Related Vulnerabilities: CVE-2019-10086 CVE-2019-12086 CVE-2019-0231 CVE-2019-0231 CVE-2019-12086 CVE-2019-10086 CVE-2019-0231 CVE-2019-10086 CVE-2019-12086

Source

Synopsis

Important: Satellite 6.7 release.

Type/Severity

Security Advisory: Important

Topic

An update is now available for Red Hat Satellite 6.7 for RHEL 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.

Security Fix(es):

apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)
mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure (CVE-2019-0231)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

Ansible Runner is now the default way to utilize Ansible for remote execution jobs.
Users now have the ability to log into hosts using the Web Console directly from the Satellite UI.
Azure has been added to the list of supported compute resources for provisioning along with many bug fixes for Google Compute, RHEV, VMWare, and Kubevirt.
Content views have been improved with many bug fixes, performance improvement, and the addition of filtering on modules.
Content syncing has been improved with many fixes, and the ability to add proxy definitions to each product in Satellite.
The installation process has been improved to include better tuning defaults and several other bug fixes.
Subscription Management has been improved with many bug fixes in Satellite, new reporting, as well as in the inventory upload plugin which allows customers to view their inventory in Subscription Watch at cloud.redhat.com
Security improvements include the ability to impersonate another user, and the introduction of integration with Red Hat SSO using openid connect.

The items above are not a complete list of changes. This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.7/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts

Affected Products

Red Hat Satellite 6.7 x86_64
Red Hat Satellite Capsule 6.7 x86_64

Fixes

BZ - 1201146 - [RFE] Ability for Satellite 6 to provision systems in Microsoft Azure cloud
BZ - 1215390 - [RFE] Add option "deployment size" to tune system properly
BZ - 1336437 - [RFE] Set Disk Interface when creating new VMs in RHEV Compute Resource
BZ - 1343707 - Drop down menu for composite content view versions are not sorted
BZ - 1367549 - When a Discovered Host is converted to a Managed Host the IP address is not changed to fall within the subnet range
BZ - 1378442 - [RFE] Unable to upload source RPM packages
BZ - 1424922 - Search filter disappears when deleting a host.
BZ - 1468388 - [RFE] Tasks: allow for searching of tasks by 'user'
BZ - 1468742 - [RFE] Allow Satellite user to choose between VNC, SPICE for Display type on RHEV compute resources
BZ - 1474311 - [RFE] add "elapsed time" column to task page for tasks
BZ - 1479765 - [RFE] Commands for creating, updating and deleting compute profiles and attributes
BZ - 1486353 - [RHEV] VirtIO serial console option gets disabled when Host parameters are updated
BZ - 1495335 - Capsule Sync Optimized sync starts task with the error message 'undefined method '[]' for nil:NilClass(NoMethodError)'
BZ - 1503059 - Primary interface being a bond creates invalid host interfaces
BZ - 1511254 - Host search using OR on facts finds duplicate records and takes a long time
BZ - 1517257 - Rhev host updation, memory field greyed but still editable
BZ - 1528193 - subscription-manager register facts create duplicate interface with wrong mac for bond
BZ - 1535579 - New ansible version requires python2-jmespath
BZ - 1537555 - Cannot remove GPGkey from client repo
BZ - 1541481 - [RFE] krb5 support for remote execution job invocations failing on selinux enabled machines.
BZ - 1561796 - [RFE] Add Hammer options for Host Groups to add Compute Profile
BZ - 1567784 - Notification window is not big enough to show the whole message.
BZ - 1568046 - [RFE] Allow specifying which proxy to use on a per-repo basis
BZ - 1571210 - [RFE] Keycloak/RHSSO integration
BZ - 1574526 - satellite-installer imports pgsql data during new installation
BZ - 1578911 - VMware resource pools are populated only from first cluster found
BZ - 1590854 - [RFE] The Ansible features are missing in hammer
BZ - 1591908 - [RFE] remove cp_event table, collection and Change endpoints that return events to return empty lists.
BZ - 1596882 - [RFE] Add sorting by product to GET /owners/{owner_key}/pools
BZ - 1597246 - [RFE] Remote Execution should provide an option to randomize the execution order
BZ - 1599313 - Sort order different between Subscriptions and Add Subscriptions page
BZ - 1607550 - Ansible Tower inventory integration is slow
BZ - 1609823 - When virt-who is not required for a subscription, minus sign in "virt-who required" column should not be bold.
BZ - 1619533 - Upgrade katello-ca-consumer rpm will cause rhsm.conf to point back to customer portal.
BZ - 1624424 - [RFE] searching on a specific host's hosts/<id>/interfaces should only return the matching interface
BZ - 1625115 - [RFE] change grouping of subscriptions
BZ - 1628782 - Pulp monthly maintenance not being ran on Capsules
BZ - 1631712 - 'Guests of <hypervisor>' line crossing column boundaries
BZ - 1631812 - Searching by user with ~ is not properly handled.
BZ - 1634760 - "undefined method `href' for nil:NilClass" when provisioning host without --interface
BZ - 1635093 - [RFE] Remove Hosts with alerts disabled' from the "Host Configuration Chart"
BZ - 1637777 - running forceful sync on an external capsule doesn't fix missing symbolics
BZ - 1639696 - Remove unsupported Compute resources from the Satellite webui.
BZ - 1639952 - Red Hat Subscriptions: SKU column does not truncate or wrap
BZ - 1641223 - Can't create a new session in foreman: integer out of range
BZ - 1642171 - Initial tuning on the Satellite 6 Server (PG configuration)
BZ - 1643530 - [RFE] OS parameter to override PXE Loader
BZ - 1645275 - Output of "hammer organization list" Should Only Begin with an Organization ID
BZ - 1646357 - Repositories proxy setting 'Ignore Global HTTP Capsule' confusing
BZ - 1651660 - Unable to access the console if using oVirt experimental APIs
BZ - 1651799 - var/log/foreman/dynflow_executor.output should be rotated
BZ - 1658566 - [RFE] Generated report file has MIME type text/plain
BZ - 1659414 - force-content-source does not work in an loadbalanced scenario
BZ - 1661471 - Missing routes when checking facts containing '/'
BZ - 1662212 - No temporary subscriptions granted to VM
BZ - 1662492 - [RFE] Generate the complete report about Entitlement Information (hypervisors versus Content Hosts)
BZ - 1663214 - PG::TRDeadlockDetected on removing organization
BZ - 1665134 - "undefined method `storagedomains'" with Hammer, --volume and APIv4
BZ - 1667105 - Hammer help: it is not specified that compute_network should be specified by uuid
BZ - 1667973 - Unable to add smartclass parameter with matcher fqdn, when hosts installed with disabled option "add domain to hostname"
BZ - 1668052 - [RFE] Add support for module dependency resolution
BZ - 1670109 - foreman-tasks won't start if SELinux is enforcing
BZ - 1670463 - [RFE] Move LoginPage into a React component using patternfly-react LoginPage component.
BZ - 1672648 - Combination of SCAP Compliance report for multiple profiles does not show up in Satellite web ui.
BZ - 1677282 - Not able to enter proxy URL in setting page
BZ - 1678179 - Manage Repository Sets option for content hosts Does not Show Custom Repositories
BZ - 1679593 - Ovirt client returned an error: undefined method `href' for nil:NilClass
BZ - 1680112 - Compute resource RHEV url should be /ovirt-engine/api
BZ - 1684531 - [RFE] Use the word 'Delete' instead of 'Remove' when deleting a content host in WebUI
BZ - 1687341 - [Kubevirt-Foreman] Foreman always takes provision option true and gives bootorder 1
BZ - 1687520 - Clearing content source from hostgroup fails due to 'unable to flatten recursive array'
BZ - 1687771 - restarting dynflowd with a task in planning phase can leave the task "planning" forever
BZ - 1691453 - [RFE] Ability to restart the machine while the remote execution job is still acting as running - backend
BZ - 1692753 - [API] - Wrong error message when changing the location of a compute resource to location that doesn't exists
BZ - 1693249 - Define the standard value on candlepin.conf to "db.config.in.operator.block.size"
BZ - 1694093 - [RFE] If Listen On Candlepin Event and Monitor Event Queue tasks stops for any reason then it should be started automatically
BZ - 1695645 - [Kubevirt-Foreman] Image based provisioning should have bootorder: 1 for containerDisk
BZ - 1696086 - [Kubevirt-Foreman] wrong validation on x509 certificate
BZ - 1696625 - WebUI export task to contain task UUID
BZ - 1698151 - [RFE] Remote Execution should support pausing and restarting
BZ - 1698154 - [RFE] UI for templates import
BZ - 1698158 - [RFE] Activation Keys should support setting system purpose
BZ - 1698176 - [RFE] Make Ansible Runner the default
BZ - 1698181 - [RFE] Allow users to log into Cockpit from the Satellite UI.
BZ - 1700016 - CVE-2019-0231 mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure.
BZ - 1700501 - [RFE] Configure MALLOC_ARENA_MAX=2 as default for dynflow
BZ - 1700769 - [Kubevirt-Foreman] PVC size has no validation
BZ - 1701062 - [RFE] - Ability to set the file extension for generated Satellite 6.5 reports
BZ - 1701942 - Sudo password should be hidden instead of plain text.
BZ - 1703096 - Ansible roles page should say "import from foo.example.com"
BZ - 1703175 - The welcome page for HTTP proxies says Capsules instead of Proxies
BZ - 1703490 - Satelllite Audits page is very slow
BZ - 1705968 - [Bug] Logs flooded with repeated current user without actual action
BZ - 1710555 - rest-api endpoint /katello/api/v2/environments with sort_by=id no longer works with 6.5 (but did with 6.3 and 6.4)
BZ - 1711465 - [RFE][scale & performance] Add installer option for common scale related tuning parameters
BZ - 1712015 - [RFE] foreman/app/views/nic/_base_form.html.erb should specify subnet w/ TFTP capsule required for PXE provisioning
BZ - 1713468 - CVE-2019-12086 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.
BZ - 1714537 - [Kubevirt-Foreman] Exception with 'refresh_cache'
BZ - 1717374 - Branding for the new Login Page
BZ - 1718077 - [RFE] Implement a new templates editor
BZ - 1718988 - [RFE] Content Views - support filtering Modules / App Streams
BZ - 1719175 - Proxy password with special character fails for insights with "407 Proxy Authentication Required"
