security advisoryupdateFedora
This is a primarily maintenance update. Please see the attached bugs for more specific details on what has improved as far as stability is concerned. There is also a larger new feature which is being released in concert with work being done in Katello / Foreman. Subscription-manager has a concept of a package- profile. This contains information on all installed rpm packages for the system. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-91ba32a0ff 2018-11-15 02:11:49.508849 --------------------------------------------------------------------------------Name : subscription-manager Product : Fedora 27 Version : 1.24.2 Release : 1.fc27 URL : https://www.candlepinproject.org/ Summary : Tools and libraries for subscription and repository management Description : The Subscription Manager package provides programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. --------------------------------------------------------------------------------Update Information: This is a primarily maintenance update. Please see the attached bugs for more specific details on what has improved as far as stability is concerned. There is also a larger new feature which is being released in concert with work being done in Katello / Foreman. Subscription-manager has a concept of a package-profile. This contains information on all installed rpm packages for the system on which it is running. We have expanded this reporting capability to include information on enabled and installed modules from modulemd as well as to report on which repositories this system has enabled presently. This information is combined into a group of reports and submitted to the same endpoint on Katello / Foreman. The new request is a PUT to /consumers/{consumer_uuid}/profiles. This is done only when the string "combined_reporting" in the managerCapabilities key of theresponse to a GET /status. The old just rpm profile reporting is still done as a PUT to /consumers/{consumer_uuid}/packages. This is at this point only done if the server side does not support the new capability. More will likely be added in the future to further expand on this capability of reporting. ----Numerous bug fixes. Please see the rpm changelog for details. --------------------------------------------------------------------------------ChangeLog: * Mon Nov 5 2018 Christopher Snyder 1.24.2-1 - 1645205: Do not update ent certs inside containers (csnyder@redhat.com) - 1633304: Disable zypper product-id plugin. (awood@redhat.com) - Fedora documentation guidelines favor global over define. (awood@redhat.com) - Show installed profiles only for enabled modules (paji@redhat.com) - 1631339: Fix os.errno issue (rob@sandersmail.eu) - Add a missing comma in test_cache (nmoumoul@redhat.com) - Add module enabled and disabled information (paji@redhat.com) - 1636381: Fix up our detection of missing org for service-level list (csnyder@redhat.com) - 1616403: Better handling of missing locale use (wpoteat@redhat.com) - 1636381: Handle case of nonexistant org (nmoumoul@redhat.com) - Add scripts to setup local development environment (khowell@redhat.com) - 1633380: Add syspurpose compliance status cache - Altered the syspurpose compliance status connection call to use the /consumers/{uuid}/purpose_compliance API instead of fetching the consumer object and reading the syspurpose compliance field off of it. - Added new syspurpose compliance status cache saved in /var/lib/rhsm/cache/syspurpose_compliance_status.json similar to the entitlement status cache. - When the server is unreachable, we don't traceback, but rather use the new cache value instead. (nmoumoul@redhat.com) - 1639625: Tolerate server missing syspurpose fields (khowell@redhat.com) - 1639086: Fix vendor comparison (hyu@redhat.com) - Includes the installed module profiles (paji@redhat.com) - 1623390: Fixunregistered messaging in syspurpose (khowell@redhat.com) - 1637183: Replace redhat-uep.pem properly (khowell@redhat.com) - 1632797: Only save SLA set during register or attach if specified (csnyder@redhat.com) - Updated how syspurpose handles unsetting values (crog@redhat.com) - Update man page for report_package_profile option (nmoumoul@redhat.com) - Automatic commit of package [subscription-manager] release [1.24.1-1]. (csnyder@redhat.com) - 1616366: Use LANG from environment (csnyder@redhat.com) - syspurpose no longer supresses JSON malformation errors (crog@redhat.com) - Rename zypper plugin to rhsm (khowell@redhat.com) - 1632384: Sync SLA regardless of capability: (nmoumoul@redhat.com) - 1621783: Updated syspurpose fields to match expected values (crog@redhat.com) - 1632248: User should be able to set/unset while not registered (csnyder@redhat.com) - 1633575: Update error message when syspurpose is not supported by server (csnyder@redhat.com) - 1614925: Fix grammar (csnyder@redhat.com) * Mon Oct 15 2018 Christopher Snyder 1.24.1-1 - Rename zypper plugin to rhsm (khowell@redhat.com) - 1632384: Sync SLA regardless of capability: (nmoumoul@redhat.com) - 1621783: Updated syspurpose fields to match expected values (crog@redhat.com) - 1633575: Update error message when syspurpose is not supported by server (csnyder@redhat.com) - 1614925: Fix grammar (csnyder@redhat.com) - Added support of modulemd to combined profile; ENT-834 (jhnidek@redhat.com) - 1620136: dnf plugin deletes prod cert as expected; ENT-773 (jhnidek@redhat.com) - 1615944: Show help when no args are provided (csnyder@redhat.com) - 1614943: Fix bytes/unicode handling of dmi data (khowell@redhat.com) - 1618825: Rename de_DE.po and es_ES.po (awood@redhat.com) - Combined profile: WIP enabled repos (jhnidek@redhat.com) - Added list of enabled repos to combined profile; ENT-833 (jhnidek@redhat.com) - 1607955: WIP: polishing PR with bug fix of release --list (jhnidek@redhat.com) - Fixed name ofcapability and added two unit tests. (jhnidek@redhat.com) - Explict requires added for package we use directly (wpoteat@redhat.com) - 1581410: Eliminate potential for circular dependency (awood@redhat.com) - 1631076: subscription-manager rpm now requires python3-syspurpose (nmoumoul@redhat.com) - For tito build, clean the yarn cache (khowell@redhat.com) - Fix ubuntu compat for virt-who travis runs (khowell@redhat.com) - Fix RPMDiff issue with multilib (jhnidek@redhat.com) - Use Combined Profile reporting (jhnidek@redhat.com) - 1629073: No python3-dmidecode on aarch64, ppc64le (khowell@redhat.com) - Simplify and fix subpackages logic (khowell@redhat.com) - 1614653: Update intermediate CA (khowell@redhat.com) - Fix spelling to capitalize Workstation properly (bcourt@redhat.com) - 1607955: Try to use all entitlement certs for connection with CDN (jhnidek@redhat.com) - Use pre-provisioned centos7 box (khowell@redhat.com) - Vagrant: use ansible-role-subman-devel via galaxy (khowell@redhat.com) - Vagrant: skip provisioning if var needs_provision is false (khowell@redhat.com) * Mon Sep 10 2018 Christopher Snyder 1.24.0-1 - Use the "service_level_agreement" attribute for the SlaCommand (csnyder@redhat.com) - 1623262: Make automatic enablement of yum plugins working again; ENT-820 (jhnidek@redhat.com) - Start releasing to f29 (csnyder@redhat.com) * Thu Aug 30 2018 Christopher Snyder 1.23.4-1 - 1600694: Log dbus exception tracebacks at the debug level (csnyder@redhat.com) - 1623368: Register a system without a syspurpose.json file (jhnidek@redhat.com) - Revert "Add sles version to dist" (cnsnyder@users.noreply.github.com) - 1596699: Handle non-existant rhsm-debug destination (ENT-780) (nmoumoul@redhat.com) - Sync system purpose for sub-man subcommands (jhnidek@redhat.com) - Add man page for syspurpose. (awood@redhat.com) - 1613968: DNF product-id plugin can install product cert; ENT-789 (jhnidek@redhat.com) - Add sles version to dist (jsherril@redhat.com) -Remove extraneous include in setup() (khowell@redhat.com) - Updated translations (csnyder@redhat.com) - 1596001: Change syspurpose import error log level to debug level (csnyder@redhat.com) - 1602702: rhsmcertd did not close lock file; ENT-736 (jhnidek@redhat.com) - Adds the addons set of commands to syspurpose (csnyder@redhat.com) - 1581445: ENT-564: rhsm configuration manage_repos is not working on RHEL8 (jhnidek@redhat.com) - Fix time stamps of pyc files (csnyder@redhat.com) * Mon Aug 13 2018 Christopher Snyder 1.23.3-1 - 1606435: Rename the async module for compatibility with python 3.7; ENT-737 (csnyder@redhat.com) - Cockpit/Syspurpose service integration fix (aparadka@redhat.com) - Display both new and old value in syspurpose diff message (csnyder@redhat.com) - Fix sending single value of addons. (jhnidek@redhat.com) - Fix synchronization of usage with candlepin (jhnidek@redhat.com) - 1596294: Fix displayin RHSM Spoke in Initial Setup (jhnidek@redhat.com) - Syspurpose field value lists [ENT-766] (wpoteat@redhat.com) - ENT-717: Syncing of syspurpose store with candlepin (jhnidek@redhat.com) - 1609048: Replacement of imp module with importlib; ENT-758 (jhnidek@redhat.com) * Fri Aug 3 2018 Christopher Snyder 1.23.2-1 - Move "nose" to test requirements for syspurpose (csnyder@redhat.com) * Fri Aug 3 2018 Christopher Snyder 1.23.1-1 - Integrate Syspurpose DBus Signal with Cockpit (aparadka@redhat.com) - Change usage_type to usage (csnyder@redhat.com) - ENT-715 Sync syspurpose with server (csnyder@redhat.com) - 1609052: DNF Plugin needs config initiated earlier (wpoteat@redhat.com) - 1608963: Minimize packaging for python 3 (wpoteat@redhat.com) - Improve test setup for syspurpose tests. (awood@redhat.com) - Two simple fixes for syspurpose (jhnidek@redhat.com) - Raise ioerr when necessary during sp read (csnyder@redhat.com) - ENT-720 Adds the addons subcommand (csnyder@redhat.com) - 1602056: Added role subcommand ENT-719 (jhnidek@redhat.com) - Replacelsb-release in spec and Makefile (khowell@redhat.com) - Mock out syspurpose code from being executed in subman tests (csnyder@redhat.com) - ENT-584 syspurpose UTF-8 support & better formatting - All syspurpose operations now support UTF-8 - syspurpose.json now has user-friendly indentation (nmoumoul@redhat.com) - ENT-446 Report systempurpose on registration (csnyder@redhat.com) - 1512944: Fix up remaining python2 deps ENT-724 (csnyder@redhat.com) - ENT-721: Usage command (wpoteat@redhat.com) - ENT-590 Enhanced SyspurposeStore add/remove operations - 'add' will now not override an existing value that was added by the 'set' command, but it will be maintained and added in a list along with the newly added value. - 'add' will now not add an element to a list if the list already contains it (no duplicates). - 'remove' will now unset the current value, if that turns out to be scalar instead of being contained in a list. (nmoumoul@redhat.com) - Move syspurpose out of packages directory. (awood@redhat.com) - Correct small problems in syspurpose. (awood@redhat.com) - ansible vagrant QOL fixes (khowell@redhat.com) - ENT-723: Add System Purpose Status to System Status output (wpoteat@redhat.com) - Improve debug logging for release listing (khowell@redhat.com) - Remove other references to python-kitchen. (awood@redhat.com) - Make build_ext a proper dependency. (awood@redhat.com) - Add zanata.xml configuration file and gettext keys.pot (awood@redhat.com) - Move clean command to common build_ext module. (awood@redhat.com) - Only gather optparse strings in subscription-manager. (awood@redhat.com) - Move syspurpose source files to be under package directory. (awood@redhat.com) - Look for source files based on package directory locations. (awood@redhat.com) - Add gettext calls to syspurpose. (awood@redhat.com) - Load build_ext i18n commands in setup.py (awood@redhat.com) - Integrate Dbus signals with Cockpit GUI (aparadka@redhat.com) - Do not install subman-gui from setup.pyby default (khowell@redhat.com) - ENT-591 Handle when syspurpose.json is missing & create it. (nmoumoul@redhat.com) - Fix indeterminate unit test failure. (awood@redhat.com) - Removal of python-kitchen (wpoteat@redhat.com) - ENT-731 Replaced syspurpose 'offerings' commands with 'role': - Removed commands 'add-offerings', 'remove-offerings', 'unset-offerings' - Added commands 'set-role' and 'unset-role' (nmoumoul@redhat.com) - ENT-589 Intentctl -> syspurpose (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-710: Add three_way_merge utility function (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-477: Add signal EntitlementsChanged (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-476: Add signal InstalledProductsChanged (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1594733: Fix GetStatus in com.redhat.RHSM1.Entitlement ENT-641 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Make vagrant setup more flexible (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-475: Add signal ConfigChanged (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1581777: Reraise exception properly. ENT-566 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Replace curly quote with straight quote (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add implementation of filesystem watcher (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1581410: ENT-572: subman should require dnf-plugin-subscription-manager (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-478 com.redhat.RHSM1.Consumer D-Bus service object (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1576423: Polished changes provided in #1816 and added unit test. (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Fri Jun 22 2018 Christopher Snyder 1.22.1-1 - 1571998: Ignore HTB repos (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1589296: subman list option --after now named --afterdate (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1558411: Begin building dnf-plugin-subscription-manager for RHEL 7 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Use constant defined in cerdirectory.py. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1553266: When d-bus methods are unavailable, show appropriate message. * Added a "safe call" mechanism that makes the initial dbus calls (entitlementService, configService, productsService) only if the service is available, tries to restart the rhsm service if possible, and otherwise failing gracefully.* Added new UI curtain that provides a meaningful message and advice to the end user. * Re-added utility method statusUpdateFailed that was accidentally deleted. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1580996: Fix comparision of objects in Python 3 (ENT-578) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Make xauth Idempotent again (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fixes missing locale issues while running nosetests (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove freezegun (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1576582: Make rhsm.full_fresh_on_yum=1 working again (ENT-534) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ansible-fix: fixed ansible failing during vagrant up (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Update the license of the subman-cockpit-plugin to GPLv2 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1510920: Allow access to job cancellation API (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-447 Add icons to RPM package for subman cockpit plugin (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Fri Jun 8 2018 Christopher Snyder 1.22.0-1 - Remove F26 from releasers (Fedora 26 EOL) (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Thu Jun 7 2018 Christopher Snyder 1.21.5-1 - Fix python-rhsm Provides and Obsoletes (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1568609: Updated man page for --after list option (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Get Initial Setup Addon to run during installation in Vagrant (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-447 Create .desktop file that opens web page with our cockpit plugin (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-481 service-level command & options now update syspurpose metadata (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1560727: Search for proxy auth message in whole error string (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1555384: get_libexecdir now returns a string instead of bytes (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Added generic set/unset and add/remove commands to syspurpose (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ENT-488 syspurpose now warns if running in container (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1574706: Create python2-subscription-manager-rhsm properly (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Automatic rebuilding of updates.img on PXE Server (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1574529: Fix rhsmcertd integer overflow on i386 & i686 