Login
Newsletter
Werbung
Sicherheit: Zahlenüberlauf in subscription-manager
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in subscription-manager
ID: FEDORA-2018-a675aa39fc
Distribution: Fedora
Plattformen: Fedora 28
Datum: Do, 15. November 2018, 08:01
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1553266
https://bugzilla.redhat.com/show_bug.cgi?id=1612282
https://bugzilla.redhat.com/show_bug.cgi?id=1446256
https://bugzilla.redhat.com/show_bug.cgi?id=1564735
https://bugzilla.redhat.com/show_bug.cgi?id=1598514
https://bugzilla.redhat.com/show_bug.cgi?id=1156510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2663
https://bugzilla.redhat.com/show_bug.cgi?id=1505955
Applikationen: subscription-manager

Originalnachricht

 
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-a675aa39fc
2018-11-15 02:28:04.681292
-------------------------------------------------------------------------------
-

Name        : subscription-manager
Product     : Fedora 28
Version     : 1.24.2
Release     : 1.fc28
URL         : http://www.candlepinproject.org/
Summary     : Tools and libraries for subscription and repository management
Description :
The Subscription Manager package provides programs and libraries to allow users
to manage subscriptions and yum repositories from the Red Hat entitlement
platform.

-------------------------------------------------------------------------------
-
Update Information:

This is a primarily maintenance update. Please see the attached bugs for more
specific details on what has improved as far as stability is concerned.  There
is also a larger new feature which is being released in concert with work being
done in Katello / Foreman. Subscription-manager has a concept of a package-
profile. This contains information on all installed rpm packages for the system
on which it is running.  We have expanded this reporting capability to include
information on enabled and installed modules from modulemd as well as to report
on which repositories this system has enabled presently.  This information is
combined into a group of reports and submitted to the same endpoint on Katello
 /
Foreman.   The new request is a PUT to /consumers/{consumer_uuid}/profiles.
 This
is done only when the string "combined_reporting" in the
 managerCapabilities key
of the response to a GET /status.  The old just rpm profile reporting is still
done as a PUT to /consumers/{consumer_uuid}/packages. This is at this point
 only
done if the server side does not support the new capability.  More will likely
be added in the future to further expand on this capability of reporting.
-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Nov  5 2018 Christopher Snyder <csnyder@redhat.com> 1.24.2-1
- 1645205: Do not update ent certs inside containers (csnyder@redhat.com)
- 1633304: Disable zypper product-id plugin. (awood@redhat.com)
- Fedora documentation guidelines favor global over define. (awood@redhat.com)
- Show installed profiles only for enabled modules (paji@redhat.com)
- 1631339: Fix os.errno issue (rob@sandersmail.eu)
- Add a missing comma in test_cache (nmoumoul@redhat.com)
- Add module enabled and disabled information (paji@redhat.com)
- 1636381: Fix up our detection of missing org for service-level list
  (csnyder@redhat.com)
- 1616403: Better handling of missing locale use (wpoteat@redhat.com)
- 1636381: Handle case of nonexistant org (nmoumoul@redhat.com)
- Add scripts to setup local development environment (khowell@redhat.com)
- 1633380: Add syspurpose compliance status cache - Altered the syspurpose
  compliance status connection call to use the
  /consumers/{uuid}/purpose_compliance API instead of fetching the consumer
  object and reading the syspurpose compliance field off of it. - Added new
  syspurpose compliance status cache saved in
  /var/lib/rhsm/cache/syspurpose_compliance_status.json similar to the
  entitlement status cache. - When the server is unreachable, we don't
  traceback, but rather use the new cache value instead. (nmoumoul@redhat.com)
- 1639625: Tolerate server missing syspurpose fields (khowell@redhat.com)
- 1639086: Fix vendor comparison (hyu@redhat.com)
- Includes the installed module profiles (paji@redhat.com)
- 1623390: Fix unregistered messaging in syspurpose (khowell@redhat.com)
- 1637183: Replace redhat-uep.pem properly (khowell@redhat.com)
- 1632797: Only save SLA set during register or attach if specified
  (csnyder@redhat.com)
- Updated how syspurpose handles unsetting values (crog@redhat.com)
- Update man page for report_package_profile option (nmoumoul@redhat.com)
- Automatic commit of package [subscription-manager] release [1.24.1-1].
  (csnyder@redhat.com)
- 1616366: Use LANG from environment (csnyder@redhat.com)
- syspurpose no longer supresses JSON malformation errors (crog@redhat.com)
- Rename zypper plugin to rhsm (khowell@redhat.com)
- 1632384: Sync SLA regardless of capability: (nmoumoul@redhat.com)
- 1621783: Updated syspurpose fields to match expected values (crog@redhat.com)
- 1632248: User should be able to set/unset while not registered
  (csnyder@redhat.com)
- 1633575: Update error message when syspurpose is not supported by server
  (csnyder@redhat.com)
- 1614925: Fix grammar (csnyder@redhat.com)
* Mon Oct 15 2018 Christopher Snyder <csnyder@redhat.com> 1.24.1-1
- Rename zypper plugin to rhsm (khowell@redhat.com)
- 1632384: Sync SLA regardless of capability: (nmoumoul@redhat.com)
- 1621783: Updated syspurpose fields to match expected values (crog@redhat.com)
- 1633575: Update error message when syspurpose is not supported by server
  (csnyder@redhat.com)
- 1614925: Fix grammar (csnyder@redhat.com)
- Added support of modulemd to combined profile; ENT-834 (jhnidek@redhat.com)
- 1620136: dnf plugin deletes prod cert as expected; ENT-773
  (jhnidek@redhat.com)
- 1615944: Show help when no args are provided (csnyder@redhat.com)
- 1614943: Fix bytes/unicode handling of dmi data (khowell@redhat.com)
- 1618825: Rename de_DE.po and es_ES.po (awood@redhat.com)
- Combined profile: WIP enabled repos (jhnidek@redhat.com)
- Added list of enabled repos to combined profile; ENT-833 (jhnidek@redhat.com)
- 1607955: WIP: polishing PR with bug fix of release --list
  (jhnidek@redhat.com)
- Fixed name of capability and added two unit tests. (jhnidek@redhat.com)
- Explict requires added for package we use directly (wpoteat@redhat.com)
- 1581410: Eliminate potential for circular dependency (awood@redhat.com)
- 1631076: subscription-manager rpm now requires python3-syspurpose
  (nmoumoul@redhat.com)
- For tito build, clean the yarn cache (khowell@redhat.com)
- Fix ubuntu compat for virt-who travis runs (khowell@redhat.com)
- Fix RPMDiff issue with multilib (jhnidek@redhat.com)
- Use Combined Profile reporting (jhnidek@redhat.com)
- 1629073: No python3-dmidecode on aarch64, ppc64le (khowell@redhat.com)
- Simplify and fix subpackages logic (khowell@redhat.com)
- 1614653: Update intermediate CA (khowell@redhat.com)
- Fix spelling to capitalize Workstation properly (bcourt@redhat.com)
- 1607955: Try to use all entitlement certs for connection with CDN
  (jhnidek@redhat.com)
- Use pre-provisioned centos7 box (khowell@redhat.com)
- Vagrant: use ansible-role-subman-devel via galaxy (khowell@redhat.com)
- Vagrant: skip provisioning if var needs_provision is false
  (khowell@redhat.com)
* Mon Sep 10 2018 Christopher Snyder <csnyder@redhat.com> 1.24.0-1
- Use the "service_level_agreement" attribute for the SlaCommand
  (csnyder@redhat.com)
- 1623262: Make automatic enablement of yum plugins working again; ENT-820
  (jhnidek@redhat.com)
- Start releasing to f29 (csnyder@redhat.com)
* Thu Aug 30 2018 Christopher Snyder <csnyder@redhat.com> 1.23.4-1
- 1600694: Log dbus exception tracebacks at the debug level
