[Spacewalk-list] Security fixes in 2.9 and nightly
Michael Mraka
michael.mraka at redhat.com
Wed Jul 3 11:12:18 UTC 2019
Hello Spacewalkers,
Today we released two updates for security issues found in spacewalk.
- spacewalk-proxy: Path traversal in proxy authentication cache (CVE-2019-10137)
- spacewalk: Insecure computation of authentication signatures during
user authentication (CVE-2019-10136)
Updated packages can be found in Spacewalk nightly and has been
also backported to Spacewalk 2.9. Please update your systems.
Spacewalk 2.9:
spacewalk-backend-2.9.35-1
spacewalk-proxy-2.9.3-1
Spacewalk nightly:
pacewalk-backend-2.10.13-1
spacewalk-proxy-2.10.3-1
Regards,
--
Michael Mráka
System Management Engineering, Red Hat
More information about the Spacewalk-list
mailing list