Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Moderate: Satellite 6.5 Release

Related Vulnerabilities: CVE-2016-6346   CVE-2018-10917   CVE-2018-14664   CVE-2018-16861   CVE-2018-16887   CVE-2019-3891   CVE-2016-6346   CVE-2018-10917   CVE-2018-14664   CVE-2018-16887   CVE-2018-16861   CVE-2019-3891   CVE-2016-6346   CVE-2018-10917   CVE-2018-14664   CVE-2018-16861   CVE-2018-16887   CVE-2019-3891  

Source

Synopsis

Moderate: Satellite 6.5 Release

Type/Severity

Security Advisory: Moderate

Topic

Red Hat Satellite 6.5 for RHEL 7 is now available containing security fixes, bug fixes, and enhancements.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Satellite is a systems management tool for Linux-based infrastructure.
It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.

Security Fix(es):

  • RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack (CVE-2016-6346)
  • pulp: Improper path parsing leads to overwriting of iso repositories (CVE-2018-10917)
  • foreman: Persisted XSS on all pages that use breadcrumbs (CVE-2018-14664)
  • foreman: stored XSS in success notification after entity creation (CVE-2018-16861)
  • katello: stored XSS in subscriptions and repositories pages (CVE-2018-16887)
  • candlepin: credentials exposure through log files (CVE-2019-3891)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Satellite 6.5 x86_64
  • Red Hat Satellite Capsule 6.5 x86_64

Fixes

  • BZ - 1143987 - [RFE] Hammer task missing info subcommand
  • BZ - 1155811 - [RFE] Support Infoblox IPAM appliances as subnet / domain providers
  • BZ - 1170174 - [RFE] Satellite 6 product FIPS mode Compliance
  • BZ - 1232475 - [RFE] generate a report of Specific fields in the Content Hosts -> Details section
  • BZ - 1233431 - [RFE] CSR should not be mandatory when installing Satellite Server or generating Capsule certificate bundle with custom ssl certificates
  • BZ - 1267766 - capsule installer generates invalid dhcp.conf for non local networks
  • BZ - 1305040 - [RFE] User control of Capsule sync policy and other traffic from Satellite to capsule
  • BZ - 1335621 - [RFE] Ignore warnings when syncing repos and SRC packages are missing
  • BZ - 1339743 - [RFE] Search OpenSCAP reports using host collections
  • BZ - 1356126 - [RFE] Implement host disassociation command
  • BZ - 1372120 - CVE-2016-6346 RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack
  • BZ - 1396974 - VM orchestration should provide better error reporting and logging
  • BZ - 1397590 - [RFE] “Unregister Host” needs a clear instruction for options under it
  • BZ - 1402134 - [RFE] Need Hammer CLI commands to do the HostGroup / Environments associations with Provisioning Template.
  • BZ - 1408782 - [RFE] virt-who need to make sure there is only one entry in satellite content host for the same hypervisor when configure hypervisor_id for uuid or hostname or hwuuid
  • BZ - 1418026 - goferd errors with "[...] Condition('amqp:resource-limit-exceeded', 'local-idle-timeout expired')" when pushing Errata from Satellite
  • BZ - 1438030 - [RFE] Feature to use the 'dzdo' as the "remote_execution_effective_user_method" to run the remote commands with a non-root user.
  • BZ - 1445070 - katello models not working with foreman-hooks plugin
  • BZ - 1447963 - Switching installation media (or source) back and forth corrupts initdamdisk/kernel
  • BZ - 1449290 - Global PXE hostgroups menu entries missing when Installation Media is set to Synced Content
  • BZ - 1451277 - [RFE] Support storing and presenting Vendor field in package API
  • BZ - 1458898 - [RFE] Pre-canned Virt-who roles do not have a description
  • BZ - 1468557 - Discovery KExec does not work with Atomic Host 7
  • BZ - 1470987 - discovery settings are named differently in hammer than in UI
  • BZ - 1476379 - [RFE] Add randomness to SCAP client runs to avoid DDOS of the server
  • BZ - 1476938 - katello-change-hostname should check for enough ram before making changes
  • BZ - 1481315 - Cloud-init integration with ovirt supports just a subset of cloud-init keywords
  • BZ - 1488235 - Email subject prefix accepts long strings
  • BZ - 1488475 - Specifying wrong content source id for host or hostgroup via hammer throws SQL error
  • BZ - 1489252 - [RFE] Add a note to ignore "WARNING" message when foreman_scap_client command executed manually
  • BZ - 1489379 - Non admins users should be able to add Organization / Locations to themselves
  • BZ - 1489486 - API hosts/X interfaces array info inconsistent return of interface flags
  • BZ - 1492848 - Roles cleared when error detected in User creation dialog
  • BZ - 1495308 - [RFE] Feature to add the "--fetch-remote-resources" to the foreman_scap_client.
  • BZ - 1500972 - traceback when deleting organization: javax.persistence.RollbackException: Error while committing the transaction
  • BZ - 1501683 - Pulp repository sync step not skipped automatically when fail with "Abnormal termination".
  • BZ - 1501927 - RHV compute resource screen shows DataTables warning invalid json response
  • BZ - 1502752 - refresh manifest - proxy password with special character
  • BZ - 1508169 - incremental update of content-view added errata RHSA-2017:2998 packages and also added some other packages as well , which is not present in errata
  • BZ - 1514013 - Atomic Host 7.4.2 deployed from Satellite 6.2.12 cannot be upgraded out of the box
  • BZ - 1515082 - Rerunning a ReX job with JobTemplate not in current Org/Loc shows undefined method `input_values' for nil:NilClass
  • BZ - 1515671 - [RFE] Extend "Service Action - SSH Default" job template to be able to enable and disable services
  • BZ - 1516803 - uploading a package to custom repo does not trigger sync of Capsule in Library LE
  • BZ - 1517084 - Duplicate hammer options to view available compute-resource image
  • BZ - 1517706 - Could not able to see filters of any role with org_admin user
  • BZ - 1519779 - puppet classes info doesn't consider puppet environments parameter
  • BZ - 1523147 - Templates tab in Hosts>Operating Systems have confusing and misleading asterisks
  • BZ - 1523433 - Celery worker consumes large number of memory when regenerating applicability for a consumer that binds to many repositories with many errata.