BZ - 1719636 - Missing(ID: N) for Host_ids column in case of audit records for subscription updates
BZ - 1720141 - Satellite clone should leverage the foreman-maintain restore instead of implementing it's own restore procedure
BZ - 1720904 - Branding for the new external logout page
BZ - 1721679 - [RFE] Handle host-related tasks in separate queue to avoid conflicts with user-related actions
BZ - 1721848 - Implement CLI and API endpoints for GCE Compute Resource
BZ - 1722841 - [RFE]Disable directory listing for /pub directory on satellite 6 capsule using custom-hiera
BZ - 1723670 - [RFE] print applied filter on task export
BZ - 1725957 - Incremental errata dependencies not getting copied over for RHEL 8
BZ - 1725958 - Incremental errata dependencies not getting copied over for RHEL 8
BZ - 1726139 - Incremental update should consider module_defaults and copy them if needed
BZ - 1728612 - Include Ansible become_method or make it inherit from rex settings
BZ - 1728655 - [Kubevirt-Foreman] error in enabling foreman-cli-kubevirt
BZ - 1728671 - There was an error listing VMs: undefined method `boot_order' for nil:NilClass
BZ - 1729179 - [RFE] remove support for rhn-migrate-classic-to-rhsm for RHEL8
BZ - 1729364 - Refreshing the manifest on Red Hat Satellite 6 changes the product name by adding round bracket "()" to it.
BZ - 1730371 - report template schedule with mail to paramaeter doesn't show job id in hammer
BZ - 1730375 - in hammer, report template schedule doesn't work with unique parameter --name when parameters wait and path are provided
BZ - 1730752 - [RFE] Add ability to export content view like the CDN
BZ - 1731136 - HostCollection Errata Install WebUI errata selection and pagination issues
BZ - 1731373 - Can't update token
BZ - 1731516 - VMware Image based Provisioning fails with error- : Could not find virtual machine network interface matching <IP>
BZ - 1732056 - [RFE] custom repositories should default to immediate
BZ - 1732657 - Client registration on Satellite 6.5 is really slow compared to 6.4
BZ - 1732707 - Run Openscap scan does not work for ansible deployments.
BZ - 1734359 - [RFE] Enhancement of the UUID option on Content Hosts page on the Red Hat Satellite GUI.
BZ - 1734776 - Kubevirt related fields missing in API, Hammer
BZ - 1734808 - [RFE] Make Ansible Runner the only way to run Ansible
BZ - 1736179 - Remove --host-parameters-attributes and --interfaces from "hammer discovery" command
BZ - 1737418 - [Kubevirt-Foreman] Compute profile edit form has no validation for Storage size
BZ - 1738472 - [Kubevirt-Foreman] Host creation via API ignores CPUs count specified in request
BZ - 1739074 - Update Insights Client Role
BZ - 1741011 - pulp can't handle update version as a string in updateinfo.xml
BZ - 1741275 - [RFE] Add Reverse Proxy options supported via custom-hiera.yaml
BZ - 1741847 - [Satellite6] satellite-change-hostname fails if locale is set to ja_JP.UTF-8
BZ - 1742195 - [RFE] Need an easy way to see when servers were last rebooted from Satellite 6, This lastboot information was available in Satellite 5
BZ - 1743254 - foreman-proxy http port 8000 is enabled while it should be disabled by default
BZ - 1743481 - [RFE] Content-View filtering not working as expected
BZ - 1744528 - Make free IP ping optional
BZ - 1745494 - When running remote action with ansible-runner the task ends up in suspended state
BZ - 1745835 - Full Capsule sync doesn't fix the broken repository metadata and results in ERROR: "undefined method `[]' for nil:NilClass"
BZ - 1746780 - [RFE] Host parameter should be accessible in Report Template without setting "Safemode rendering" to false
BZ - 1747512 - [RFE] katello-certs-check should display a warning if there is a passphrase protected key file
BZ - 1747566 - Escape backslashes added to value each time Ansible array variable is edited in Satellite 6.6 beta
BZ - 1747581 - capsule-certs-generate uses a value for --foreman-proxy-cname to add a DNS record even if it is invalid
BZ - 1749233 - by default 'log_min_duration_statement = 1000' should be configured for PostgreSQL
BZ - 1750030 - Deleted log files kept open until the respective service is restarted
BZ - 1750248 - Rotated and deleted log files kept open until smart-proxy is restarted
BZ - 1750811 - Content View publish with dep solve and no filters adds recursive flag
