QID 174824

This update fixes the following issues:

cobbler:

- Fix string replacement for @@xyz@@
- Better performing string replacements

grafana-formula:

- Set `supported` to false for unsupported systems (bsc#1182001)
- Add SLES 15 SP3 and openSUSE Leap 15.3 to supported versions

mgr-libmod:

- Fix 'list_modules' JSON serialization (bsc#1182492)

mgr-osad:

- Adapt to new SSL implementation of rhnlib (bsc#1181807)

prometheus-exporters-formula:

- Add Ubuntu support for Prometheus exporters' reverse proxy

prometheus-formula:

- Set server hostname from pillar data (bsc#1180439)

py26-compat-salt:

- Do not crash when unexpected cmd output at listing patches (bsc#1181290)

rhnlib:

- Change SSL implementation to python ssl for better SAN and hostname
matching support (bsc#1181807)

smdba:

- Do not remove the database if there is no backup and deal with manifest

spacewalk-backend:

- Open repomd files as binary (bsc#1173893)
- Fix requesting Release file in debian repos (bsc#1182006)
- Reposync: Fixed Kickstart functionality.
- Reposync: Fixed URLGrabber error handling.
- Reposync: Fix modular data handling for cloned channels (bsc#1177508)

spacewalk-client-tools:

- Adapt to new SSL implementation of rhnlib (bsc#1181807)

spacewalk-config:

- Increase apache ssl logs to include response code and process time

spacewalk-java:

- Homogenizes style in filter buttons, facilitating testability
- Cleanup sessions via SQL query instead of SQL function (bsc#1180224)
- Rebuild and improve rendering of error pages 404 and 500 pages
(bsc#1181228)
- Fix user creation with pam auth and no password (bsc#1179579)
- Fix action chains for saltssh minions (bsc#1182200)
- FIX: Slow response of 'Software > Install' in Ubuntu minions
(bsc#1181165)
- Do not call page decorator in HEAD requests (bsc#1181228)
- Add 'mgr_origin_server' to Salt pillar data (bsc#1180439)
- Ensure new files are synced just after writing them (bsc#1175660)
- Enable openscap auditing for salt systems in SSM (bsc#1157711)
- Detect debian products (bsc#1181416)
- Show packages from channels assigned to the targeted system (bsc#1181423)
- Add an API endpoint to allow/disallow scheduling irrelevant patches
(bsc#1180757)
- Open raw output in new tab for ScriptRunAction (bsc#1180547)
- Default to preferred items per page in content lifecycle lists
(bsc#1180558)
- Fix modular data handling for cloned channels (bsc#1177508)
- Fix: login gets an ISE when SSO is enabled (bsc#1181048)

spacewalk-utils:

- Fix modular data handling for cloned channels (bsc#1177508)

spacewalk-web:

- Replace CRLF in ssh priv key when bootstrapping (bsc#1182685)
- Upgrade immer to fix CVE-2020-28477
- Default to preferred items per page in content lifecycle lists
(bsc#1180558)
- Fix sorting in content lifecycle projects and cluster tables
(bsc#1180558)

susemanager:

- Add SLE 15 SP3 bootstrap repository definitions (bsc#1182008)
- Python3-dbus-python and dependencies not installed by default
on JeOS SLE15 images, add them to the bootstrap repository list
of packages for traditional (bsc#1182071)

susemanager-doc-indexes:

- Updated Command Line Registration with Salt section in the Client
Configuration Guide for clarity.
- Adds openSUSE Leap SP migration to the SP migration section of the
Client Configuration Guide
- Adds note that bootstrap procedure for selecting a parent channel is
optional in Client Configuration Guide (bsc#1181635)[...]

Successful exploitation allows attacker to compromise the system.