  • BZ - 1523940 - [RFE] [sat 6.3] k5login should support setting selinux context and owner attributes
  • BZ - 1528524 - [RFE][Satellite 6.3 Beta] Need a way to split pulp_data.tar into smaller files
  • BZ - 1532675 - incorrectly rendered empty lines in commands output on "Detail of Commands run" page
  • BZ - 1534608 - [RFE] Searching for all instances of packages in all repos
  • BZ - 1534967 - reboot ReX fails with "Runner error: NameError - uninitialized constant ForemanRemoteExecutionCore::ScriptRunner::MAX_PROCESS_RETRIES"
  • BZ - 1537266 - [RFE] Add option to lock template upon import using foreman_templates plugin
  • BZ - 1538688 - 'hammer ping' can erroneously say foreman-tasks is down when its just busy
  • BZ - 1541393 - Improve help and error messages when adding CVs to a CCV
  • BZ - 1545364 - Cloned Satellite improperly handles Pulp event_notifier URL and db entries
  • BZ - 1547821 - while creating new hosts RHEVM assocation of compute profile doesn't show correct network for the Cluster
  • BZ - 1549088 - Various Action:: Tasks types stop with warning: "no such file or directory" for file in foreman cache hierarchy
  • BZ - 1549761 - [RFE] Flag to avoid deletion from compute resource of an host associated when it's removed from satellite
  • BZ - 1552142 - Installation on FIPS enabled rhel7 fails with '/usr/bin/pulp-gen-ca-certificate' returned 1 instead of one of [0]
  • BZ - 1552159 - Installation on FIPS enabled rhel7 failing with with certutil issues
  • BZ - 1552200 - Upgrade to 6.3 failed with "Could not find dependency Class[Puppet::Server::Install] for File[/etc/pki/katello/puppet]"
  • BZ - 1553105 - composite_content_view_ids field of a content_view_version is always empty
  • BZ - 1554421 - candlepin takes >2m on /candlepin/consumers/UUID/guests query
  • BZ - 1557436 - Unnecessary requirement of CSR when running --certs-update-server
  • BZ - 1560978 - hammer host list --thin removed in Red Hat Satellite 6.3
  • BZ - 1561249 - Several JS errors visiting repo discovery page
  • BZ - 1561691 - Creating user with hammer having authentication source LDAP/AD should not ask for password
  • BZ - 1561990 - UI: After add the CV on the CCV, Content View still on the list to add
  • BZ - 1563529 - Root password hash in Operating System written in capital letters
  • BZ - 1564867 - update bootstrap.py to works also on RHEL5
  • BZ - 1565903 - ansible_provisioning_callback snippet does not set executable permission for '/root/ansible_provisioning_call.sh'
  • BZ - 1566000 - KVM hypervisor profile does not contain guests running on it in the webui and creates duplicate profile with virt-who-* prefix
  • BZ - 1566092 - using a filter for bastion layout/partials/table.html does not update the selected counts
  • BZ - 1566166 - unable to register client to freshly installed capsule on fresh katello
  • BZ - 1566540 - javascript error on new gpg key page
  • BZ - 1566543 - [Satellite6] cd-rom settings in compute profile for vmware compute resource never showed as enabled
  • BZ - 1568063 - [RFE] Hammer Job Cancellation
  • BZ - 1568700 - Sat6.3.1 WEBUI Documentation link is unaccessible
  • BZ - 1568838 - [RFE] Handle multiple capsules' ssh keys
  • BZ - 1568848 - [RFE] Handle multiple capsules' ssh keys
  • BZ - 1569395 - [Satellite 6] Adding search for lifecycle_environment or lifecycle_environment_id in role host fiter with permission view_hosts does not construct SQL querry when API is used
  • BZ - 1571889 - [RFE] Allow override of tftpd.map file location and/or contents during installer upgrades
  • BZ - 1571913 - Clean up EL6 and service-wait from Katello scripts
  • BZ - 1574257 - katello-remove does not completely remove data on mounted filesystems
  • BZ - 1575766 - Org/Loc Button ordering not the same when moved after window resize
  • BZ - 1577014 - Missing "-name" option on "openssl pkcs12" command may cause incorrect nickname added to the katello nssdb
  • BZ - 1577966 - In partition tables, problem with snippet check-box together with operating system
  • BZ - 1578021 - [RFE] enable high availability when using ovirt compute resource
  • BZ - 1578022 - [RFE] As an API user, I should be able to compare the Packages of a Content View Version to the Packages in Library.
  • BZ - 1578470 - [RFE] allow configuration of helloMaxAge and helloInterval
  • BZ - 1579876 - MMV stats disappear rendering pmlogger unable to restart
  • BZ - 1582210 - Create RHEV host: Listing Images produces traceback when no images on CR
  • BZ - 1582293 - Unable to unset proxy settings once set
  • BZ - 1582484 - [RFE] As an API user, I should be able to compare the Errata of a Content View Version to the installable Errata in Library.
  • BZ - 1583318 - hammer recurring-logic list command does not accept options --per-page or --page but suggests those option
  • BZ - 1584162 - Error: No such repository with name <MISSING>
  • BZ - 1585410 - some tasks in Monitor -> Tasks have "N/A" in a first column
  • BZ - 1586271 - SSL 64-bit Block Size Cipher Suites Supported (SWEET32)
  • BZ - 1586336 - The checksum type configuration of yum distributor should always fallback to the scratchped if it is not explicitly set to use a particular checksum type by the user.