BZ - 1750924 - Report Template execution via hammer fails with "unknown parent permission"
BZ - 1752436 - Filter from chart is removed when trying to navigate to next page in table
BZ - 1753125 - Failed to deploy Kubevirt VIrt-who-Configuration
BZ - 1753313 - "undefined method `policies' for nil:NilClass" when assigning a policy
BZ - 1754314 - memory leak in qpid-proton 0.28.0-1 libraries used by goferd when conection to qdrouterd is bounced
BZ - 1754424 - Updating policy to Ansible without ansible role should not break page
BZ - 1754465 - [Satellite 6.6.0 Snap21] Null exception(mozilla.jss.crypto.AlreadyInitializedException)gets after restarting candlepin service.
BZ - 1754598 - Satellite's registry crane port 5000 presenting incorrect Certificate Chain
BZ - 1754864 - [Kubevirt-Foreman] The creation of a compute profile with volumes and interfaces is not working properly.
BZ - 1755451 - [Kubevirt-Foreman] The creation of a compute profile with volumes and interfaces is not working properly.
BZ - 1755614 - SmartProxy and Foreman-proxy uses OpenSSL cipher name 'ECDHE-RSA-AES128-CBC-SHA','ECDHE-RSA-AES256-CBC-SHA' which are not listed or need to modify according to IANA names
BZ - 1755864 - Puppet Smart Class Parameters names changed after upgrade from 6.3 to 6.4 from idm_* to freeipa_*
BZ - 1756955 - virt-who hypervisor update may cause rhsm certs check to stuck for several minutes which will lead to 503 or connection timeout
BZ - 1758250 - Unable to sync the contents due to an error - PG::ProtocolViolation: ERROR: invalid message format
BZ - 1758645 - Virtual H/W version for VMware 6.7 are missing
BZ - 1762793 - Remove RHSM facts when unregistering
BZ - 1762858 - Red Hat Satellite Tools 6.5 repository for RHEL 8 showing not selected on Red Hat Satellite
BZ - 1763283 - Error while refreshing manifest- 'no implicit conversion of Integer into String'
BZ - 1763837 - Registering RHEL-8 machine using bootstrap with --rex parameter fails with error 'TypeError: 'in <string>' requires string as left operand, not bytes'
BZ - 1763884 - [RFE] Allow Find it Fix it to start from c.rh.c and execute on the satellite
BZ - 1763893 - [RFE] Implement impersonate feature for easier debugging
BZ - 1764625 - Parameters get converted from type string to boolean including the value
BZ - 1765610 - Content View publish does not return a meaningful result in the task output
BZ - 1766199 - API call to list a hostgroup by id misses compute_resource_id
BZ - 1766344 - Unable to register a machine with bonded primary interface
BZ - 1766529 - foreman-rake rescan_reports_origins fails with NameError: uninitialized constant ConfigReport
BZ - 1766919 - satellite-change-hostname fails with error "illegal option -- r".
BZ - 1766947 - Links to repositories in content credentials are broken
BZ - 1766948 - PG::ForeignKeyViolation when trying to add a relation to deleted users
BZ - 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default
BZ - 1769251 - Updating the Context-Sensitive Help Links for 6.6
BZ - 1770044 - foreman-rake katello:reimport fails with 'NoMethodError: undefined method `pulp2_service_class' for nil:NilClass'
BZ - 1770383 - yum update from 6.6 to 6.7 gives post scriptlet failures for foreman-installer rpm
BZ - 1770384 - Login page of satellite 6.7 has foreman (blue theme) at bottom
BZ - 1770393 - Web ui spinner from red hat repositories page keeps loading on enabling/disabling repository
BZ - 1770394 - katello-certs-check output print foreman-installer/ katello/foreman-proxy-certs-generate on sat 6.7
BZ - 1770430 - Internal Server Error while creating scap policy using hammer
BZ - 1770431 - Uncaught ReferenceError: foreman_url is not defined on selecting life cycle env while creating/editing hostgroup
BZ - 1770433 - 500 Internal Server Error while uploading report from proxy to satellite
BZ - 1770584 - Add support for satellite 6.6 clone
BZ - 1770646 - log_rotation_size must be set when enabling log_min_duration_statement for PostgreSQL
BZ - 1770669 - Sync Status page's Collapse All, Expand All, Select None. Select All and Active only buttons not working.
BZ - 1770999 - SELinux denials when connecting to cockpit using REX
BZ - 1771092 - Manifest progress bar hangs during deleting, uploading, and refreshing manifest
BZ - 1771334 - Unable to delete deployed virt-who configuration
BZ - 1771404 - Failed to remove life cycle environment from the capsule due to error in the option "--environment-id"
BZ - 1771419 - 'Rerun failed' sets execution order to alphabetical by default
BZ - 1771421 - "provisioning_template" no longer recognized as auditable_type
BZ - 1771425 - Keycloak httpd configuration lost after installer run
BZ - 1771453 - [Content View Filter] - Content View Publish is failing for module stream filters with Dependency Solve 'Yes'
BZ - 1771507 - After 6.6 to 6.7 upgrade sync status detail page get broken with message like "Couldn't find Katello::Repository without an ID"
BZ - 1771508 - Unable to assign Compliance policy to host from Satellite UI.
BZ - 1771528 - Job details is missing overall result, only percentage is shown
BZ - 1771719 - Move Actions::Katello::Host::Update out of dynflow
BZ - 1771905 - Upstream RSS feed url in satellite 6.7
BZ - 1771937 - Creating a new product by limited permissions user fails with error "NoMethodError: undefined method `[]' for nil:NilClass"
BZ - 1772024 - Support of openidc in keycloak-httpd-client-install package
BZ - 1772029 - Show error on invalid oidc issuer
BZ - 1772079 - main menu navigation to all entities doesn't work from the same entity page
BZ - 1772199 - Provide configuration option to disable UUID uniqueness constraint in Satellite 6
BZ - 1772323 - Unable to delete SCAP reports from Satellite UI
BZ - 1772349 - [RFE] Foreman-installer --tuning skip the hardware compatibility check in the beginning.
BZ - 1772398 - Could not specify organization/location for users that come from keycloak
BZ - 1772403 - Could not able to refresh external usergroup from keycloak
BZ - 1772857 - Unable to search repository in repositories filter box with name
BZ - 1773133 - Foreman-rake facts:cleanup batch/rolling support
BZ - 1773146 - comps.xml is missing environment groups information from the repositories inside content view in Satellite 6.6
BZ - 1773472 - ssl certificate not computed in ovirt v4
BZ - 1773584 - tfm-rubygem-foreman_remote_execution-cockpit package is missing
BZ - 1773601 - Publishing a new version of Content view is slow and taking huge time in Satellite 6.6.
BZ - 1774083 - Task charts does not change context in sub tasks view
BZ - 1774324 - [Tracker] Content Mgmt: http_proxy issues
BZ - 1774327 - Unable to assign http_proxy to a product using hammer CLI
BZ - 1774953 - GET katello/api/v2/subscriptions/:id always fails with error: This subscription is not relevant to the current organization
BZ - 1775274 - [RFE] Allow for the manual install of the inventory plugin
BZ - 1775616 - [GCE] Always any selected image type is being selected as f1-micro.
BZ - 1775889 - Unable to enable 'Compute Resources-Azure' plugin , ERROR: Unrecognised option '--enable-foreman-plugin-azure'
BZ - 1775890 - [Tracker] Azure Compute Resource
BZ - 1776002 - Fix Login Page styles
BZ - 1776081 - Unable to load Product Tasks and shows error : foreman_tasks/api/tasks/bulk_search 500 (Internal Server Error)
BZ - 1776108 - Recommended repositories page shows Capsule/Tools repos for 6.6 version
BZ - 1776117 - [RFE] GCE CR zones/flavors-or-machine-types/networks listing is not implemented.
BZ - 1776151 - Job result as failure on successful playbook run
BZ - 1776283 - Display advanced fields doesn't work
BZ - 1776381 - In job details in table - 'Status' column is not updated
BZ - 1776387 - merged PR - 28200 from foreman is missing in downstream
BZ - 1776754 - In job template when adding foreign input set - unchecking 'Include All' does not enable 'Include' field
BZ - 1776900 - Create Compute Resource fails due to uninitialized constant ForemanAzureRM::AzureSDKAdapter
BZ - 1776927 - Kickstart default iPXE setting wrong ksdevice when primary interface is not used for provisioning
BZ - 1777027 - Misspelling on login page
BZ - 1777191 - Filter_hosts and Exclude_hosts options are invalid for kubevirt hypervisor
BZ - 1777306 - Correct "Default http Capsule => Default Http Proxy" and "Http Capsule Policy" to "Http Proxy Policy" and "Manage Http Capsule" => "Manage Http Proxy"
BZ - 1777522 - Virt-who Configurations page on the Red Hat Satellite WebUI shows status as "No Report Yet"
BZ - 1777713 - Repository info does not show assigned http_proxy details using hammer CLI
BZ - 1777720 - Repository create with http_proxy name fails with Error: Found more than one http_proxy.
BZ - 1777730 - hammer settings content_default_http_proxy does not have validation for provided values
BZ - 1777908 - [RFE] Add option to resume tasks from the tasks index page
BZ - 1777910 - [RFE] Add option to cancel tasks from the tasks index page
BZ - 1777992 - Error to deploy host on RHV 4.3 via Satellite using custom instance type.
BZ - 1778139 - [UI] The dirname option is missing in template export and import options
BZ - 1778146 - [QE Tracker] Foreman Templates UI Support
BZ - 1778174 - [UI] The foreman templates tooltips needs some improvements
BZ - 1778177 - Exporting in /tmp directory without access permissions doesnt throw and error as expected.
BZ - 1778181 - [UI] The lock option is missing in template import
BZ - 1778184 - [UI] The "file name" cloumn doesnt displayes file_name for export for any template class.
BZ - 1778242 - Login page lost redhat logo and uses foreman blue theme
BZ - 1778599 - [Hammer] - Wrong Error Message/Return code getting after exceeding the 'failed_login_attempts_limit'
BZ - 1778764 - Host can not provision using Static private IP enable
BZ - 1779003 - VM power on/off display "Error - undefined method `reload' for #<ForemanAzureRM::AzureRMCompute:0x00007f75f3647b28>" when do the same using from 'Compute Resourses'
BZ - 1779004 - Host create using check enable/disable of 'Power ON this machine upon creation' does not care of it.
BZ - 1779009 - VM properties widget is overlapping
BZ - 1779012 - After edit the created Image provided password gets blank
BZ - 1779302 - "search"=>"resource_type = Katello::Repository fails
BZ - 1779653 - Searching for tasks fails with PG::AmbiguousColumn: ERROR: ORDER BY "started_at" is ambiguous
BZ - 1779689 - No options available to Import VM as managed and unmanaged hosts
BZ - 1779971 - Job invocation using Ansible commands fails with error "undefined method `input_values' for nil:NilClass".
BZ - 1780056 - APIv3: undefined method `text' for nil:NilClass
BZ - 1780108 - Job invocation using Ansible commands stays stuck in pending state.
BZ - 1780246 - Compute resource create with region through CLI does not have validation for invalid region
BZ - 1781016 - Selected Image', 'Custom Script Command', 'Comma seperated file URIs' get blank after save in specified Compute_Profile
BZ - 1781017 - Assigned compute profile shows 'VM Attributes' blank
BZ - 1781080 - Update rubygem-prometheus-client to 1.0.0
BZ - 1781176 - 'hammer compute-resource info' shows 'secret_key' as plain text
BZ - 1781183 - hammer host create with compute-attributes 'image_id' requires 'Marketplace URN' instead of Compute_Resource created image ID
BZ - 1781186 - Progress percentage not working as expected with foreman-installer
BZ - 1781340 - Cleaning orphaned facts fails with undefined method map
BZ - 1781402 - The host or global parameter 'remote_execution_ssh_keys' is ignored during provisioning
BZ - 1781546 - Hammer cli unable to show complete n/w ID
BZ - 1781766 - No validation for compute_public_ip attribute in cli
BZ - 1781794 - Scrolling in the new templates editor scrolls the preview as well (and vice versa)
BZ - 1782075 - compute_profile attributes values created using hammer does not reflect on UI
BZ - 1782131 - hammer compute-resource create/update region helptext requires to update for AzureRM
BZ - 1782524 - White background on screen when drilling into a table area and clicking back button
BZ - 1782593 - Accessing deleted tasks link in monitoring redirects to blank page
BZ - 1782792 - Cannot sort tasks by duration
BZ - 1782807 - Can't generate ansible inventory under non-admin user
BZ - 1783995 - [User] - User not able to get deleted if it is assigned to multiple user groups
BZ - 1784165 - Exclusion filter on a package with higher version doesn't work on conservative dep-solving
BZ - 1784295 - "Required lock is already taken by other running tasks." error in production.log while assigning HTTP Proxy to Products.
BZ - 1784454 - Auto attach option is being set to null after activation key is created
BZ - 1784482 - Web Console button doesn't have ID
BZ - 1785284 - Compute Resource create does not validates the zone name and creates the Compute Resource.
BZ - 1785576 - [Hammer] [CR-General] The id field in Compute Resource images listing are not shown
