzilla.opensuse.org/show_bug.cgi?id=672471

https://bugzilla.opensuse.org/show_bug.cgi?id=682665

https://bugzilla.opensuse.org/show_bug.cgi?id=687891

https://bugzilla.opensuse.org/show_bug.cgi?id=695955

https://bugzilla.opensuse.org/show_bug.cgi?id=714618

https://bugzilla.opensuse.org/show_bug.cgi?id=722443

https://bugzilla.opensuse.org/show_bug.cgi?id=722445

https://bugzilla.opensuse.org/show_bug.cgi?id=757062

https://bugzilla.opensuse.org/show_bug.cgi?id=763610

https://bugzilla.opensuse.org/show_bug.cgi?id=783671

https://bugzilla.opensuse.org/show_bug.cgi?id=790545

https://bugzilla.opensuse.org/show_bug.cgi?id=796773

https://bugzilla.opensuse.org/show_bug.cgi?id=811025

https://bugzilla.opensuse.org/show_bug.cgi?id=812948

https://bugzilla.opensuse.org/show_bug.cgi?id=842699

https://bugzilla.opensuse.org/show_bug.cgi?id=846580

https://bugzilla.opensuse.org/show_bug.cgi?id=869371

https://bugzilla.opensuse.org/show_bug.cgi?id=884051

https://bugzilla.opensuse.org/show_bug.cgi?id=924118

https://bugzilla.opensuse.org/show_bug.cgi?id=952844

https://bugzilla.opensuse.org/show_bug.cgi?id=956264

https://bugzilla.opensuse.org/show_bug.cgi?id=966622

https://bugzilla.opensuse.org/show_bug.cgi?id=966841

https://bugzilla.opensuse.org/show_bug.cgi?id=967523

https://bugzilla.opensuse.org/show_bug.cgi?id=968406

https://bugzilla.opensuse.org/show_bug.cgi?id=969538

https://bugzilla.opensuse.org/show_bug.cgi?id=969541

https://bugzilla.opensuse.org/show_bug.cgi?id=973413

https://bugzilla.opensuse.org/show_bug.cgi?id=973418

https://bugzilla.opensuse.org/show_bug.cgi?id=976826

https://bugzilla.opensuse.org/show_bug.cgi?id=980577

https://bugzilla.opensuse.org/show_bug.cgi?id=984998

https://bugzilla.opensuse.org/show_bug.cgi?id=986978

https://bugzilla.opensuse.org/show_bug.cgi?id=988889

https://features.opensuse.org/312397

Plugin Details

Severity: Critical

ID: 145357

File Name: openSUSE-2021-46.nasl

Version: 1.3

Type: local

Agent: unix

Published: 1/25/2021

Updated: 1/26/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2017-1000469

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2018-10931

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:cobbler-web, p-cpe:/a:novell:opensuse:cobbler-tests, p-cpe:/a:novell:opensuse:cobbler, cpe:/o:novell:opensuse:15.2

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/11/2021

Vulnerability Publication Date: 6/16/2012

Reference Information

CVE: CVE-2011-4953, CVE-2012-2395, CVE-2017-1000469, CVE-2018-1000225, CVE-2018-1000226, CVE-2018-10931