  • BZ - 1589515 - [RFE] Add kernel version to the hosts inventory report
  • BZ - 1589625 - no unique constraint to the name column on the roles table
  • BZ - 1589736 - Can not delete organization, if virt-who is configured
  • BZ - 1591731 - [RFE] Audit discovery of new host and provision actions
  • BZ - 1592570 - [RFE]: Ship Ansible Playbook for bootstrap.py as part of the katello-client-bootstrap package.
  • BZ - 1593253 - installer missing --upgrade-mongo-storage option
  • BZ - 1593647 - EC2 CR create with invalid data -> uninitialized constant ComputeResourcesController::OVIRT
  • BZ - 1594289 - [RFE] Dashboard: Show a list of hosts with an expired token
  • BZ - 1594882 - [RFE] Enable configuration setting to turn on foreman tasks cleanup logging
  • BZ - 1595784 - Missing hammer command for BMC boot API
  • BZ - 1595924 - production.log filled with too many no route errors for rhsm/consumer URLs for accessible_content calls
  • BZ - 1596372 - [RFE] Dependency calculations in Satellite should handle rich dependencies
  • BZ - 1596504 - hammer hostgroup info --output json returns json including non unique keys
  • BZ - 1596885 - Manifest upload UI status bleeds into other orgs
  • BZ - 1597035 - [RFE] RH Repos Content type filter default text could be better
  • BZ - 1597089 - [RFE] Subscriptions "Export CSV" functionality should include/offer org in filename
  • BZ - 1597208 - Partition table not set for host when using hammer cli, provisioning method bootdisk and host group
  • BZ - 1597968 - Provisioning a new host with bond interface without domain and subnet failed with undefined method `vlanid' for nil:NilClass
  • BZ - 1598928 - CVE-2018-10917 pulp: Improper path parsing leads to overwriting of iso repositories
  • BZ - 1599303 - after new host group is created search doesn't work properly, search menu opens the create host group
  • BZ - 1600095 - Non admin user is unable to see the audits for katello and taxable resources created by admin using Any Location context
  • BZ - 1600450 - command "foreman-rake reports:expire" does not delete reports
  • BZ - 1600710 - Breadcrumb switcher in Host Facts page is missing
  • BZ - 1601155 - Templates get rendered when visiting job invocation details, leading to slow UI
  • BZ - 1601762 - accessing subscription.rhn.redhat.com unexpectedly
  • BZ - 1602110 - The number of MAX_RETRIES exceeded: PersistenceError in executor: terminating when running tasks are removed from database
  • BZ - 1602367 - Hammer/API - wrong error message
  • BZ - 1603185 - RHV4: Unable to do network provision host on RHV, auto selects blank template
  • BZ - 1603219 - '--owner' key/value not recognized anymore with 'hammer host create' (Satellite 6.3.2)
  • BZ - 1606236 - Subscription info can show many provided products
  • BZ - 1606369 - [RFE] De-emphasize yStreams in the repos page
  • BZ - 1607207 - [RFE] Job_invocation reset API could support its output being formatted in clean JSON by providing an API endpoint
  • BZ - 1607845 - Monitor Tasks export is empty
  • BZ - 1608400 - [File Repository] - All Repositories are shown for file content instead of contained Library Repositories
  • BZ - 1609567 - Hostgroup can save without 'Partition table' even 'Operating system' selected
  • BZ - 1612921 - Getting error "Oops, we're sorry but something went wrong undefined method `port' for #<RbVmomi::VIM::VirtualEthernetCardLegacyNetworkBackingInfo:0x00007f61dd1f2750>" while associating VMs to compute resource
  • BZ - 1612959 - Per-page setting does not work in RPM and repo listings
  • BZ - 1613304 - hammer subnet create do not honor the default organization and location
  • BZ - 1613679 - VMWare SCSI PV driver not present in FDI initramdisk
  • BZ - 1614768 - [RFE] API Support for easier use of Smart-Class Param Overrides
  • BZ - 1614927 - [RFE] Provide the ability to delete a lifecycle environment from the middle of an existing path
  • BZ - 1615800 - Export list of content host do not honour search filter
  • BZ - 1616153 - [RFE] Support of modular errata and its applicability
  • BZ - 1618485 - Subscription details doesn't show in web UI
  • BZ - 1618811 - boostrap.py fails when registering nodes with org_environment contentAccessMode
  • BZ - 1618868 - Breadcrumb bar for smart class parameter doesn't contain name.
  • BZ - 1618872 - Breadcrumb bar on OS page doesn't show name of OS
  • BZ - 1619284 - [Sync Plan] - Buttons are getting disabled after putting duplicate Sync Plan Name
  • BZ - 1620179 - no way to list cluster IDs inside compute resource
  • BZ - 1622802 - Running Ansible role fails with: Actions::ProxyAction::ProxyActionMissing: Proxy task gone missing from the capsule
  • BZ - 1623277 - katello-host-tools triggers package profile update at install-time, potentially causing issues at scale.
  • BZ - 1623937 - Extra logging in Satellite 6.4 Production logs
  • BZ - 1624401 - Discovery templates are not assigned to default org
  • BZ - 1624416 - Hammer command with content view version --order is not working as expected.
  • BZ - 1624479 - Show Repo Label on Enabled repos results
  • BZ - 1625109 - katello-debug.sh still calls katello-service status rather than foreman-maintain
  • BZ - 1625174 - Two meanings of "Enabled" on new Subscription tab might cause confusion
  • BZ - 1625649 - Yum plugins are loaded multiple times after updating the host to the latest katello-agent packages
  • BZ - 1625965 - RHEL8 provisioning requires more than one enabled repository
  • BZ - 1626113 - Some default values not shown in Settings page tool tips
  • BZ - 1626114 - Header logo is not branded in upstream nightly + foreman_theme_satellite
  • BZ - 1626119 - [RFE] Non-default settings should be bolded.
  • BZ - 1626138 - When Setting has a "empty" default, the tool tip shows an empty string.
  • BZ - 1626178 - Validation failed: Cannot set auto publish to a non-composite content view
  • BZ - 1626494 - New Repositories page needs a clear option for the search bar.
  • BZ - 1626956 - Internal Server error when matcher #23 is created for smart class parameter
  • BZ - 1627640 - recurring jobs ignore organization context of host search
  • BZ - 1628488 - Incorrect spelling of an operating systems list im provisioning cloud instances
  • BZ - 1628505 - Ansible processes might get killed when logrotate runs for smart_proxy_dynflow_core
  • BZ - 1628544 - ActiveRecord::RecordInvalid error when syncing RHEL 7 s390x kickstart repo
  • BZ - 1628561 - hammer job-invocation output returns ISE on providing invalid invocation id
  • BZ - 1628638 - The termination procedure after memory threshold exceeded can get stuck, waiting infinitely for some events to occur
  • BZ - 1629564 - [RFE] Able to search Puppet parameters alphabetically
  • BZ - 1631019 - [RFE] Satellite 6.x bootstrap is too aggressive and shouldn't run 'yum clean all'
  • BZ - 1631299 - [RFE] bootstrap.py should support python 3
  • BZ - 1632111 - repositories-validate check don't consider custom organization/activation key
  • BZ - 1632626 - only "katello" and "satellite" rpms require java-1.7.0-openjdk*, candlepin requires java-1.8.0
  • BZ - 1633236 - changing "per page" on Monitor -> Jobs does not have any effect
  • BZ - 1633347 - Virt-who configs are tied to organization, but deploy command does not include org ID.
  • BZ - 1633360 - Allow admin to opt-out from the Brute-force attack protection
  • BZ - 1633937 - Manifest refresh fails with error "Failed to import archive"
  • BZ - 1635364 - Failed to upload to Foreman, saving in spool. Failed with: Net::ReadTimeout
  • BZ - 1635540 - Running a `sync_task` while the tasks service gets restarted might lead to passenger process hanging forever
  • BZ - 1635680 - 6.4 snap25 bug joining a realm on kickstart
  • BZ - 1636052 - "404 Not Found" when querying images without OS selected in Create Host dialogue
  • BZ - 1636446 - [RFE] New Audit UI as per new UX design
  • BZ - 1637042 - undefined method `[]' for nil:NilClass when more virt-who reports are sent a short time after other
  • BZ - 1637431 - Branding changes after layout change
  • BZ - 1637436 - The default Organization Admin role has double (Miscellaneous) filter
  • BZ - 1637883 - Improve help text for RHV attributes, where ever user needs to pass ID's
  • BZ - 1637955 - Satellite fails to create VMs on RHV system based on a template.
  • BZ - 1638130 - CVE-2018-14664 foreman: Persisted XSS on all pages that use breadcrumbs
  • BZ - 1638223 - Capsule scenario should enable REX by default
  • BZ - 1638781 - Unable to create Content Credential bookmark via WebUI
  • BZ - 1638866 - [RFE] Shorten name of "subscription-manager" zypper plugin to rhsm for readability.
  • BZ - 1638906 - Update Foreman Hammer CLI VMware helpers
  • BZ - 1639352 - When deleting content views, UI indicates wrong number of environments
  • BZ - 1639406 - [RFE] Add support for sha512
  • BZ - 1639676 - Unable to persistently set redirect_host for lazy sync to empty value
  • BZ - 1640628 - Prevent multiple instances of /usr/bin/smart-proxy-openscap-send
  • BZ - 1640644 - [RFE] Add switch to hammer CLI to disable the defaults
  • BZ - 1640686 - While upgrading satellite from 6.3->6.4, satellite-installer does not perform remove_legacy_mongo step in some situations which results in error
  • BZ - 1641017 - Upgrade to Satellite 6.4 is failning on script 20180516103339_update_idm_params.rb
  • BZ - 1641266 - Wrong counts of success/fail/pending tasks on Bulk actions
  • BZ - 1641785 - Upgrade from Satellite 6.3.4 to 6.4.0 fails in "Upgrade Step: clear_checksum_type..."
  • BZ - 1641864 - Missing module errors after upgrading to gofer-2.12.1-1
  • BZ - 1642088 - Upgrade from 6.3.4 to 6.4 is failing on foreman-rake katello:import_subscriptions
  • BZ - 1642496 - improper command given in output of "katello-certs-check"
  • BZ - 1642549 - Content Host filter is showing only 1 page of result
  • BZ - 1643130 - Satellite Tools repository/module for RHEL8
  • BZ - 1643432 - Subscription Status Widget showing incorrect information on Dashboard
  • BZ - 1643740 - [6.5] No SCAP content profiles in default scap-contents
  • BZ - 1643818 - Cannot update GPG Key on created product
  • BZ - 1643871 - qdrouterd listens on 127.0.0.1 only
  • BZ - 1644127 - Adding subscription shows notification with html tags
  • BZ - 1644144 - katello-certs-check output shows foreman-installer/foreman-proxy-certs-generate
  • BZ - 1644189 - Importing ansible role gives wrong number of arguments (given 1, expected 0)
  • BZ - 1644191 - blue flashing(upstream) page appears when login page is visited.
  • BZ - 1644192 - Test connection on compute resource shows notification with html tags
  • BZ - 1644208 - Dependency issue while installing katello-agent on RHEL6 and RHEL5
  • BZ - 1644354 - [RHEL 7.6] Satellite Update failed due to dependency issue Package: ant-junit-1.9.2-9.el7.noarch Requires: ant = 1.9.2-9.el7
  • BZ - 1644571 - [RFE] Add Red Hat Satellite Maintenance 6 in recommended repositories
  • BZ - 1644586 - System admin role cannot create new organizations
  • BZ - 1644593 - Content View Version export breaks while exporting to relative path
  • BZ - 1644596 - [Tracker][QE] Content View Export Import
  • BZ - 1644618 - Repo sync fails on FIPS enabled machine
  • BZ - 1644823 - [RFE] allow import/export of composite content views
  • BZ - 1645017 - Atomic repos sync fails with GLib.Error('Server returned status 404: Not Found', 'g-io-error-quark', 1)
  • BZ - 1645057 - host_collection controller does not return host_ids key inside a POST response
  • BZ - 1645144 - Unable to delete virt-who configuration from satellite.
