PT-2022-37537 — Spacewalk-Java+1

PT-2022-37537 · Red Hat · Spacewalk-Java+1

Published

2022-12-13

Updated

2022-12-13

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions spacewalk-java versions 4.2.44-1 and earlier spacewalk-web versions 4.2.31-1 and earlier

Description The issue concerns the disclosure of the Proxy password in the browser console log. This problem is resolved by updating the affected components.

Recommendations For spacewalk-java version 4.2.44-1 and earlier: Apply the patch using either zypper patch or YaST Online Update after stopping the Spacewalk service with spacewalk-service stop, then start the service again with spacewalk-service start. For spacewalk-web version 4.2.31-1 and earlier: Apply the patch using either zypper patch or YaST Online Update after stopping the Spacewalk service with spacewalk-service stop, then start the service again with spacewalk-service start.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

SUSE-SU-2022:4442-1

Affected Products

Spacewalk-Java

Spacewalk-Web

Related Identifiers

Affected Products

References · 3