security advisorymoderateupdate
This is a primarily maintenance update. Please see the attached bugs for more specific details on what has improved as far as stability is concerned. There is also a larger new feature which is being released in concert with work being done in Katello / Foreman. Subscription-manager has a concept of a package- profile. This contains information on all installed rpm packages for the system. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-075821dc8f 2018-11-15 03:13:27.032145 --------------------------------------------------------------------------------Name : subscription-manager Product : Fedora 29 Version : 1.24.2 Release : 1.fc29 URL : https://www.candlepinproject.org/ Summary : Tools and libraries for subscription and repository management Description : The Subscription Manager package provides programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. --------------------------------------------------------------------------------Update Information: This is a primarily maintenance update. Please see the attached bugs for more specific details on what has improved as far as stability is concerned. There is also a larger new feature which is being released in concert with work being done in Katello / Foreman. Subscription-manager has a concept of a package-profile. This contains information on all installed rpm packages for the system on which it is running. We have expanded this reporting capability to include information on enabled and installed modules from modulemd as well as to report on which repositories this system has enabled presently. This information is combined into a group of reports and submitted to the same endpoint on Katello / Foreman. The new request is a PUT to /consumers/{consumer_uuid}/profiles. This is done only when the string "combined_reporting" in the managerCapabilities key of theresponse to a GET /status. The old just rpm profile reporting is still done as a PUT to /consumers/{consumer_uuid}/packages. This is at this point only done if the server side does not support the new capability. More will likely be added in the future to further expand on this capability of reporting. --------------------------------------------------------------------------------ChangeLog: * Mon Nov 5 2018 Christopher Snyder 1.24.2-1 - 1645205: Do not update ent certs inside containers (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1633304: Disable zypper product-id plugin. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fedora documentation guidelines favor global over define. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Show installed profiles only for enabled modules (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1631339: Fix os.errno issue (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add a missing comma in test_cache (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add module enabled and disabled information (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1636381: Fix up our detection of missing org for service-level list (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1616403: Better handling of missing locale use (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1636381: Handle case of nonexistant org (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add scripts to setup local development environment (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1633380: Add syspurpose compliance status cache - Altered the syspurpose compliance status connection call to use the /consumers/{uuid}/purpose_compliance API instead of fetching the consumer object and reading the syspurpose compliance field off of it. - Added new syspurpose compliance status cache saved in /var/lib/rhsm/cache/syspurpose_compliance_status.json similar to the entitlement status cache. - When the server is unreachable, we don't traceback, but rather use the new cache value instead. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1639625: Tolerate server missing syspurpose fields (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1639086: Fix vendor comparison (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Includes the installed module profiles (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1623390: Fix unregistered messaging in syspurpose (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1637183:Replace redhat-uep.pem properly (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1632797: Only save SLA set during register or attach if specified (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Updated how syspurpose handles unsetting values (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Update man page for report_package_profile option (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Automatic commit of package [subscription-manager] release [1.24.1-1]. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1616366: Use LANG from environment (This email address is being protected from spambots. You need JavaScript enabled to view it.) - syspurpose no longer supresses JSON malformation errors (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Rename zypper plugin to rhsm (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1632384: Sync SLA regardless of capability: (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1621783: Updated syspurpose fields to match expected values (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1632248: User should be able to set/unset while not registered (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1633575: Update error message when syspurpose is not supported by server (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1614925: Fix grammar (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Oct 15 2018 Christopher Snyder 1.24.1-1 - Rename zypper plugin to rhsm (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1632384: Sync SLA regardless of capability: (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1621783: Updated syspurpose fields to match expected values (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1633575: Update error message when syspurpose is not supported by server (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1614925: Fix grammar (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Added support of modulemd to combined profile; ENT-834 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1620136: dnf plugin deletes prod cert as expected; ENT-773 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1615944: Show help when no args are provided (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1614943: Fix bytes/unicode handling of dmi data (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1618825: Rename de_DE.po and es_ES.po (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Combined profile: WIP enabled repos (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Added list of enabled repos to combined profile; ENT-833 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1607955: WIP: polishing PR with bug fix of release --list (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fixed name of capability and added two unit tests. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Explict requiresadded for package we use directly (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1581410: Eliminate potential for circular dependency (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1631076: subscription-manager rpm now requires python3-syspurpose (This email address is being protected from spambots. You need JavaScript enabled to view it.) - For tito build, clean the yarn cache (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix ubuntu compat for virt-who travis runs (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix RPMDiff issue with multilib (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Use Combined Profile reporting (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1629073: No python3-dmidecode on aarch64, ppc64le (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Simplify and fix subpackages logic (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1614653: Update intermediate CA (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix spelling to capitalize Workstation properly (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1607955: Try to use all entitlement certs for connection with CDN (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Use pre-provisioned centos7 box (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Vagrant: use ansible-role-subman-devel via galaxy (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Vagrant: skip provisioning if var needs_provision is false (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Sep 10 2018 Christopher Snyder 1.24.0-1 - Use the "service_level_agreement" attribute for the SlaCommand (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1623262: Make automatic enablement of yum plugins working again; ENT-820 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Start releasing to f29 (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Thu Aug 30 2018 Christopher Snyder 1.23.4-1 - 1600694: Log dbus exception tracebacks at the debug level (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1623368: Register a system without a syspurpose.json file (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Revert "Add sles version to dist" (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1596699: Handle non-existant rhsm-debug destination (ENT-780) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Sync system purpose for sub-man subcommands (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add man page for syspurpose. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1613968: DNF product-id plugin can install product cert; ENT-789 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add sles version to dist (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove extraneous include in setup() (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Updated translations(This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1596001: Change syspurpose import error log level to debug level (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1602702: rhsmcertd did not close lock file; ENT-736 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Adds the addons set of commands to syspurpose (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1581445: ENT-564: rhsm configuration manage_repos is not working on RHEL8 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix time stamps of pyc files (This email address is being protected from spambots. You need JavaScript enabled to view it.) --------------------------------------------------------------------------------References: [ 1 ] Bug #1553266 - Oops! in subscription-manager-cockpit TypeError: f.GetStatus is not a function https://bugzilla.redhat.com/show_bug.cgi?id=1553266 [ 2 ] Bug #1434493 - CVE-2017-2663 subscription-manager: unsafe dbus interface [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1434493 [ 3 ] Bug #1612282 - Man page scan results for subscription-manager https://bugzilla.redhat.com/show_bug.cgi?id=1612282 [ 4 ] Bug #1564735 - subscription-manager-rhsm subpackage has been dropped on Fedora 27 https://bugzilla.redhat.com/show_bug.cgi?id=1564735 [ 5 ] Bug #1505955 - claims "subscription required" which is false on Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1505955 [ 6 ] Bug #1156510 - [rfe] use dnf instead of yum (if dnf is installed) https://bugzilla.redhat.com/show_bug.cgi?id=1156510 [ 7 ] Bug #1446256 - [RFE] Too large dependency chain https://bugzilla.redhat.com/show_bug.cgi?id=1446256 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-075821dc8f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora System Alert: A new update is available, delivering vital improvements for subscription-manager and notable stability upgrades to ensure security and performance. Fedora 29, Package Reporting, Subscription Management, Update Advisory. . Severity: Informational. LinuxSecurity.com Team
Nov 15, 2018
•Informational
Fedora
Refine advisories