  • BZ - 1645174 - Reimporting the existing CV version should have more refined validation message
  • BZ - 1645190 - CVE-2018-16887 katello: stored XSS in subscriptions and repositories pages
  • BZ - 1645201 - CVE-2018-16861 foreman: stored XSS in success notification after entity creation
  • BZ - 1645365 - Upgrade step katello:upgrades:3.8:clear_checksum_type from 6.4 to 6.5 failed
  • BZ - 1645372 - capsule upgrade to 6.5 points the last scenario to foreman-proxy-content and removes capsule-answers
  • BZ - 1645396 - add_permissions_to_default_roles fails during db:create
  • BZ - 1645398 - [RFE] Add permissions to Canned admin
  • BZ - 1645587 - Satellite throws Undefined method error while importing the CVv if clone CV isnt set
  • BZ - 1645737 - Capsule upgrade to 6.5 failed with undefined method `enabled?' for nil:NilClass
  • BZ - 1646184 - "the field 'created_at' in the order statement is not valid field for search" error on history tab of content view
  • BZ - 1646409 - [Container Admin] Changing Registry Name Pattern in Library LE displays error; is saved anyway
  • BZ - 1646603 - [Container Admin] Registry Name Pattern with repository.url will always be rejected
  • BZ - 1646988 - Satellite upgrade from 6.4 to 6.5 failed at db:migrate
  • BZ - 1647216 - Lack of edit_smart_proxies permission causes error when setting host to Build
  • BZ - 1647582 - hammer task list --search no longer appears to search ID field
  • BZ - 1647631 - [RFE] Change Katello bootstrap.py to preserve rhsm proxy settings
  • BZ - 1647762 - Satellite does not import facts from virt-who reported Hypervisors
  • BZ - 1647799 - "Maximum call stack size exceeded" error when opening running task in web UI
  • BZ - 1647938 - Update default RSS feed to point to new Blog location
  • BZ - 1648121 - [6.4]After unregistering hypervisor, unable to view subscriptions on activation key via Satellite WebUI
  • BZ - 1648252 - Error after upgrade on subscription page
  • BZ - 1648331 - "Request failed with status code 404" error on Tasks page
  • BZ - 1648344 - Can't sync discovered containers without slash in name from Docker.io registry
  • BZ - 1648358 - [Container Admin] Failed promotion of CV with containers - error message is unhelpful
  • BZ - 1648473 - In satellite 6.4 under the Content -> Packages -> Enter Package Name->Details Sections , the installed on,applicable to,upgradable for shows as 0 hosts.
  • BZ - 1648506 - virt-who is failing when pushing the information to the Satellite Server
  • BZ - 1648903 - Product sync: wrong link to task
  • BZ - 1649040 - Update for host task is no clear with what happened, and next steps
  • BZ - 1649231 - hammer --help does not work with --output json, csv and yaml
  • BZ - 1649471 - [Container Admin] Docker repositories sync - Limit Sync Tags is ignored
  • BZ - 1649766 - User input handled incorrectly in preview
  • BZ - 1649800 - Preview host set should be limited or generating should be confirmed
  • BZ - 1649866 - [Container Admin] Changing repository of any type through web UI changes "Container Image Tags Filter" field value
  • BZ - 1649871 - [Container Admin] hammer shows "Container Image Tags Filter" for non-docker repositories
  • BZ - 1649938 - Pulp_max_tasks_per_child is disabled in capsule but not in satellite
  • BZ - 1649961 - Corrupt Roles after upgrade to 6.4
  • BZ - 1650063 - Applicable errata reporting template missing in 6.5
  • BZ - 1650259 - slow errata query on dashboard
  • BZ - 1650543 - Excessive logging of OpenScap report via Rails
  • BZ - 1650624 - Compute profile settings do not get transported during upgrade from Satellite 6.3 to 6.4
  • BZ - 1650662 - Dashboard with search query generates multiple slow queries
  • BZ - 1651006 - SCAP run failed on RHEL6 with error no such file to load -- json (LoadError)
  • BZ - 1651013 - Job name displayed with html tags
  • BZ - 1651129 - organization changed from Default org to [object Object] on sync status page in satellite WebUI.
