Sicherheit: Mehrere Probleme in Red Hat CloudForms
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Red Hat CloudForms
ID: RHSA-2018:1972-01
Distribution: Red Hat
Plattformen: Red Hat CloudForms
Datum: Di, 26. Juni 2018, 07:23
Referenzen: https://access.redhat.com/security/cve/CVE-2018-7750
Applikationen: Red Hat CloudForms


Hash: SHA256

Red Hat Security Advisory

Synopsis: Important: Red Hat CloudForms security, bug fix, and
enhancement update
Advisory ID: RHSA-2018:1972-01
Product: Red Hat CloudForms
Advisory URL: https://access.redhat.com/errata/RHSA-2018:1972
Issue date: 2018-06-25
Cross references: RHBA-2018:1109
CVE Names: CVE-2018-1101 CVE-2018-1104 CVE-2018-7750

1. Summary:

An update is now available for CloudForms Management Engine 5.8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

CloudForms Management Engine 5.8 - noarch, x86_64

3. Description:

Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.

Security Fix(es):

* python-paramiko: Authentication bypass in transport.py (CVE-2018-7750)

* ansible-tower: Privilege escalation flaw allows for organization admins
to obtain system privileges (CVE-2018-1101)

* ansible-tower: Remote code execution by users with access to define
variables in job templates (CVE-2018-1104)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Red Hat would like to thank Simon Vikström for reporting CVE-2018-1104. The
CVE-2018-1101 issue was discovered by Graham Mainwaring (Red Hat).

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:


5. Bugs fixed (https://bugzilla.redhat.com/):

1489507 - Simultaneous service catalog request do not honour quotas
1496902 - Can add ansible tower provider without validation
1500951 - Can't Save Role when Enabling All Product Features for Ansible
folder of a CloudForms Role
1511030 - Updates to RHEV Host Causes Duplicate Names in CloudForms
1526156 - Can't configure Red Hat Dropbox for logs in a global region when
a sub-region has one already configured
1531499 - Automation->Ansible is visible for multiple roles when it should
not be
1532272 - Catalog dynamic element entry point selection is cached and does not
allow selection
1533082 - Reset tag: Flash message duplication
1535369 - Cloud Subnet create form - 'Cloud Subnet details' title
displayed twice, 'Placement' title (section) missing
1536684 - Tooltip on retire button blocks the click of options
1537132 - Miq Server leaks memory and we fail to detect and remediate it
1540579 - Deployment roles are missing on CFME over RHOS 12
1541341 - Gettext strings should not contain interpolations
1541427 - Tag assignment: 'Reset' button doesn't work for vms,
1541700 - RHOS 12: Infra provider scale down is broken
1544488 - [UI][RHOS] - remove Edit and Delete actions when in the SDN list view
1549626 - webui updates failing when a proxy is required
1549723 - WebUI: Tool tip displays html code while setting the ownership for
multiple vm's
1549833 - cpu_usagemhz_rate_average is 0 for RHV 4 VMs
1550116 - Subscription page fails when a remote database is down
1550276 - Getting Couldn't find MiqTask Errors in evm.log
1550715 - Stored C&U "CPU (Mhz)" values for RHV VMs are incorrect
(too high) by a factor of two
1550729 - Replication configuration page does not open when child database is
1550732 - [Ansible Embedded] - Embedded Ansible cannot be enabled on IPv6 only
1550737 - unable to view quotas without manage quota permissoin being enabled
in 5.8.2
1551627 - Automate code from git does not work for repositories without master
1551693 - internal server error ActiveRecord::AssociationTypeMismatch when
editing current_group
1551697 - Colons are unhandled in BaseModel key generation in AzureArmrest
1551699 - Not possible to configure GCE provider for new regions
(southamerica-east1) on CFME
1552135 - Openstack refresh fails if it finds non-public flavors
1552233 - [RFE] Ability to select OpenStack External external network during
the instance provisioning
1552780 - Adding floating IP from OSP do not enforce tenancy limits
1552891 - Tagging: Edit tags page doesn't open for network list items
navigated through parent details page
1552905 - The accordion folds after adding a schedule
1553225 - Set Ownership can not be changed back to default
1553249 - UI: Same icon used for multiple options on Cloud Tenants page
1553308 - Undefined method `vmm_version' for nil:NilClass on VM summary
1553331 - Using webmks console one cannot type correctly the password when it
contains special characters
1553337 - Default view settings fails for service catalogs
1553364 - Add miqssh utilities
1553465 - Enhance credential missing msg/behavior for VMRC console access
1553473 - Region size of 10,000 Objects Supportable for VMware Provider
1554533 - Schedule report fails to send mail when report is not empty
1554543 - Long time to refresh network provider on OpenStack
1554900 - when deleting an archived node using configure > remove a unknown
method error is raised
1555487 - Dynamic Dropdown Multiselect: By default selects an element
1556814 - symbol conversion error while detaching disks from an openstack
1557025 - [RFE] Amazon provider - Allow user to enable and disable
1557130 - CVE-2018-7750 python-paramiko: Authentication bypass in transport.py
1558032 - internal server error when accessing the "policy_events"
attribute of the "vms" resource
1558039 - AWS flavor list is out of date
1558047 - OpenStack - Include Provider Error Message in MiqProvisionFailure
1558076 - Fix WebMKS/VNC console connectivity
1558595 - No event AWS_EC2_Instance_UPDATE when renaming a VM on EC2
1558622 - RedHat domain can be edited/deleted
1559551 - Regression Instance Method check_quota Throws Error 5.8.2 to 5.8.3
undefined method provisioned_storage
1559553 - Api::ServiceCatalogsController timeout error in multi-regional
1560097 - Error occurs when trying to edit a catalog item
1560099 - Outgoing SMTP E-mail Server settings not saved on first attempt
1560693 - Stop CF pestering OpenStack for Swift status when there is no Swift.
1561077 - Duplicate RBAC Role and Group names allowed when using different
capitalization from the original name
1562773 - tenant source_id compromisation after changing provider credentials
1562775 - Approval permissions are not followed between different groups
1562798 - CFME - usage of non standard special characters (e.g. accents) in
password causes user is not able to login
1563492 - CVE-2018-1101 ansible-tower: Privilege escalation flaw allows for
organization admins to obtain system privileges
1563721 - Differencing Disk on Network Drive Fails Smartstate if initial disk
on Local DRive.
1563741 - ReconfigVM Event triggers a refresh_sync Holding Automate Process in
State Machine
1564264 - Openstack::NetworkManager Refresh failed [NoMethodError]: undefined
method `[]='
1564454 - [Regression] Unexpected error while opening Cloud Intel Timelines
1565157 - Unable to see realtime data from OpenShift in CloudForms UI
1565162 - Ansible playbook credentials always show default value in SUI
1565169 - openstack provisioning instance fail on checkprovisioned
1565248 - Service Template Provision Task Failing When Picked Up by Appliance
in Wrong Zone
1565342 - [Azure]Provision Multiple VMs with Public IP selection options
1565358 - [RHV] VM Reconfigure: Down VM Memory increase fail on cannot exceed
maximum memory
1565362 - SSA fails if disk has empty partitions in the beginning
1565364 - Smartstate on Azure Managed Linux Instance returns Unable to mount
filesystem. Reason:[XFS::DirectoryDataHeader: Invalid Magic Number 0]
1565365 - Unable to perform SSA if Vm storage is fileshare on SCVMM and throws
error in evm.log
1565366 - VMware Edit provider has Host Default VNC start and End Port options,
but Add Provider does not
1565389 - Automate tree in the left pane has duplicates following any copy
operation (instance, class, namespace)
1565403 - Creating buttons under the Datastore objects do not appear on
Datastore Details Pages
1565414 - Total matches of Ems Cluster roles showing wrong count
1565678 - Container reports take too much time to generate
1565724 - vm reconfigure when quota enabled gets stuck in 'pending'
1565760 - Automate: customize_request method in Redhat domain incorrect sets
security_group value in options hash
1565835 - Role inconsistency with privileges when creating reports and setting
chargeback filters
1565862 - CVE-2018-1104 ansible-tower: Remote code execution by users with
access to define variables in job templates
1566256 - DRb 'close' error for closed connection
1566528 - Reporting worker exceeding threshold for default report tied to
custom widget
1566746 - Dropdown to delete a "not responding" server is missing
1567983 - Middleware Provider Timelines Typo in Policy Events->Middleware
Operation Description 'Tagret'
1568016 - notifications do not get cleared from the notification table
1568042 - CloudForms: Unable to perform "Exit Maintenance Mode" task of
VMware host
1568045 - Control->Explorer is visible for evmgroup-security role
1568084 - Default Container Image Rate can be deleted
1568159 - User Interface does not come up after reboot
1568168 - Moving widgets to the bottom of a column fails
1568576 - Deployment template validation failed
1568603 - Git repo automate datastore refresh timing out upon credential change
1569079 - Getting Forbidden exception after ordering the service by non-admin
1569100 - Orphaned and Archived VMs displayed in running vms filter
1569104 - Online VMs (Powered On) report lists Orphaned and Archived
1569118 - Apache Reloaded twice with logrotate
1569127 - We cannot backdate the schedule once you schedule it
1569171 - Help Documentation is only visible to users with super admin role
1569179 - ERROR : 404 when trying to set the retirement date of the service
1569230 - Missing Guest OS in dashboard reports in Openstack
1569237 - [UI] - ManageIQ string in PDF summary file for flavors
1569241 - Tagging: Edit tags page doesn't open for images opened from
provider summary page
1570060 - [RFE] Metrics for memory usage of AWS instances is missing from
1570951 - Service and VM retirement are non-deterministic, running parallel
1570990 - Service Catalog Item Subtype not rendered in UI
1571311 - Unable to select storage manager from drop down list through classic
1572621 - RHSM failing to register with proxy settings
1572719 - Provider Inventory worker vim.log fills up due to large log messages
1573540 - Dashboard widget is not providing exact content due to Type
conversion Exception.
1574155 - Refresh Failing for VMware VIM object is too large
1574571 - OSPD 12 Undercloud - Infrastructure Provider refresh failed
1574615 - [RFE] make available tags defined on the azure side on azure objects
to cloudforms for reports
1576101 - total costs no longer showing in any chargeback report if they are
the only columns in the report
1578575 - RHOSP11 metric collection stuck with error:
1578853 - Compliance check is greyed out under VM summary screen when VM is
selected but not when you click on the VM.
1578866 - Error upon successful SAML login when username contains capital
1581387 - Dynamic dropdown doesn't refresh correctly
1583711 - Unexpected Error when accessing SERVICE -> REQUESTS (undefined
method find_tags_by_grouping)
1583790 - UI Worker Exceeding Memory Trying to View Hosts for VMware Provider
1584187 - CPU Utilization report graph shows dates on x axis in random order
1584688 - refresh_target_for_ems is not running in one of our environments
1589834 - [RFE][XS-2] Add possibility to unregister a VM in RHV provider

6. Package List:

CloudForms Management Engine 5.8:




These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from

7. References:


8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
Version: GnuPG v1


RHSA-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten