Related Vulnerabilities: CVE-2016-4457 CVE-2017-2639 CVE-2016-4457 CVE-2016-4457 CVE-2017-2639

Source

Synopsis

Moderate: CFME 5.8.0 security, bug, and enhancement update

Type/Severity

Security Advisory: Moderate

Topic

An update is now available for CloudForms Management Engine 5.8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.

Security Fix(es):

CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks. (CVE-2016-4457)
It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms. (CVE-2017-2639)

The CVE-2016-4457 issue was discovered by Simon Lukasik (Red Hat).

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Technical Notes document linked to in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted after installing this update.

Affected Products

Red Hat CloudForms 4.5 x86_64

Fixes

BZ - 1223120 - [RFE] Add TRACE option to EMS refresh
BZ - 1226456 - [RFE][api] Add support for creation of Catalog Item/Bundle (service_templates)
BZ - 1298675 - Make All links working on dashboard tab
BZ - 1321616 - Registering CloudForms with RHN through a proxy fails to update /etc/rhsm/rhsm.conf
BZ - 1324610 - Change Cluser/Deployment Roles to Resource Pools on cluster summary page
BZ - 1341308 - CVE-2016-4457 CFME: default certificate used across all installs
BZ - 1342790 - Disable Smart State Analysis button when no SmartProxy server is found
BZ - 1348239 - [RFE] Catalog Item Type in Service Catalog item disappears and therefore is unknown after service catalog item creation
BZ - 1361720 - appliance_console displays warning messages.
BZ - 1365253 - Self-service UI "My Requests" summary page is missing "Last Message" field
BZ - 1373850 - [RFE] it's impossible to Provision VMs if VMs view is opened through Providers or Clusters,etc. views
BZ - 1375737 - IPv6 addresses not rendered on details page
BZ - 1375740 - IPv6 addresses not selectable field for reports
BZ - 1379843 - [RFE] cloud network list should have policy/tags button
BZ - 1380534 - Service : "Remove Catalog items" needs to be replaced with "remove catalogs"
BZ - 1380728 - [RFE] Azure Instance provisioning doesn't reuse Public ip
BZ - 1381712 - Service designer : Delete profile does not work
BZ - 1382714 - Dashboard widgets don't really zoom in
BZ - 1382724 - Dashboard widgets - tooltip on hover text not always available and doesn't expand strings where available
BZ - 1383307 - Sorting instances in network managers does not work
BZ - 1383611 - Middleware - No way to create new XA Datasource
BZ - 1384122 - Setting memory_reserve lower than vm_memory failed
BZ - 1384154 - Extract Running Processes no longer works.
BZ - 1386327 - Notification Bell : The blue icon keeps on showing even after all notifications are read
BZ - 1386843 - [RFE] Validate that Hot Plug is enabled when re-configuring a powered-on VMware VM
BZ - 1388411 - [RFE] Limit Topology view tree depth when there are too many objects
BZ - 1389068 - [RFE] Support for custom Amazon Regions in Provider
BZ - 1392391 - no events in timelines for Amazon's Availability Zones though appropriate events are present in db
BZ - 1392822 - [ALL LANG] My Settings - Default Views has missing translations
BZ - 1393294 - Inconsistency with flash message while deleting saved report
BZ - 1393501 - Automate Simulate - does not use input field message.
BZ - 1393530 - "Shutdown Guest" is available from Vm Details menu from "off" state
BZ - 1393820 - [ALL LANG] Optimize - Utilization has untranslated entries
BZ - 1393832 - [ALL LANG] Networks - Networks configuration menu has untranslated entries.
BZ - 1393843 - [ALL LANG] Delete selected Cloud Networks warning message is not translated
BZ - 1394040 - Provider Refresh Status: unknown attribute '_object' for MiddlewareServerGroup
BZ - 1394249 - UX: notification bell should be centered between two lines
BZ - 1394406 - CFME provider OpenStack - missing relation between projects (tenants) and flavors
BZ - 1394558 - Show notification for the user when tenant quota is exceeded.
BZ - 1395270 - [RFE] No option to choose provider type in add new network provider
BZ - 1395371 - While editing a user, "Full Name" field displays "Username" value instead of user's actual Full Name
BZ - 1395518 - Dashboard widgets do not generate content with "By-Group" visibility filter
BZ - 1395618 - Notification Bell : It should also notify about failed provisioning
BZ - 1395742 - Unable to clone SCVMM template.Blank page displayed when clicked on clone template
BZ - 1395826 - No dialog appears when clicking to verifying a new replication subscription with pglogical
BZ - 1396063 - Cloud Intel->Timelines shows several reports selected.
BZ - 1396184 - configuring external auth crashes appliance console 5.7.0.11
BZ - 1396631 - reconfigure cpu cores is not usable on vsphere with hot plug
BZ - 1397171 - cloudforms reports not gathering information for rhev infrastructure providers
BZ - 1397686 - [RFE] Vmware Provisioning Dialog should clearly represent Vlans & DVS in Networking Dialog
BZ - 1398725 - Can't add provider specific catalog items to global region
BZ - 1399526 - [RFE] CRUD actions for Snapshots via REST API
BZ - 1401487 - EC2 "suspended" state while making "Soft Reboot"
BZ - 1401881 - Service Catalog Item Entry Point Tree is missing Red Hat Domain
BZ - 1402818 - After saving default filter in datastores and clearing it infinispinner
BZ - 1402823 - Saving loaded default filter in datastores changes tree view style to old dynatree
BZ - 1403152 - [AWS][SDN] - Cannot edit or create Cloud networks/subnets
BZ - 1403213 - Middleware pages are missing both classic search and advanced search, but they have filters panel
BZ - 1403775 - Middleware - Second Domain - Servers are mixed
BZ - 1404273 - VM selection single vm option should be renamed to single vm/instance
BZ - 1405178 - Duplicate Automate Schema entries doesn't show errors
BZ - 1406945 - Hand pointer in the VM section on service page in SSUI
BZ - 1409791 - WebUI:Tag Visibility - Ansible Tower Job Templates should honor tag visiblity
BZ - 1410802 - Translatable yes/no and on/off labels in check box tag
BZ - 1410910 - When the same action is used twice for a policy, action icons are inconsistent
BZ - 1411112 - Delete / update cloud tenant not reflected in UI in cloud tenant list
BZ - 1412043 - Strange prompt "Enter the Choose option 1-5:" in appliance_console
BZ - 1412573 - Refresh of a template without OS configured fails
BZ - 1414480 - Missing id attribute on Cloud->Instance Edit form, Child VM MultiBoxSelect
BZ - 1414672 - Typo in "Configure database" menu option
BZ - 1414845 - null result when deleting orchestration templates using REST API
BZ - 1414852 - services under /api/services collection are missing "delete" action with "POST" method
BZ - 1414881 - delete action in /api/orchestration_templates results in error
BZ - 1415919 - [RFE] /usr/bin/miq_postgres_upgrade.sh works with y and Y
BZ - 1415934 - Calendar in timeline is clipped
BZ - 1416146 - cannot reference parent_service with href when creating new service via REST API
BZ - 1417267 - Visible flag for service dialogs does not have any effect in the SSUI
BZ - 1417772 - Data on the Optimize->Utilization page doesn't get updated as different item selections are made on the Utilization tree
BZ - 1417774 - Data on the Optimize->Bottlenecks page doesn't get updated as different item selections are made on the Bottlenecks tree
BZ - 1418708 - The option of VM migration to the same host it is already running on is possible
BZ - 1420824 - WebUI - Web Console button is enabled for archived vm's
BZ - 1420934 - Wrong unit used in DB table Utilization graphs
BZ - 1421182 - [RFE] Allow for template network interface type to be overwritten during a provision
BZ - 1421706 - [SDN][Cloud Networks] - undefined method - Advanced search filter
BZ - 1422384 - No domains found in Automation explorer; automate domain reset fails
BZ - 1422449 - Missing Paginator on ems_infra control
BZ - 1422584 - Middleware - Some columns have empty values in lists
BZ - 1422807 - entities under /api/templates collection are missing "delete" action with "POST" method
BZ - 1422996 - Event filter For Openstack::InfraManager
BZ - 1423450 - containers: table "condition" under nodes menu is empty
BZ - 1425068 - Provisioning against amazon fail because of unset flavor variable in best_fit_amazon stock placement method
BZ - 1425206 - Retirement of a Vm or Instance should not delete it from the database
BZ - 1425216 - [RFE] Unify OpenShift Origin and OpenShift Container Platform Providers
BZ - 1425221 - [RFE] The container dashboard graphs must be available as soon as possible
BZ - 1425591 - Unable to create snapshot If there is no active snapshot existing for a VM
BZ - 1425595 - SUI: Deleting All snapshots of a VM from SUI deletes the VM from service
BZ - 1425597 - Extra row of order is shown in SUI
BZ - 1426229 - [RFE] Topology View for Container Projects
BZ - 1426313 - Middleware - EAP6 server icon is default Wfly icon
BZ - 1426486 - Unable to create catalog
BZ - 1426757 - SUI : Left Align Save and Cancel Buttons on all pages in SUI
BZ - 1426758 - SUI : Save button is not enabled in "retire service at date" page
BZ - 1427163 - [RFE] About Screen cannot be rebranded
BZ - 1427200 - evm_watchdog fails to start
BZ - 1427210 - [RFE] Query and Display OpenShift Metrics ad-hoc
BZ - 1427269 - Missing icon on Templates page on SSUI
BZ - 1427275 - Hand pointer without clickable link on SSUI Template page
BZ - 1427278 - Unable to edit Dialogs on SSUI
BZ - 1427338 - entities under /api/service_templates collection are missing "delete" action with "POST" method
BZ - 1427623 - SSUI : Dashboard FIlter should be removed when directly going to the menu
BZ - 1427624 - SSUI : Save on Edited template need to navigate to All templates Page
BZ - 1427930 - Incorrect default repo name shown in ui
BZ - 1428279 - Unable to open ansible credentials
BZ - 1428411 - Ad-hoc Metrics - Tag "Apply" button is disabled after initial selection
BZ - 1428447 - Storage tab cannot be opened
BZ - 1428602 - Wrong default provisioning entry point in ansible tower catalog item
BZ - 1428607 - Service : Ansible service request fails with error "`examine_request': undefined method `name' for nil:NilClass"
BZ - 1428946 - ui controls ignored in Host Comparison
BZ - 1428953 - Cancel button on catalog edit is broken
BZ - 1429178 - Objects List view does not show Provider name/Project
BZ - 1429180 - Containers templates choose - unexpected error
BZ - 1429308 - SUI - Approved Service link on Dashboard does not show correct data
BZ - 1429401 - Update oVirt SDK to version 4.1.z
BZ - 1429410 - After applying filter the title is missing name of filter in Filtered by
BZ - 1429523 - Filters tab is missing in Load balancer
BZ - 1429840 - [RFE] Add new Reports and Widgets for OpenShift Provider
BZ - 1429851 - [Ansible Tower] - icon of Ansible Tower provider is not displayed
BZ - 1429860 - [Ansible Tower] - event catcher errors
BZ - 1429891 - [RFE] Support SSL with Validation (CA) for OpenShift Provider
BZ - 1429964 - [Automate] - unable to import service dialog from yaml
BZ - 1430058 - SUI: Ellipsis sub menu pop up gets clipped on Template page
BZ - 1430077 - SUI : Empty page during Breadcrumb navigation on Dialogs page
BZ - 1430331 - SSUI: Hover text is hiding Download button on Template Summary page.
BZ - 1430374 - Can't add nonpersistant disk to a powered on vm
BZ - 1430405 - Mandatory Hawkular endpoint when adding a new provider
BZ - 1430552 - SUI : Hand pointer without clickable link on power state icon on Service page
BZ - 1430709 - [VMWare] Provision fails if we have common network named DPortGroup
BZ - 1430770 - Error when starting SmartState analysis on Host
BZ - 1431070 - [Ansible Embedded] - Tower string in downloaded files
BZ - 1431257 - icon of delete host button displayed twice in Host Comparison
BZ - 1431629 - undefined method during refresh EmbeddedAnsible Provider
BZ - 1431750 - In GCE provider adding form should be project renamed to Project ID
BZ - 1431865 - [Regression] Service Chargeback costs not displayed on SSUI dashboard
BZ - 1432058 - [RFE] My Settings> Start Page should include Container Menus
BZ - 1432060 - Create snapshot has memory checkbox enabled, even though VM is Down.
BZ - 1432117 - Persistent volume relationship link broken
BZ - 1432185 - [Regression]UI error while switching intervals on host,cluster C&U graphs
BZ - 1432239 - VMDB table name missing on VMDB Summary page
BZ - 1432296 - Container Provider - Capacity & Utilization: The page you were looking for doesn't exist
BZ - 1432485 - Instance/VM quadicon state image is square instead of curved
BZ - 1432686 - Catalog Edit :Either of Cancel and "Do not Save" should be there
BZ - 1432848 - No option to select type while adding Containers Provider
BZ - 1432888 - [RFE] Differentiate Snapshot and Image in OpenStack Image View
BZ - 1432892 - [RFE] OpenStack Operations UI is using Task
BZ - 1432900 - Exception is thrown when an empty report is opened in full screen
BZ - 1433209 - SUI :RBAC: Catalog Menu should be hidden or it should show Dashboard when no permissions
BZ - 1434174 - Tags not sorted while tagging services in SUI
BZ - 1434454 - Existing MiqQueue rows can contain serialized Rails 4.2 era classes we can't deserialize in Rails 5+
BZ - 1434491 - Template table headers moved right
BZ - 1434553 - Policy conditions based on 'VM and Instance.vLANs' field not working
BZ - 1434939 - OpsUI - Ansible - MyServices - Details - Hosts - Does not reflect what was set in the dialog for the Hosts
BZ - 1435004 - evmserverd on global appliance fails to restart after configuring replication
BZ - 1435141 - NoMethodError Nil actioncable / pubsub_adapter
BZ - 1435172 - Entities menu does not contain Pod object
BZ - 1435290 - OpsUI - Ansible - Order Service Item - The hosts parameter in the dialog does not inherit what was set in the service
BZ - 1435362 - SSUI - Catalog view should default to tile view.
BZ - 1435364 - SSUI - Post order you are left at the service
BZ - 1435371 - SUI - Hide templates
BZ - 1436239 - User input has wrong text
BZ - 1436835 - no actions listed for /api/vms/:id/snapshots
BZ - 1437593 - [UI, SDN] - different title in PDF generated in Network managers page
BZ - 1437594 - Datepicker freezes after the first run of the "C & U Gap Collection".
BZ - 1437597 - Machine credential dropdown contains only Default
BZ - 1437607 - Can't reach scaling page - The page you were looking for doesn't exist.
BZ - 1437631 - C&U UI not showing metrics - for Projects/Pods/Replicators
BZ - 1437907 - "Save" and "Reset" buttons are absent when adding log collection configuration
BZ - 1437911 - Edit log collection menu has no spinner
BZ - 1437922 - Policy to prevent a host scan request did not work
BZ - 1438074 - SUI : Any action on catalog changes the view from List to Grid
BZ - 1438075 - SUI : Service toolbar actions should be disabled if no service is selected
BZ - 1438092 - [Regression] Azure provider refresh fails
BZ - 1438420 - error when editing /api/policies/:id resource
BZ - 1438515 - Middleware - Server: Utilization does not open
BZ - 1438516 - [RFE] Support for obfuscated proxy credentials used by image-inspector
BZ - 1438518 - [RHV] Timing issue between refreshes when a vm is removed
BZ - 1438520 - [RFE] Support VMware 6.5 HTML Console
BZ - 1438521 - Some TreeNode elements are not clickable when their active children aren't in the tree
BZ - 1438594 - Playbooks are not deleted if ansible inventory deleted
BZ - 1438599 - SUI : Duplicate order does not provision the service