  • BZ - 1651189 - /etc/rhsm/rhsm.conf is being incorrectly edited during registration
  • BZ - 1651242 - Satellite 6 should expose suse client repos via http
  • BZ - 1651324 - [Subscriptions] "Partition table" string is displayed instead of "Enabled"
  • BZ - 1651367 - Actions::Candlepin::ListenOnCandlepinEvents occasionally not starting after unclean shutdown of the executor
  • BZ - 1651634 - Capsule 05-pulp-https.conf is using old ProxyPass directive for GPG keys (i.e missing the /v2/)
  • BZ - 1651774 - Hypervisor <-> guest mapping within UI is not accurate
  • BZ - 1651852 - Missing timeout for "Actions::Katello::Host::Package::Update" task
  • BZ - 1651916 - Host details/associated host button on discovered host audit gives 404
  • BZ - 1651981 - view_subscription filter does not allow subscriptions to be viewed
  • BZ - 1652060 - Singleton actions may not start after unclean shutdown
  • BZ - 1652423 - Failed to auto-attach RHEL-8.0-Snapshot-1.0 against Satellite6.4
  • BZ - 1652497 - Missing consumed and entitlements columns at subscriptions page
  • BZ - 1652526 - [RFE] The CV exported tar should have name respective to Content View name
  • BZ - 1652531 - CV with repo having background download policy is importing and exporting
  • BZ - 1652557 - Unable to search host in host search box page
  • BZ - 1652677 - "Host Groups" menu item changed to "Host Group"
  • BZ - 1652732 - Virt-who reported host on Satellite WEB-UI , under Hosts---> Content Hosts shows "Type" as blank
  • BZ - 1652885 - [Modularity][RHEL8]- RHEL8 HBT repo sync are failed to sync module streams
  • BZ - 1652905 - Scriptlet error while upgrading to 6.5 in foreman-installer-1.20
  • BZ - 1652909 - Upgrade from 6.4 to 6.5 failed showing PG::UndefinedTable: ERROR: relation "katello_root_repositories" does not exist
  • BZ - 1652938 - blank page on navigating from foreman to katello page
  • BZ - 1652961 - blank affected organizations/locations for restricted user
  • BZ - 1653200 - Wrong autocomplete suggestion for xccdf_rule_name parameter
  • BZ - 1653251 - Activation key search is broken
  • BZ - 1653386 - Can't search for virt-who hypervisors
  • BZ - 1653584 - [Life Cycle Environment] - Duplicate repos are getting displayed in Library->yum repositories
  • BZ - 1653646 - [Recurring logic/Sync Plan] - Associated Resources are not shown in Recurring Logic created using sync plan
  • BZ - 1653657 - [Recurring Logic] -- UI issue on recurring logic page
  • BZ - 1653792 - Content credential repo page is broken
  • BZ - 1654094 - system purpose status on Satellite is not correct
  • BZ - 1654160 - undefined method medium_uri in AutoYaST default iPXE template
  • BZ - 1654217 - Dynlfow undefined method `dynflow_logger'
  • BZ - 1654263 - Non-admin user can't generate report if it has any user input
  • BZ - 1654327 - Missing value for template kind in provisioning templates audits
  • BZ - 1654565 - katello-ca-consumer-latest.noarch.rpm script, some redirect writing is wrong.
  • BZ - 1654598 - CVv with mirror_on_sync repo is being imported
  • BZ - 1654721 - [Container Admin] hammer lifecycle-environment info doesn't show Registry-related fields
  • BZ - 1654944 - No validation on download policy for non-yum repositories
  • BZ - 1654975 - Dynflow executor termination may hang if there is an action which keeps the executor occupied
  • BZ - 1655094 - Additional new lines in remote execution output
  • BZ - 1655239 - Could not enable redhat repository using hammer cli
  • BZ - 1655243 - Syncing puppet repo gives Error: PLP0034: The distributor indicated a failed response when publishing repository
  • BZ - 1655277 - Upgrade step katello:upgrades:3.9:migrate_sync_plans failed while 6.4 to 6.5 upgrade
  • BZ - 1655407 - [Sync Plan] - Hammer Sync-Plan info does not show foreman_tasks_recurring_logic_id
  • BZ - 1655483 - Importing manifest from UI is broken : TypeError: Cannot read property 'title' of undefined
  • BZ - 1655595 - Sync plans does not start 'repositories sync' first time as per defined "Start Date" and same happened for all 'hourly/daily/weekly' Intervals
  • BZ - 1655628 - Registered hosts' report performs poorly
  • BZ - 1655870 - Unable to delete filters on a Role using system admin
  • BZ - 1655981 - Importing manifest gets slow with increasing number of organizations
  • BZ - 1655982 - [Module Streams] - Getting a blank page with an error in console for modules streams details Page
  • BZ - 1656043 - Provide a branded satellite-maintain script
  • BZ - 1656078 - [Module Streams] - "Filter by Status:" is not working if user tried to use pagination
  • BZ - 1656425 - Upgrade step katello:upgrades:3.8:clear_checksum_type from 6.3 to 6.4 failed - Download policy Cannot sync file:// repositories with On Demand or Background Download Policies
  • BZ - 1656470 - Available Errata report performs poorly for some filters
  • BZ - 1656478 - Add support for multipart proxy upload for new platform services
  • BZ - 1657062 - Link to 'Learn more about this in the documentation' for Config Goups is incorrect.
  • BZ - 1657302 - HTTP Proxies option called "HTTP Capsules" in menus.
  • BZ - 1657475 - katello-agent failed because qdrouterd it is not listening to an IPv6 address (just IPv4)
  • BZ - 1657699 - [Modularity] - Need to run "/usr/libexec/rhsmcertd-worker" every time to see updated module stream profiles
  • BZ - 1657711 - Exporting CV version with non-yum repos not producing correct error for end user
  • BZ - 1657719 - Subscription allocation on customer portal changes back to 6.3 from 6.4 after a manifest refresh from upgraded satellite server.
  • BZ - 1657942 - Update system purpose Candlepin API usage
  • BZ - 1658130 - Typos in user inputs description
  • BZ - 1658157 - User name is not displayed for non default account
  • BZ - 1658193 - Bump ovirt_provision_plugin to 2.0.3
  • BZ - 1658274 - [Container Admin] hammer docker manifest list never shows docker tag names
  • BZ - 1658364 - Foreman background colors used on some error pages.
  • BZ - 1658444 - Ostree repo sync fails with 'OverflowError: MongoDB can only handle up to 8-byte ints'
  • BZ - 1658474 - sub-menu menus being hidden too quickly
  • BZ - 1658592 - [Product]- Sync Plan Interval and timing is shown incorrectly in Product Details Page If Sync Interval is Custom Cron
  • BZ - 1658659 - Error When Creating or Editing Host Group With Operating System
  • BZ - 1659014 - Unable to use auto-attach hitting Cannot read property "length" from undefined (rules#2926)
  • BZ - 1659042 - Bootdisk does not validate media leading to Medium cannot be blank error during bootdisk provision method
  • BZ - 1659324 - While executing insights remediation playbooks via satellite it does not honour HTTP Proxy configured
  • BZ - 1659549 - productid is not published in the content view if that is the only item which changed in the sync
  • BZ - 1659917 - Make request ID longer in production.log
  • BZ - 1659941 - hammer erratum list --organization-id="org_id" display all organizations erratum
  • BZ - 1660133 - hammer repository info show "Red Hat Repository: no" for a Redhat enabled repository
  • BZ - 1660258 - Issue when provision a new Content Host (the network used is different from the selected on the compute profile)
  • BZ - 1660489 - Fact imports erroneously cause audits to be created
  • BZ - 1660497 - sometimes RHEL8 Beta sync fails: PG::UniqueViolation: ERROR: duplicate key value violates unique constraint "katello_module_stream_artifacts_name_mod_stream_id_uniq"
  • BZ - 1660561 - `yum remove java-1.7.0-openjdk` pulls in katello and satellite as dependencies
  • BZ - 1661019 - [Container Admin] docker pull does not work
  • BZ - 1661422 - Recommended Repositories lists tools for outdated Satellite version
  • BZ - 1661483 - Ansible Job Templates fails because sudo password is not provided even though it is
  • BZ - 1661498 - Failure parsing Discovery Red Hat kexec: Safemode doesn't allow to access 'append' on #<Safemode::ScopeObject>
  • BZ - 1661971 - Update from 6.4.1 to 6.5 failed due to yum dependency resolution
  • BZ - 1662150 - [RFE][Hammer/Errata/module streams] - Need to add module streams in hammer o/p for "host errata info"
  • BZ - 1662164 - Compute Resource Libvirt show wrong Display Type in Edit Page.
  • BZ - 1662405 - 403 on attempt to open Packages Actions tab as user with viewer role
  • BZ - 1663021 - Error when uploading a manifest file on the disconnected Satellite Server
  • BZ - 1664261 - unable to change Red Hat CDN URL: Value (NilClass) '' is not any of: ForemanTasks::Concerns::ActionSubject.
  • BZ - 1664281 - it would not possible to provision RHEL 8 Beta (and GA) for disconnected customers
  • BZ - 1664296 - error message have wrong links: Failure parsing Kickstart default PXELinux: undefined method `full_path' for nil:NilClass. [Edit]
  • BZ - 1664436 - disable host-tools plugins where subman supports combined profile
  • BZ - 1664641 - cannot restore backup what was created before upgrade-mongo-storage-engine
  • BZ - 1664948 - There is no "Type" attribute column for subscription under "Content" -> "Subscriptions"
  • BZ - 1665173 - Dependencies of rubygem-smart_proxy_dhcp_infoblox are missing
  • BZ - 1665203 - custom system purpose values not shown in content host details dropdowns
  • BZ - 1665466 - satellite-installer --upgrade qpid-config returned 1 instead of one of [0]
  • BZ - 1665657 - Upgrade Step: katello:upgrades:3.11:update_puppet_repos failed during 6.4 to 6.5 upgrade
  • BZ - 1665780 - hammer host create Error: Found more than one compute_profile
  • BZ - 1666312 - Non-grammatical error message when docker tags whitelist is being set for non-docker repos
  • BZ - 1666632 - Hammer CV export prints new line character in error message instead on implementing it
  • BZ - 1666968 - [Subscription] - Not able to add RHEL8 repositories into Satellite
  • BZ - 1667129 - Providing custom=false to products controller does not filter out custom products
  • BZ - 1667704 - Not able to delete user associated with usergroup
  • BZ - 1667775 - [RFE] Satellite 6.4 WebUI Capsule documentation link is incorrect
  • BZ - 1668449 - Unable to refresh manifest or complete Expired Pools job
  • BZ - 1669186 - Manifest upload task takes too much time
  • BZ - 1669241 - Manifest can be refreshed only by the user who imported. Other user can't refresh that.
  • BZ - 1669484 - Red Hat Enterprise Linux Atomic Host (Kickstart) repo is showing "Unspecified"
  • BZ - 1670002 - wrong ordering of a smart variable matchers applied when a parameter is in a compound matcher and also standalone
  • BZ - 1670090 - Hammer CSV should be deprecated
  • BZ - 1670100 - [RFE] RHEL8 Support in Satellite 6 [tracker]
  • BZ - 1670104 - [RFE] Add System Purpose to Satellite 6
  • BZ - 1670125 - Red Hat Repositories does not show enabled repositories list with search criteria 'Enabled/Both'
  • BZ - 1670173 - [RFE] Foreman canned admin
  • BZ - 1670276 - Unable to synchronise a repository that uses SSL certificates for authentication
  • BZ - 1670524 - Html numeric code is displayed on task page
  • BZ - 1670729 - some host group related options are not getting assigned to content host.
  • BZ - 1671148 - hammer host update not showing --lifecycle-environment option
  • BZ - 1671202 - Capsule sync failed with undefined method `backend_service' for nil:NilClass after upgrade to 6.5
  • BZ - 1671517 - hammer host update --service-level fails with Numeric Value is required
  • BZ - 1671531 - Expose route for system purpose compliance
  • BZ - 1671577 - Regenerate applicability fails when there is a missing repo
  • BZ - 1672426 - Remove Red Hat Access Case Management Plugin
  • BZ - 1672498 - Change permissions for grub2/shim.efi
  • BZ - 1672751 - scan_cdn task failed while enabling red hat repositories from cdn
  • BZ - 1673032 - when I sync RHEL8 x86_64 BaseOs and AppStream repos and kickstarts, I do not see "Synced Content" in Hosts -> Create Hosts -> Operating System -> Media Selection
  • BZ - 1673215 - Unable to sync 3 SLES Update repositories
  • BZ - 1673326 - "Red Hat Registry" is ambiguous
  • BZ - 1673474 - vmware compute-attributes scsi_controller_type not honored
  • BZ - 1674496 - foreman-rake command throw lot of Warning messages while running any rake commands
  • BZ - 1674548 - Recommended repositories page on Satellite 6.5 page listing some non-relevant repositories
  • BZ - 1676642 - [Modularity, discovery] - Showing empty discovery repo for repo url containing module streams
  • BZ - 1676663 - service command can't connect to remote mongodb
  • BZ - 1677014 - Improve diagnostic info for bootstrap.py --rex commands
  • BZ - 1677309 - Not able to run Ansible playbooks under Access Insights
  • BZ - 1677620 - Clicking on Host count under Ansible Roles, shows null results.
  • BZ - 1677773 - hammer erratum list fails for host
  • BZ - 1677916 - Clone vm fails with error "TypeError: no implicit conversion of nil into String" if host is disassociated
  • BZ - 1678177 - Changing Sync plan from Default options to Custom Cron does not work.
  • BZ - 1678322 - httpd fails to start after installing capsule in FIPS mode
  • BZ - 1678763 - Please add Red Hat Enterprise Linux 7 Server Kickstart x86_64 7.x into recommended list
  • BZ - 1678770 - Status of Module Stream is not correctly updated in web UI
  • BZ - 1678892 - system purpose dropdowns are not disabled when no values present
  • BZ - 1679481 - Discovery taxonomy broken due to regression in puppet importer
  • BZ - 1679959 - Link to the documentation at the bottom of 'Hosts --> Content Hosts --> Register Content Host' page is broken
  • BZ - 1680067 - Documentation link is wrong for Infrastructure > HTTP Capsules
  • BZ - 1680441 - customer db upgrade from 6.4 to 6.5 failed at upgrade task: katello:upgrades:3.11:update_puppet_repos
  • BZ - 1681009 - Could not perform package actions on rhel 5 clients
  • BZ - 1683081 - when candlepin is in "SUSPEND" mode, `hammer ping` still reports "ok" on candlepin
  • BZ - 1683096 - hammer sync-plan update does not work with custom cron
  • BZ - 1683350 - FIPS provisioning templates need to be updated
  • BZ - 1683592 - Exporting a CV with only puppet modules raises a tar error
  • BZ - 1683687 - improve Katello::Pool.import_all by querying candlepin activation keys once per each org only
  • BZ - 1683935 - Unable to create docker repository when "Registry Name Pattern" is set in LE
  • BZ - 1684291 - [regression] No saved searches listed ( bookmarks ) in Monitor -> Tasks
  • BZ - 1685437 - [webUI, Repo-Discovery]- Failed to discover the repository from Repo Discovery Page
  • BZ - 1685726 - Unhelpful error message when "Suggest IP" fails due to SSL verify error
  • BZ - 1686013 - Unable to install katello-agent on rhel 8 : nothing provides python3-qpid-proton needed by python3-gofer-proton
  • BZ - 1686460 - "Requires Virt-Who" column not listed on Red Hat Subscriptions page
  • BZ - 1686540 - Update version to state 6.5 Beta for Public Beta
  • BZ - 1686604 - manifest upload duplicate key value violates unique constraint
  • BZ - 1686964 - [Modularity] - RHEL 8 Appstream/BaseOS beta Repositories not getting available to the content host.
  • BZ - 1687190 - sporadic timeouts in opening TCP connection prevents Satellite upgrades
  • BZ - 1687250 - Remove Beta from version on login page before GA
  • BZ - 1687264 - Could not install katello-host-tools-tracer on rhel 8 : nothing provides python3-beautifulsoup4, python3-psutil needed by python3-tracer
  • BZ - 1687378 - Create host for esxi hypervisor fails with Validation failed: Name has already been taken error
  • BZ - 1687577 - [Repo-Discovery] - Duplicate URLs getting appended in while creating repos from repo-discovery feature
  • BZ - 1687956 - 6.5 Branding
  • BZ - 1688636 - Missing checkbox to toggle between applicable errata and installabe errata in the errata content hosts page.
  • BZ - 1688840 - Candlepin connection times out on large virt-who checkins
  • BZ - 1688973 - Manifest refresh does not import new CDN certificates into Pulp
  • BZ - 1689144 - No puppet agent in rhel 8 tools repository
  • BZ - 1689240 - Incorrect size of a rebranded icon
  • BZ - 1690390 - Enable GA repositories for 6.5 upgrade
  • BZ - 1690449 - Satellite UI page headers and Navigation missing when selecting insights pages
  • BZ - 1690795 - Remove Grub2 UEFI HTTP options from PXE loader
  • BZ - 1691105 - Content view version delete results in broken sym links
  • BZ - 1692009 - Javascript error on accessing red hat subscription and repository page
  • BZ - 1692697 - virt-who hypervisor_id has different behaviors between sat6.5-snap20 and sat6.5-snap21
  • BZ - 1693867 - CVE-2019-3891 candlepin: credentials exposure through log files
  • BZ - 1694715 - on big katello-agent update: PG::StringDataRightTruncation: ERROR: value too long for type character varying(255)
  • BZ - 1695379 - Update syspurpose status handling to match Candlepin
  • BZ - 1696273 - Katello::Content uses removed Katello::Glue::Candlepin::Product.import_product_content
  • BZ - 1696718 - arrayIndexOutOfbounds wrapped in JsonMappingException during serializing java.util.Date fields
  • BZ - 1696969 - Unable to upload arf report on rhel 6 client: unexpected '.', expecting kEND (SyntaxError)
  • BZ - 1698549 - Incremental publish of RPM repos fails after upgrade from 6.4 to 6.5
  • BZ - 1698876 - Registered Hosts: inefficient google-style filter
  • BZ - 1698947 - Puppet environments are not synced to the capsules
  • BZ - 1699017 - rubygem-smart_proxy_dhcp_infoblox and rubygem-smart_proxy_dns_infoblox not avaliable in capsule repo

CVEs

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started