Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For detailed instructions how to apply this update, refer to:
rver_and_content_hosts
Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* apache-commons-beanutils: does not suppresses the class property in
PropertyUtilsBean by default (CVE-2019-10086)
* jackson-databind: polymorphic typing issue allows attacker to read
arbitrary local files on the server (CVE-2019-12086)
* mina-core: Retaining an open socket in close_notify SSL-TLS leading to
Information disclosure (CVE-2019-0231)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
* Ansible Runner is now the default way to utilize Ansible for remote
execution jobs.
* Users now have the ability to log into hosts using the Web Console
directly from the Satellite UI.
* Azure has been added to the list of supported compute resources for
provisioning along with many bug fixes for Google Compute, RHEV, VMWare,
and Kubevirt.
* Content views have been improved with many bug fixes, performance
improvement, and the addition of filtering on modules.
* Content syncing has been improved with many fixes, and the ability to add
proxy definitions to each product in Satellite.
* The installation process has been improved to include better tuning
defaults and several other bug fixes.
* Subscription Management has been improved with many bug fixes in
Satellite, new reporting, as well as in the inventory upload plugin which
allows customers to view their inventory in Subscription Watch at
cloud.redhat.com
* Security improvements include the ability to impersonate another user,
and the introduction of integration with Red Hat SSO using openid connect.
The items above are not a complete list of changes. This update also fixes
several bugs and adds various enhancements. Documentation for these changes
is available from the Release Notes document linked to in the References
section.
https://access.redhat.com/security/cve/CVE-2019-0231 https://access.redhat.com/security/cve/CVE-2019-10086 https://access.redhat.com/security/cve/CVE-2019-12086 https://access.redhat.com/security/updates/classification/#important
Red Hat Satellite Capsule 6.7:
Source:
ansible-runner-1.3.4-2.el7ar.src.rpm
ansiblerole-foreman_scap_client-0.0.3-1.el7sat.src.rpm
ansiblerole-insights-client-1.7.1-1.el7sat.src.rpm
ansiblerole-satellite-receptor-installer-0.6.4-1.el7sat.src.rpm
createrepo_c-0.7.4-1.el7sat.src.rpm
foreman-1.24.1.21-1.el7sat.src.rpm
foreman-bootloaders-redhat-201901011200-1.el7sat.src.rpm
foreman-discovery-image-3.5.4-8.el7sat.src.rpm
foreman-installer-1.24.1.20-1.el7sat.src.rpm
foreman-proxy-1.24.1-1.el7sat.src.rpm
foreman-selinux-1.24.1-1.el7sat.src.rpm
future-0.16.0-11.el7sat.src.rpm
gofer-2.12.5-7.el7sat.src.rpm
hfsplus-tools-332.14-12.el7.src.rpm
katello-3.14.0-6.el7sat.src.rpm
katello-certs-tools-2.6.0-1.el7sat.src.rpm
katello-client-bootstrap-1.7.4-1.el7sat.src.rpm
katello-selinux-3.1.1-2.el7sat.src.rpm
kobo-0.5.1-1.el7sat.src.rpm
libmodulemd-1.7.0-1.pulp.el7sat.src.rpm
libsolv-0.7.4-4.pulp.el7sat.src.rpm
libwebsockets-2.4.2-2.el7.src.rpm
livecd-tools-20.4-1.6.el7sat.src.rpm
mod_xsendfile-0.12-11.el7sat.src.rpm
ostree-2017.1-2.atomic.el7.src.rpm
pulp-2.21.0-1.el7sat.src.rpm
pulp-docker-3.2.5-1.el7sat.src.rpm
pulp-katello-1.0.3-1.el7sat.src.rpm
pulp-ostree-1.3.1-2.el7sat.src.rpm
pulp-puppet-2.21.0-1.el7sat.src.rpm
pulp-rpm-2.21.0.4-1.el7sat.src.rpm
Read the Full Advisory
An update is now available for Red Hat Satellite 6.7 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Red Hat Satellite 6.7 - noarch, x86_64
Red Hat Satellite Capsule 6.7 - noarch, x86_64
1201146 - [RFE] Ability for Satellite 6 to provision systems in Microsoft Azure cloud
1215390 - [RFE] Add option "deployment size" to tune system properly
1336437 - [RFE] Set Disk Interface when creating new VMs in RHEV Compute Resource
1343707 - Drop down menu for composite content view versions are not sorted
1367549 - When a Discovered Host is converted to a Managed Host the IP address is not changed to fall within the subnet range
1378442 - [RFE] Unable to upload source RPM packages
1424922 - Search filter disappears when deleting a host.
1468388 - [RFE] Tasks: allow for searching of tasks by 'user'
1468742 - [RFE] Allow Satellite user to choose between VNC, SPICE for Display type on RHEV compute resources
1474311 - [RFE] add "elapsed time" column to task page for tasks
1479765 - [RFE] Commands for creating, updating and deleting compute profiles and attributes
1486353 - [RHEV] VirtIO serial console option gets disabled when Host parameters are updated
1495335 - Capsule Sync Optimized sync starts task with the error message 'undefined method '[]' for nil:NilClass(NoMethodError)'
1503059 - Primary interface being a bond creates invalid host interfaces
1511254 - Host search using OR on facts finds duplicate records and takes a long time
1517257 - Rhev host updation, memory field greyed but still editable
1528193 - subscription-manager register facts create duplicate interface with wrong mac for bond
Get the latest Linux and open source security news straight to your inbox.