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Respectingproxy port configured in rhsm.conf (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue May 1 2018 Christopher Snyder 1.21.4-3 - Add dist back to release (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue May 1 2018 Christopher Snyder 1.21.4-2 - Add missing buildrequires to fix upstream fedora python2 builds (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue May 1 2018 Christopher Snyder 1.21.4-1 - Stop building subscription-manager-gui, when Python 3 is used (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove kitchen from install_requires (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Wed Apr 25 2018 Christopher Snyder 1.21.3-1 - 1439645: Perform a full entitlement refresh in the yum/dnf/zypper plugins (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1527727: Add proc_stat.btime fact (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1568214: rhsmcertd no longer uses reload on py3 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1559227: Do not use str format for python 2.6 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1425766: Additional message in status to indicate content access (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Adds a new cli utility 'syspurpose' (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1559227: Do not log Error messages for missing identity cert/key (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1458159: python-dmidecode bug fix requires specific RPM release. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - fix for proxy-server provisioning - resolving of 'candlepin.' (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1458159: Require latest version of python-dmidecode (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1551044: Add the option to build both python{3,2}-subscription-manager-rhsm (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1559743: Reduce log level of network address fact collection to debug (This email address is being protected from spambots. You need JavaScript enabled to view it.) - added a vagrant section for a VM for proxy-server (This email address is being protected from spambots. You need JavaScript enabled to view it.) - ansible role rhsm-services and TESTING.md document (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix updates.img to include required Python packages (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Do not remove existing zypper repos when disconnected (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Apply updates.img druing PXE boot (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Do not use private network addresses for vagrant hostmanager (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Adds tool to make updates.img file for use with anaconda(This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1554482: Reenable RHUI support (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix building on SLES 11 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Added PXE BOOT client to the Vagrant setup (This email address is being protected from spambots. You need JavaScript enabled to view it.) - New Vagrant file for creating PXEBOOT server (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1551386: Cannot put unicode into gtk for button label (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1551465: Fix unicode decode issue on py 2.6 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove unneeded spec file directives (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue Feb 27 2018 Alex Wood 1.21.2-3 - Add missing dist macro to release * Mon Feb 26 2018 Alex Wood 1.21.2-2 - Remove %clean section (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove BuildRoot definition (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Feb 26 2018 Alex Wood 1.21.2-1 - 1547354: Add missing requires for python-kitchen (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1528625: Prevent dmidecode failure from returning None (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1543639: Properly encode package profile data (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1527396: Subman cockpit plugin - fix registration using act. keys (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1535974: Close register dialog, when status is changed (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add start date to available pool listing (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Condition requiring --after and --all is unnecessary (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1510024: Handle rhel-alt product tags properly (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1540204: Raise RateLimitExceededException with headers (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1533905: Remove dependency on yum and chkconfig. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1479353: Add --after option to list command (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1537473: Subman rpm requires python-setuptools (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1525238: Do not protect rhel prod. cert with special case (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1526622: Do not delete product certificates in protected directory (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1519512: Handle non-UTF8 RPM vendors (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1487600: Fix registration success detection (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1527813: subman-gui use new URL of Online Documentation (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1527392: Clearcredential data in register dialog (This email address is being protected from spambots. You need JavaScript enabled to view it.) - rct cat-manifest: show Web and API urls from consumer.json (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Use dnf on RHEL or Fedora w/ using Python 3 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1507030: RestlibExceptions should show they originate server-side (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Package for Python 3 on Fedora (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Fri Feb 9 2018 Fedora Release Engineering - 1.21.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild * Thu Jan 11 2018 Alex Wood 1.21.1-1 - Do not enable gpgcheck if the only a metadata gpg key is configured (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1448313: Do not log error, when rhsmcertd is restarted (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Support configuration of a repo metadata signing key (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Generate bin scripts via setuptools entry_points (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1304056: Fix D-Bus path of com.redhat.RHSM1.Facts (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1516439: Cockpit reports error during unregister when candlepin unavailable (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1510727: Enable starting of subman GUI, when consumer has been deleted (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Dec 11 2017 Kevin Howell 1.20.8-1 - Sync zanata translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add parameter to D-Bus API to pass locale for localization of errors (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1463765: Fix wrong Indic-language translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1487600: Cockpit - Save configuration from register dialog (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1464571: Improve multiple product certs errors (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Replace cockpit-subscriptions (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1507158: Provide Host: in http CONNECT header (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1319927: Remove newline from auto enable message (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue Nov 28 2017 Kevin Howell 1.20.7-1 - Sync zanata translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Tue Nov 28 2017 Kevin Howell 1.20.6-1 - Sync zanata translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1514067: Call virt-what using absolute path (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1487688: Load config settings for cockpit plugin(This email address is being protected from spambots. You need JavaScript enabled to view it.) - Added dependencies to cockpit-bridge and cockpit-shell. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1462456: Flush stdout and stderr on more places (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1491842: fixed typo in man page. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1508591: Removed python-rhsm from subscription-manager version (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1421010: Subman-GUI shows error dialog (wrong proxy settings) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1500106: subscription-manager status --ondate do not ignore date (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1506970: Fixed default custom URL in cockpit plugin (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Thu Nov 2 2017 Kevin Howell 1.20.5-1 - Sync zanata translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Cockpit - listing of installed products using patternfly-react (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1508457: Bump versions in python-rhsm obsoletes (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Implement fallback for settimeout on old m2crypto (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Cockpit: reconcile translated strings (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Cockpit: use translations from root dir (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Oct 30 2017 Kevin Howell 1.20.4-1 - Fix cockpit tgz path in spec file (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Oct 30 2017 Kevin Howell 1.20.3-1 - Cockpit: Implement modal dialog (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Implement bootstrap-select component (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Port cockpit subscriptions-client to dbus (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Move python-rhsm build into subscription-manager (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1354667: Add identity cert detection to proxy error message generation (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1501889: Enable yum plugins after sub-man subcommand is executed (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1477958: Use inotify for checking changes of consumer certs (This email address is being protected from spambots. You need JavaScript enabled to view it.) * Mon Oct 9 2017 Kevin Howell 1.20.2-1 - Sync zanata translations (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Bump python-rhsm requirement to 1.20.2 (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1448313: Do not log error, when rhsm_icon.json does not exist (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1354667: Better message for proxy/identity cert issue (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1489917: Morerobust reading of yum plugin file (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1491842: Add man page doc for [rhsm] auto_enable_yum_plugins (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1493711: Fix --matches option for the list command. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1476817: Set network.ipv4_address properly, when DNS misconfigured. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1483746: Force UTF-8 encoding in rhsm-service (This email address is being protected from spambots. You need JavaScript enabled to view it.) - rename RepoFile to YumRepoFile (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1466453: [RFE] rhn-migrate-classic-to-rhsm auto-enable yum plugins (This email address is being protected from spambots. You need JavaScript enabled to view it.) - D-Bus service for removing entitlements (all/ID/serial num.) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1489917: More robust reading of yum plugin file (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1489877: minor typo in /etc/rhsm/rhsm.conf comment (This email address is being protected from spambots. You need JavaScript enabled to view it.) - restructure RepoFile hierarchy (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1319927: [RFE] sub-man automatically enables yum plugins (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Fix polymorphy for RHSMLogHandler (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1481384: Do not update redhat.repo at RateLimitExceededException (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1485008: subman register --type="RHUI" should work (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1481384: Do not update redhat.repo at RateLimitExceededException (#1685) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Do not attempt to register if already registered. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Integrate registration service into RegisterCommand. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1480659: Properly initialize clean repo copy (This email address is being protected from spambots. You need JavaScript enabled to view it.) - D-Bus service for unregistering system (#1680) (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Add an entitlement service and use it in the CLI and DBus. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Remove unneeded plugin conduit. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Clean up imports in dbus.base_object (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Move certificate persistence into register service itself. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1480395: Force UTF-8 encoding in daemons (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1464571: 'sub-man release' prints error for more prod. certs. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1400326: Better error print, when consumer cert is corrupted (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Reload identity afterregistering. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - Move registration code to a distinct service. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - The get_installed_product_status() is now method of InstalledProducts, small changes, refactoring. (This email address is being protected from spambots. You need JavaScript enabled to view it.) - D-Bus service for listing installed products (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1461003: Deprecate --type option on register command (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1462928: Reset status after connection validation (This email address is being protected from spambots. You need JavaScript enabled to view it.) - 1330036: Better status error message for initial-setup (This email address is being protected from spambots. You need JavaScript enabled to view it.) --------------------------------------------------------------------------------References: [ 1 ] Bug #1553266 - Oops! in subscription-manager-cockpit TypeError: f.GetStatus is not a function https://bugzilla.redhat.com/show_bug.cgi?id=1553266 [ 2 ] Bug #1434493 - CVE-2017-2663 subscription-manager: unsafe dbus interface [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1434493 [ 3 ] Bug #1612282 - Man page scan results for subscription-manager https://bugzilla.redhat.com/show_bug.cgi?id=1612282 [ 4 ] Bug #1564735 - subscription-manager-rhsm subpackage has been dropped on Fedora 27 https://bugzilla.redhat.com/show_bug.cgi?id=1564735 [ 5 ] Bug #1505955 - claims "subscription required" which is false on Fedora https://bugzilla.redhat.com/show_bug.cgi?id=1505955 [ 6 ] Bug #1156510 - [rfe] use dnf instead of yum (if dnf is installed) https://bugzilla.redhat.com/show_bug.cgi?id=1156510 [ 7 ] Bug #1598514 - [RFE] Set owner/group/umask for /etc/pki/entitlement/ certs https://bugzilla.redhat.com/show_bug.cgi?id=1598514 [ 8 ] Bug #1446256 - [RFE] Too large dependency chain https://bugzilla.redhat.com/show_bug.cgi?id=1446256 [ 9 ] Bug #1555384 - Broken Exec= line in com.redhat.SubscriptionManager.service https://bugzilla.redhat.com/show_bug.cgi?id=1555384 [ 10 ] Bug #1547354 - subscription-manager is missing dependency on "python2-kitchen" on f27 https://bugzilla.redhat.com/show_bug.cgi?id=1547354 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-91ba32a0ff' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Latest subscription-manager upgrade for Fedora enhances reliability, analytics, and introduces fresh capabilities alongside various bug resolutions.. subscription-manager update,Fedora security update,repository management bug fixes. . Severity: Critical. LinuxSecurity.com Team
Nov 15, 2018
•Critical
Fedora
Refine advisories
