Hello Spacewalkers, Today we released two updates for security issues found in spacewalk. - spacewalk-proxy: Path traversal in proxy authentication cache (CVE-2019-10137) - spacewalk: Insecure computation of authentication signatures during user authentication (CVE-2019-10136)
Updated packages can be found in Spacewalk nightly and has been also backported to Spacewalk 2.9. Please update your systems. Spacewalk 2.9: spacewalk-backend-2.9.35-1 spacewalk-proxy-2.9.3-1 Spacewalk nightly: pacewalk-backend-2.10.13-1 spacewalk-proxy-2.10.3-1 Regards, -- Michael Mráka System Management Engineering, Red Hat _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