BZ - 1785613 - Templates Export to git repo is failing with error : <branch> did not find file known to git
BZ - 1785620 - [Hammer] host creation using hostgroup fails
BZ - 1785633 - [UI] The report of templates is not shown for the templates those are not exported.
BZ - 1785654 - [UI] Importing job templates from throws NonUniqueInputsError
BZ - 1786114 - Insight plugin doesn't understand host location.
BZ - 1786283 - Enable AzureRM plugin does not refresh the hammer cache
BZ - 1786700 - VM created using hammer default take 'OS Disk Caching' value 'ReadWrite'
BZ - 1787147 - An admin cannot GET subscription/manifest uploaded in org created by another admin
BZ - 1787330 - Product task details tab repeatedly loads and appends tasks list data by XHR
BZ - 1787355 - [API] [Import] The skip message in additional errors in not shown, for filter based skipped template
BZ - 1787729 - Applied Errata report no longer works when last reboot is included
BZ - 1788969 - foreman-cockpit fails to parse foreman-cockpit-session.yml
BZ - 1789013 - RHEL 8 appstream repositories are not published correctly in a content view
BZ - 1789240 - Enable AzureRm plugin by default in satellite-installer
BZ - 1789309 - Create host using compute_profile the 'image' field under 'OS' tab remain disabled and host create failed as well
BZ - 1789426 - Report Templates cannot be scheduled using UI
BZ - 1789654 - Custom products created after JAN-2020 can't be consumed by hosts
BZ - 1789665 - Ensure events recover after db outage
BZ - 1789676 - After updating http-proxy for repository, repository info command shows the old http-proxy-id and new http-proxy name.
BZ - 1789838 - deprecate ostree and puppet types
BZ - 1790184 - default dns timeout value is nil
BZ - 1791276 - hammer task progress command complete with "Error: undefined method `empty?' for nil:NilClass" exception.
BZ - 1791819 - Registration fails when distribution.name fact is missing
BZ - 1792018 - Virt-who is not able to upload the Hypervisor list if the manifest has content access mode as org_environment
BZ - 1792836 - "Update HTTP Proxy details" tasks ends up in paused state.
BZ - 1793092 - candlepin hangs on ExpiredPoolsJob forever while Updating stacked entitlements
BZ - 1793388 - Unable to click VM under CRs page VMs tab
BZ - 1793701 - Content View publishing fails after katello_repository_rpms "id" column hits max integer size
BZ - 1793872 - Some regions are missing during CR create.
BZ - 1794744 - Multiple machine_types/flavors and images are being shown for provisioning GCE Host
BZ - 1796258 - GET /owners/{owner_key}/pools is very slow
BZ - 1798458 - Enabling tools repo step subscription-manager repos --enable=rhel-\*-satellite-tools-\*-rpms In Hosts > Content Hosts > Register Content Host , Does not work for RHEL 8
BZ - 1799027 - CLI - Rackspace mentioned in hammer help message for "compute-resource create"
BZ - 1800339 - RHEL8 content set mappings for eus-satellite-tools-6.7 are missing from cs_mappings files for PROD and STAGE
BZ - 1800681 - After using the /associate endpoint, publish of the new repository fails
BZ - 1801622 - Images in Satellite GCE CR are not the same as Google Cloud
BZ - 1802036 - Migration to fix casing to AzureRm
BZ - 1802229 - Unable to save bookmarks for task search queries in Satellite 6.7 beta.
BZ - 1802244 - Step to enable Satellite tools repository missing in Satellite 6.7 "Content Host Registration" steps in GUI.
BZ - 1802302 - Need to remove extra character printed by katello-certs-check
BZ - 1803792 - pxegrub2 default local boot template causes bootloops
BZ - 1804060 - Parent admin user should not be deleted after impersonation session
BZ - 1804661 - ISE when using vmware compute resource
BZ - 1804977 - drpms not getting copied over cv publish
BZ - 1805313 - Layout is distorted when switching from Sync templates to Sync Status
BZ - 1805624 - host edit fails with (ActionView::Template::Error): undefined method `+' for nil:NilClass
BZ - 1805642 - Remove beta from login page in 6.7 GA snaps
BZ - 1805751 - Hosts -> `Sync Template` page is blank
BZ - 1806196 - Click on Hosts -> Audits render json result
BZ - 1807541 - [UI] Hide image field from compute profile form
BZ - 1809051 - ansible-runner is executing not assigned playbooks

CVEs

References

https://access.redhat.com/security/updates/classification/#important