BZ - 1438732 - [RFE] pass all v4 requests through the ovirt ruby sdk
BZ - 1438825 - Extra vars is not shown in Retirement tab of "Ansible Playbook" catalog item
BZ - 1438826 - OpsUI - Automation - Ansible - Repo - On first run before enabling Embedded Ansible the Add Repo page fails.
BZ - 1438827 - [Ansible-UI]: Credentials should proper flash message.
BZ - 1438829 - [Ansible Embedded] - Unable to update description of repository
BZ - 1438852 - SUI : Catalog/Orders/Reports and Request all are showin dashboard when clicked
BZ - 1438856 - Cockpit administration tools cannot be accessed from cloud instances views
BZ - 1438865 - [VMWARE]Auto_placement provision fails due to selecting Host in Maintenance state
BZ - 1438868 - 404 error in breadcrumbs links of ansible screens
BZ - 1438906 - Infinite spinner when pressing on ??? in "Adding a new Condition"
BZ - 1438907 - Unable to interact with ansible playbook service
BZ - 1439100 - SUI: Information missing in about page
BZ - 1439286 - Ansible playbook service retirement ignores provided host
BZ - 1439287 - containers: table "selectors" under replicators was changed to "Node selectors"
BZ - 1439290 - Azure metrics collection failing with "MonitoringServiceException"
BZ - 1439294 - [Ansible Embedded] - Menu not highlighted when navigate to Automation -> Ansible
BZ - 1439295 - The retirement buttons no longer work for services and orchestration stacks selected in the list
BZ - 1439298 - [Ansible Embedded] - Wrong formatting of flash message after sorting table
BZ - 1439301 - [GCE] - The page you were looking for doesn't exist.
BZ - 1439303 - Excessive log lines for "Initializing DRb Connection to MiqServer with ID"
BZ - 1439310 - OpsUI - Automation - Ansible - Default page
BZ - 1439311 - Incorrect label in "Run Ansible Playbook" action
BZ - 1439313 - service dialog can be submitted before entry point code on dynamic fields has completed execution
BZ - 1439316 - SUI : Hover text on request status should indicate the status (Approved/Denied)
BZ - 1439397 - Unexpected error on UI when clicking on type link on cloud images list view page
BZ - 1439400 - UI: Hover text associated for button is not shown properly on Infrastructure Topology page.
BZ - 1439401 - UI: Hover text is overlapped by navigation menu on Topology
BZ - 1439773 - Missing retirement tab in retired services
BZ - 1439935 - SUI : Unable to click on service in Grid View
BZ - 1439936 - Pop up window layering inconsistent in service UI
BZ - 1439938 - Encrypted password from Ansible Playbook service dialog needs to be decrypted
BZ - 1439940 - [Ansible Tower] - URL and Zone not shown in the table
BZ - 1439944 - Vmware infra provider refresh fail
BZ - 1439946 - UI: Advanced Search - Canceling delete on saved filter delete confirmation dialog deletes the filter
BZ - 1439948 - Error "undefined method `name' for nil:NilClass" when clicked on catalog item after deleting the repository.
BZ - 1440225 - SUI : Catalog Grid View multiple Cards cannot be selected
BZ - 1440311 - Navigation is not working
BZ - 1440312 - SUI : The create snapshot field shows description mandatory when it is not
BZ - 1440317 - Missing style for the flash message in expression editor
BZ - 1440318 - Unable to save automation task schedule using eastern time zone
BZ - 1440321 - Access (remote console) at VM level shows twice VM Console and one is greyed out
BZ - 1440322 - UI: "Add new arbitration profile to this Cloud Provider" throws "Button not yet implemented" flash message
BZ - 1440323 - Failed Ansible Playbook provision doesn't update status, started and completed fields.
BZ - 1440324 - Policy to prevent a VM retire request did not work
BZ - 1440566 - In Container Images table - Configuration button is missing
BZ - 1440568 - Ad-hoc metrics page title regression
BZ - 1440573 - [Ansible-UI]: Improve task name for Ansible tasks.
BZ - 1440574 - Automate import does not update display_name and description attributes in Namespace objects
BZ - 1440579 - SUI : Only stack name should be shown in relationships table for stack VM
BZ - 1440851 - [RFE] Add link to Kibana UI from OpenShift Provider
BZ - 1441198 - Error '[NoMethodError]: undefined method `base_model' for NilClass:Class' generating chargeback for container images report
BZ - 1441201 - OpenShift Refresh duration exceeds default two hour timeout and grows > 8GB never fully completing
BZ - 1441203 - Message timeout of 600 seconds does not allow perf_capture_timer to finish
BZ - 1441244 - CFME collects C&U metrics even before resource creation
BZ - 1441249 - Unexpected error while executing a custom button
BZ - 1441253 - Missing Refresh button in Automation/Ansible tabs
BZ - 1441265 - Add Provider->Type "RHEVM" should change to "RHV"
BZ - 1441270 - First and Last name are not being populated in automate during life-cycle provisoning
BZ - 1441271 - queue_name_for_metrics_collection raises an exception when ems is nil
BZ - 1441295 - Ansible output does not contain line breaks and is hard to read
BZ - 1441300 - Clicking on credential from grid/tile view is redirected to cloud key pair page
BZ - 1441303 - [Ansible Tower] - The page you were looking for doesn't exist.
BZ - 1441318 - SSUI: Hover text is not present on Service summary page.
BZ - 1441320 - SelfService - " Category and Assigned Value " drop down list displays the same name in edit tags
BZ - 1441328 - cloud_init re-runs on appliacne reboot, static networking configuration lost
BZ - 1441329 - IPv6 address in appliance_console summary is "/24" despite not using IPv6
BZ - 1441330 - appliance_console doesn't ask for database disk while setting secondy DB appliance
BZ - 1441402 - Wrong year in about popup window
BZ - 1441404 - SUI : Snapshot is not created when VM is not connected to active provider but success message is displayed.
BZ - 1441416 - dynamic check box does not update on SSUI
BZ - 1441647 - methods not sorted in frame on right side in automate
BZ - 1441657 - Topology View for VMware does not show all relationships
BZ - 1441658 - "NetworkError attempting to fetch resource" flash during updating ansible credentials
BZ - 1441661 - Topology View at Project Level does not use proper project icon
BZ - 1441670 - Add provider screen: No error message when trying to add a provider with a custom ssl certificate that does not match
BZ - 1441726 - Smartstate Analysis Error Unable to mount filesystem Unable to determine port used by VixDiskLib VMware
BZ - 1441740 - When moving AWS provider from one zone to another Network Manager info no longer updates
BZ - 1441753 - Get IP address automation code not working Azure
BZ - 1441854 - OpenShift provider event storm POD_FAILEDSYNC
BZ - 1442103 - UI: Topology - unable to confirm search by pressing the Return key, reacts only to a mouse click
BZ - 1442150 - [SDN] - Disable CRUD actions for Azure/Amazon Network providers
BZ - 1442163 - OSP refresh fail with Validation failed: Name can't be blank
BZ - 1442167 - OCP Ad-Hoc metrcis fails with "504 Gateway Time-out The server didn't respond in time"
BZ - 1442168 - When using dynamic drop downs, sorting of items doesn't work in self service portal.
BZ - 1442170 - Refresh the CF Provider to refresh its inventory of the PROJECT
BZ - 1442172 - Ansible Event monitor error's out when it does not reside on same CF appliance with Embedded Ansible/Provider Int/Op
BZ - 1442174 - [Ansible Tower] - Switching to Grid View or Tile View is not possible
BZ - 1442175 - EC2 provision dialogs do not support selecting multiple IPs for multi provision
BZ - 1442179 - containers: web console button is generating an Unexpected error encountered
BZ - 1442763 - OpenStack refresh fail with nil:NilClass
BZ - 1442766 - For OSP10 provider, Cinder volume creation is never finishing on the UI
BZ - 1442767 - [Ansible Tower] - Ansible Tower Jobs - relationships table wrong redirection to Parent Provider
BZ - 1442768 - Rhev inventory refresh fails after rhev upgrade from 3.6 to 4.0
BZ - 1442770 - RoutingError when clicked on any job in ansible tower jobs
BZ - 1442888 - UI log collection does not collect ansible logs
BZ - 1442891 - error when creating a group + setting the tag in create
BZ - 1442900 - CloudForms 4.2 is not displaying vm network metric info from OSP10 provider
BZ - 1442901 - SUI : Error opening VM console
BZ - 1442902 - SUI: Clicking on catalogs displays all services instead of catalogs.
BZ - 1443079 - vmware_CustomizeRequest Provisioning Type: ManageIQ::Providers::Vmware::InfraManager::Provision does not match, skipping processing
BZ - 1443081 - Auto_placement provision in Redhat domain fails due to selecting Host in Maintenance state.
BZ - 1443082 - SyntaxError when clicking on Refresh button for OpenStack Infra at Dashboard view
BZ - 1443084 - UI: infinispinner appears on Infrastructure Timelines page.
BZ - 1443085 - UI: Red Hat Insights Navigation is missing
BZ - 1443086 - [RFE] Drop support for VMware MKS and old VMRC consoles
BZ - 1443087 - Amazon S3 Storage Manager | Seahorse::Client::NetworkingError]: Failed to open TCP connection
BZ - 1443088 - SUI : Wrong pending request count displayed in dashboard
BZ - 1443091 - [Ansible Embedded] - Unable to edit the repository
BZ - 1443093 - Provider summary page, Hosts & Clusters, Vms and Templates images has changed into some plain image.
BZ - 1443094 - Middleware - Domain mode EAP7 container is not immutable
BZ - 1443096 - Entering Ansible Repository Incorrectly does not provide feedback that creation fails
BZ - 1443099 - SUI : Custom button needs to be aligned with other buttons in toolbar
BZ - 1443100 - add repo operation should generate notifications
BZ - 1443113 - Back button on Provider dashboard screens should be removed
BZ - 1443118 - Cloud Intel - Reports: Can't import widgets
BZ - 1443166 - External Auth - FreeIPA - Self-service UI doesn't time out when session timeout is reached
BZ - 1443243 - UI: "Save" button is still enabled when no server is selected in "Edit Management Engine Relationship" for VM/Instance
BZ - 1443245 - Clicking on Group or Role name link/icon in the user's details page does nothing
BZ - 1443247 - Using REST API - encountering "NoMethodError: undefined method `key?' for #<Array..."
BZ - 1443564 - Ad-hoc metrics UI - pagination buttons and text boxes are set in inappropriate location on page
BZ - 1443566 - UI: Icon is missing for "Win Services" under "Configuration" section on VM summary page.
BZ - 1443568 - Default catalogue item image displays 'T'
BZ - 1443569 - OpsUI - Ansible - MyServices - Plays - Blank table of details
BZ - 1443571 - the amazon best fit method sometimes attempts to select networks that aren't available to the region in use
BZ - 1443669 - Unable to edit/add service dialog imported from CF 4.0 to 4.2
BZ - 1443694 - [RFE] Container Management Operator Role should exist in CloudForms out-of-the-box
BZ - 1443695 - [RFE] Container Management Administrator Role should exist in CloudForms out-of-the-box
BZ - 1443696 - Full refresh of second VMware provider isn't automatically started after it is added
BZ - 1443700 - [Regression] storage.perf_capture ERROR
BZ - 1443714 - Adding SSO to External Logging link
BZ - 1443731 - When clicking on the router/security group icon it just refreshed the page on edit tags page.
BZ - 1443798 - Containers may get (ems_id and old_ems_id) == nil
BZ - 1443800 - Authentication Self_Service UI externalauth/miqldap Lack of user perms clarification
BZ - 1444034 - UI: Unnecessary Paging bar on Requests page.
BZ - 1444035 - UI: List views forget checked items when resorted by clicking on a column header.
BZ - 1444038 - Chargeback for container images report editor filter tab produces an error if there are too many images in the database
BZ - 1444050 - Chargeback report generation keeps whole openshift env in the memory (even after it finishes)
BZ - 1444055 - Middleware - Deploy newer version of existing archive fails without option
BZ - 1444060 - Self Service UI does not properly select defaults for dynamic drop downs
BZ - 1444066 - Cockpit console does not open
BZ - 1444067 - Container node tags are not available as report fields in Node reports
BZ - 1444164 - FATAL -- : Error caught: when Clicked on Orphaned Data tab on Diagnostics Region page
BZ - 1444165 - Hover text is not showing properly on Service page
BZ - 1444169 - Typo in Edit Report Menus tree
BZ - 1444171 - Quadicon image not display in grid/tile views for Catalogs and Orchestration Templates
BZ - 1444172 - Ability to create cloud volumes for a specific block storage manager broke forms dealing with cloud volumes.
BZ - 1444174 - Memory utilization metrics fail to account for system cache
BZ - 1444175 - No notifications about finished service retirement
BZ - 1444176 - [SDN][Azure] - Edit Tags button clickable after Net provider refresh without selected provider
BZ - 1444179 - Info icon (pficon-info) looks slightly corrupted in 5.8
BZ - 1444180 - Sorting configuration providers by url throws "undefinedColumn: ERROR: column providers.url does not exist"
BZ - 1444213 - Ensure managers change zone and provider region with cloud manager (OpenStack)
BZ - 1444219 - Ensure managers change zone and provider region with cloud manager (Google)
BZ - 1444222 - Embedded Ansible Service is not passing extra_vars overridden at runtime by user
BZ - 1444329 - Policy Simulation results tree nodes are not properly escaped
BZ - 1444504 - No pop-up with support case when collecting logs thru dropbox from second server in distributed mode
BZ - 1444506 - Wrong page title in Automation/Ansible/Playbook
BZ - 1444507 - [Ansible] New credentials with private keys are not added
BZ - 1444508 - Refresh doesn't remove the only and deleted ansible repository causing next deletion to fail
BZ - 1444510 - Amazon Availability Zone Timelines page is broken
BZ - 1444516 - Embedded tower event catcher collect not working
BZ - 1444871 - Ansible Credentials type should have proper format
BZ - 1444872 - Calendar control on C&U gap collection page is clipped
BZ - 1444873 - [SDN][EC2] - singular in downloaded files and subjects
BZ - 1444878 - Some menu items does not get translated when language is switched.
BZ - 1444884 - UI: Some texts are not translated in Navigation
BZ - 1444889 - After the removal of a rhev provider the datastores are still displayed but unable to be deleted
BZ - 1444891 - Error "undefined method `id' for nil:NilClass" in UI when clicked on Refresh embedded Ansible provider
BZ - 1444910 - Group UI | Save button is not active when deselect cloud provider in "Hosts&Clusters" tab
BZ - 1444930 - UI: VM reconfigure table needs formatting
BZ - 1444943 - Infinispinner appears on Database Backup Settings page when clicking on submit button.
BZ - 1444968 - No flash message displayed when retiring the provisioned service
BZ - 1444995 - [RHOS]:Create snapshot button gets disabled after creating the first snapshot on an instance
BZ - 1444996 - [NoMethodError]: undefined method `merge!' for nil:NilClass encountered for OpenShift full refresh
BZ - 1445002 - Error Message when adding a Containers Provider with SSL/Wrong Port
BZ - 1445006 - Error message is absent when trying to add chargeback rate with the same name
BZ - 1445008 - Unable to edit tag/manage policies for storage managers from list view
BZ - 1445015 - RBAC:Naming Inconsistency in product feature tree
BZ - 1445016 - Change in gem syntax from 4.0 to 4.2 NoMethodError undefined method `run' for LinuxAdmin:Module
BZ - 1445075 - Tag Visibility | Host is restricted for user with 'Host&Clusters' and Tag filters set up
BZ - 1445083 - After adding Google Compute Engine throwing "[NoMethodError]: undefined method `empty?' for nil:NilClass" in evm.log
BZ - 1445086 - Container volumes should honour tag visibility
BZ - 1445103 - [Ansible Tower] - Ansible Tower Jobs - relationships table - undefined method when clicking on Service
BZ - 1445108 - Wrong flash message after ansible playbook catalog item deletion
BZ - 1445111 - UI blows up while trying to create a cloud volume from the Storage Summary screen
BZ - 1445112 - SUI : Sort "My Service" page based on created time
BZ - 1445283 - Error: undefined method `all' for nil:NilClass [ems_cluster/button] when clicked set retirements Dates for the VMS
BZ - 1445311 - [RFE] CFME 4.1 EMS Refresh should be targeted for folder create, as opposed to a full EMS Refresh
BZ - 1445354 - [RFE] Edit action is not been supported for VMS resources.
BZ - 1445363 - Saved mapping rule has always Resource Entity as <All>
BZ - 1445368 - Error flash msg of mapping tag with already existing label has additional ", " characters before label name
BZ - 1445369 - Ampersand not rendering correctly in "Status of Roles for Servers in Zone"
BZ - 1445376 - Cannot copy a built in OpenSCAP policy
BZ - 1445378 - FATAL -- : Error caught: while changing page per items on Customization Templates
BZ - 1445379 - [RFE] Make the process of reintroducing a failed HA node more user-friendly
BZ - 1445380 - After reintroducing a failed primary node, there are old replication slots left on the "new" node
BZ - 1445385 - In new db master node, pg_xlog directory got fulled
BZ - 1445389 - [Ansible Embedded] - Editing Name of Amazon Credentials is not possible without filling keys again
BZ - 1445803 - Restore to global region fails due to connection to database
BZ - 1445804 - Getting undefined method `get_folder_paths' after applying RHSA-2017:0898
BZ - 1445823 - Downloaded pdf summary report for hosts contains "ManageIQ" upstream name
BZ - 1445888 - VM state is not refreshed, after moving VM from running on one host to another
BZ - 1445892 - [Ansible Embedded] - Extra variables can be deleted but form cannot be saved
BZ - 1445893 - Create new cloud tenant fails: Unable to create Cloud Tenant "my_cloud": Expected([200]) <=> Actual(404 Not Found) excon.error.response :body
BZ - 1445894 - Unable to create ansible playbook catalog item
BZ - 1445895 - Embedded ansible logs should be rotated
BZ - 1445899 - Error in re-configuring service: "Error during 'Provisioning': undefined method `match' for 0:Fixnum Did you mean? catch"
BZ - 1445900 - During Automate Simulation the UI keeps spinning when the result has hash contents
BZ - 1445936 - SCVMM provisioning started failing with Errno::ENAMETOOLONG
BZ - 1445942 - Unable to edit the retirement tab in ansible playbook catalog item
BZ - 1446245 - Standard output is missing in provisioned ansible playbook service
BZ - 1446251 - Middleware - Add new Datasource Fails
BZ - 1446277 - Error when displaying reconfigure dialog page for VM if VM has no Flavor
BZ - 1446303 - Unable to launch targeted ansible refresh from repo list view
BZ - 1446304 - Reintroducing a standby node that has already be reintroduced causes failure
BZ - 1446329 - Switch to new Inventory implementation
BZ - 1446387 - Middleware - Standalone EAP7 Server is shown as Immutable
BZ - 1446613 - accessing RHEV provider fails with "NoMethodError: undefined method `>=' for nil:NilClass"
BZ - 1446618 - OpsUI - MyServices - Credentials do not show
BZ - 1446651 - Month selection arrows for C&U Gap collection are hidden in the UI
BZ - 1446734 - CFME shows error page and throws exception to log when instance/vm/image/etc title is clicked
BZ - 1446739 - Metrics collection for osp nodes failed on RHOS11
BZ - 1446743 - MW - Container linking does not work with EAP on Javaagent
BZ - 1446775 - containers: [" characters are added to the tags under Smart Management of container services
BZ - 1446784 - New Orchestration Template Drop-down menu doesn't list vApp Template
BZ - 1446790 - incorrect href attribute values for Foreman providers
BZ - 1447049 - [RFE] Volumes summary page does not display any data related to containers that are using persistent volume claim
BZ - 1447051 - ManageIQ icon on SUI order page
BZ - 1447086 - [Ansible Embedded] - Privilege escalation for playbook does not work
BZ - 1447088 - Service Catalogs: Dialogs are hanging and keeps buffering
BZ - 1447126 - [Ansible Tower] - Search bar missing when navigated to Config manager e.g. from Compute
BZ - 1447350 - evm fails to start on remote region after upgrading from 5.6 rubyrep to 5.8
BZ - 1447367 - Ansible playbook service cannot be retired
BZ - 1447372 - Tag Visibility | Access Controll: All users, groups, and tenants are visible for restricted user
BZ - 1447373 - limit list of user for tenant-administator role
BZ - 1447382 - Service : PXE provisioning for RHEV fails
BZ - 1447388 - Ansible Playbook service retirement option should not include hosts and extra_vars when no playbook is select
BZ - 1447391 - service dialog dynamic code works in admin portal but not in self-service portal
BZ - 1447427 - Ansible Playbook service catalog item update failed with new_dialog_name and dialog_id both exist
BZ - 1447432 - Topology view crashes with container linking in place
BZ - 1447690 - Service : Separate services are provisioned when a bundle is ordered
BZ - 1447704 - Crosslinked containers on middleware topology graph
BZ - 1447752 - WebUI:RBAC-Unable to login when the user has only access to Chargeback feature
BZ - 1447778 - VM snapshot: revert option is enabled, for Active VM
BZ - 1448045 - UI lag due to more than 3650 messages in notification
BZ - 1448071 - [vSphere] UI-RBAC: undefined method `all' for nil:NilClass error appears while setting ownership for template
BZ - 1448079 - SSUI internationalization is incomplete
BZ - 1448098 - Ansible Playbook repo's do not load playbooks after editing
BZ - 1448131 - Show cross linking containers links in middleware server summary page
BZ - 1448207 - Run time crash error when selecting Compute => Clouds => Topology
BZ - 1448417 - Default dynamic text boxes should be blank
BZ - 1448419 - Default value of dynamic dropdown list not honored CloudForms 4.2
BZ - 1448499 - Invalid ExtManagementSystem id 12,000,000,000,003 specified on volume create --> failed
BZ - 1448506 - The create_service_provision_request call on a service_template doesn't return a MiqRequest object
BZ - 1448527 - Report no ReFS FileSystem Support
BZ - 1448537 - redhat_CustomizeRequest Provisioning Type: does not match, skipping processing
BZ - 1448545 - Unable to compare cloud instances."Compare selected items" option remains disabled
BZ - 1448863 - cfme not passing cloud init payload to vm's
BZ - 1448868 - Retirement tab is not shown for retired service
BZ - 1448899 - Approve and Deny Order not working
BZ - 1448902 - Remove search option from Inventory Group summary page of Ansible Tower Provider
BZ - 1448917 - [Ansible Embedded] - Editing Embedded Ansible Credentials form is not possible without filling credentials again
BZ - 1448942 - Typo in flash message after cancellation of tenant creation
BZ - 1448943 - Unable to add multiple elements to a dialog
BZ - 1449190 - VM provision from ISO fail
BZ - 1449193 - RHV provider refresh fail on "undefined method `split' for nil:NilClass"
BZ - 1449215 - CFME SSUI language selection has repetitive entries for Chinese
BZ - 1449223 - Some notifications show ManageIQ not CFME
BZ - 1449269 - can't provision to RHEVM 4.0
BZ - 1449364 - Ansible playbook cannot be added to a bundle
BZ - 1449365 - UI: Security Groups show fails with comparison of Array with Array error
BZ - 1449366 - Credential List is Empty when the Ansible Playbook Service Dialog is invoked from a Button versus a Service Order Screen
BZ - 1449412 - MiqVimBrokerWorker exceeding memory after upgrading from 5.6 -> 5.7
BZ - 1449748 - retirement runs in any zone as of 5.7.1
BZ - 1449792 - ServiceUI - Missing Requests column on main dashboard
BZ - 1449803 - Ansible Playbook : UI issues and button
BZ - 1449810 - Retirement tab is not shown for retired service if "Copy from Provisioning" was pressed
BZ - 1449811 - "Copy from Provisioning" leaves "Remove resources?" field value as is
BZ - 1449843 - Attaching EBS volume to an instance results in error
BZ - 1449846 - bad error message when adding playbook catalog item while embedded ansible is disabled
BZ - 1450085 - Network Topology does not show Cloud Routers
BZ - 1450096 - Refresh button in a dialog does not show in SUI
BZ - 1450220 - Cannot select placement for Cloud Volumes (openstack cinder storage provider) and this volumes are created in different tenants during provisioning of the instance.
BZ - 1450469 - Windows7 and Windows 2012- IE 11- HTML5 Console Remains in Connecting State Indefinitely
BZ - 1450470 - SSA fails on timeout for large images
BZ - 1450485 - Automate method to order an Ansible Playbook Service from a button
BZ - 1450492 - Create the .pgpass and print required conf for standby on primary database servers
BZ - 1450962 - Middleware - Add new JDBC Driver Fails
BZ - 1450966 - [Ansible Tower] Advanced search feature broken
BZ - 1451046 - Queued item containing secrets is being dumped in plain-text in evm.log
BZ - 1451078 - SSUI: Restricted user(tag) can see service items list(but cannot open or order them)
BZ - 1451081 - Service catalog(count) on right should match the number displayed on left menu
BZ - 1451121 - Add new repository is shown even when embedded ansible is not enabled.
BZ - 1451395 - CFME 5.7.2.1 does not support group/tag access restrictions for performance reports
BZ - 1451457 - Raise minimum memory requirement for CFME appliances to 12GB
BZ - 1451780 - [Ansible Embedded] - SCM credentials cannot be added
BZ - 1451920 - [Ansible Embedded] - Empty stdout after playbook execution
BZ - 1451922 - 404 error on deployment roles page
BZ - 1451925 - Unexpected error encountered after clicking on RSS Feeds links
BZ - 1451939 - Ansible - SUI - VMs when linked to service are not shown, opsUI shows them correctly
BZ - 1452333 - Error when executing a button assigned to a button group
BZ - 1452823 - [Microsoft]Auto_placement provision fails due to selecting Host in Maintenance state

Moderate: CFME 5.8.0 security, bug, and enhancement update

Synopsis

Type/Severity

Topic

Description

Solution

Affected Products

Fixes

CVEs

References

Vulmon Search

About

Products

Connect