  (csnyder@redhat.com)
- 1623368: Register a system without a syspurpose.json file
  (jhnidek@redhat.com)
- Revert "Add sles version to dist" (cnsnyder@users.noreply.github.com)
- 1596699: Handle non-existant rhsm-debug destination (ENT-780)
  (nmoumoul@redhat.com)
- Sync system purpose for sub-man subcommands (jhnidek@redhat.com)
- Add man page for syspurpose. (awood@redhat.com)
- 1613968: DNF product-id plugin can install product cert; ENT-789
  (jhnidek@redhat.com)
- Add sles version to dist (jsherril@redhat.com)
- Remove extraneous include in setup() (khowell@redhat.com)
- Updated translations (csnyder@redhat.com)
- 1596001: Change syspurpose import error log level to debug level
  (csnyder@redhat.com)
- 1602702: rhsmcertd did not close lock file; ENT-736 (jhnidek@redhat.com)
- Adds the addons set of commands to syspurpose (csnyder@redhat.com)
- 1581445: ENT-564: rhsm configuration manage_repos is not working on RHEL8
  (jhnidek@redhat.com)
- Fix time stamps of pyc files (csnyder@redhat.com)
* Mon Aug 13 2018 Christopher Snyder <csnyder@redhat.com> 1.23.3-1
- 1606435: Rename the async module for compatibility with python 3.7; ENT-737
  (csnyder@redhat.com)
- Cockpit/Syspurpose service integration fix (aparadka@redhat.com)
- Display both new and old value in syspurpose diff message
  (csnyder@redhat.com)
- Fix sending single value of addons. (jhnidek@redhat.com)
- Fix synchronization of usage with candlepin (jhnidek@redhat.com)
- 1596294: Fix displayin RHSM Spoke in Initial Setup (jhnidek@redhat.com)
- Syspurpose field value lists [ENT-766] (wpoteat@redhat.com)
- ENT-717: Syncing of syspurpose store with candlepin (jhnidek@redhat.com)
- 1609048: Replacement of imp module with importlib; ENT-758
  (jhnidek@redhat.com)
* Fri Aug  3 2018 Christopher Snyder <csnyder@redhat.com> 1.23.2-1
- Move "nose" to test requirements for syspurpose (csnyder@redhat.com)
* Fri Aug  3 2018 Christopher Snyder <csnyder@redhat.com> 1.23.1-1
- Integrate Syspurpose DBus Signal with Cockpit (aparadka@redhat.com)
- Change usage_type to usage (csnyder@redhat.com)
- ENT-715 Sync syspurpose with server (csnyder@redhat.com)
- 1609052: DNF Plugin needs config initiated earlier (wpoteat@redhat.com)
- 1608963: Minimize packaging for python 3 (wpoteat@redhat.com)
- Improve test setup for syspurpose tests. (awood@redhat.com)
- Two simple fixes for syspurpose (jhnidek@redhat.com)
- Raise ioerr when necessary during sp read (csnyder@redhat.com)
- ENT-720 Adds the addons subcommand (csnyder@redhat.com)
- 1602056: Added role subcommand ENT-719 (jhnidek@redhat.com)
- Replace lsb-release in spec and Makefile (khowell@redhat.com)
- Mock out syspurpose code from being executed in subman tests
  (csnyder@redhat.com)
- ENT-584 syspurpose UTF-8 support & better formatting - All syspurpose
  operations now support UTF-8 - syspurpose.json now has user-friendly
  indentation (nmoumoul@redhat.com)
- ENT-446 Report systempurpose on registration (csnyder@redhat.com)
- 1512944: Fix up remaining python2 deps ENT-724 (csnyder@redhat.com)
- ENT-721: Usage command (wpoteat@redhat.com)
- ENT-590 Enhanced SyspurposeStore add/remove operations - 'add' will
 now not
  override an existing value that was added by the 'set' command, but
 it will
  be maintained and added in a list along with the newly added value. -
 'add'
  will now not add an element to a list if the list already contains it (no
  duplicates). - 'remove' will now unset the current value, if that
 turns out
  to be scalar instead of being contained in a list. (nmoumoul@redhat.com)
- Move syspurpose out of packages directory. (awood@redhat.com)
- Correct small problems in syspurpose. (awood@redhat.com)
- ansible vagrant QOL fixes (khowell@redhat.com)
- ENT-723: Add System Purpose Status to System Status output
  (wpoteat@redhat.com)
- Improve debug logging for release listing (khowell@redhat.com)
- Remove other references to python-kitchen. (awood@redhat.com)
- Make build_ext a proper dependency. (awood@redhat.com)
- Add zanata.xml configuration file and gettext keys.pot (awood@redhat.com)
- Move clean command to common build_ext module. (awood@redhat.com)
- Only gather optparse strings in subscription-manager. (awood@redhat.com)
- Move syspurpose source files to be under package directory.
  (awood@redhat.com)
- Look for source files based on package directory locations.
  (awood@redhat.com)
- Add gettext calls to syspurpose. (awood@redhat.com)
- Load build_ext i18n commands in setup.py (awood@redhat.com)
- Integrate Dbus signals with Cockpit GUI (aparadka@redhat.com)
- Do not install subman-gui from setup.py by default (khowell@redhat.com)
- ENT-591 Handle when syspurpose.json is missing & create it.
  (nmoumoul@redhat.com)
- Fix indeterminate unit test failure. (awood@redhat.com)
- Removal of python-kitchen (wpoteat@redhat.com)
- ENT-731 Replaced syspurpose 'offerings' commands with 'role':
 - Removed
  commands 'add-offerings', 'remove-offerings',
 'unset-offerings' - Added
  commands 'set-role' and 'unset-role' (nmoumoul@redhat.com)
- ENT-589 Intentctl -> syspurpose (csnyder@redhat.com)
- ENT-710: Add three_way_merge utility function (csnyder@redhat.com)
- ENT-477: Add signal EntitlementsChanged (aparadka@redhat.com)
- ENT-476: Add signal InstalledProductsChanged (aparadka@redhat.com)
- 1594733: Fix GetStatus in com.redhat.RHSM1.Entitlement ENT-641
  (jhnidek@redhat.com)
- Make vagrant setup more flexible (khowell@redhat.com)
- ENT-475: Add signal ConfigChanged (aparadka@redhat.com)
- 1581777: Reraise exception properly. ENT-566 (jhnidek@redhat.com)
- Replace curly quote with straight quote (khowell@redhat.com)
- Add implementation of filesystem watcher (aparadka@redhat.com)
- 1581410: ENT-572: subman should require dnf-plugin-subscription-manager
  (adarshvritant@gmail.com)
- ENT-478 com.redhat.RHSM1.Consumer D-Bus service object (jhnidek@redhat.com)
- 1576423: Polished changes provided in #1816 and added unit test.
  (jhnidek@redhat.com)
* Fri Jun 22 2018 Christopher Snyder <csnyder@redhat.com> 1.22.1-1
- 1571998: Ignore HTB repos (nmoumoul@redhat.com)
- 1589296: subman list option --after now named --afterdate
  (aparadka@redhat.com)
- 1558411: Begin building dnf-plugin-subscription-manager for RHEL 7
  (csnyder@redhat.com)
- Use constant defined in cerdirectory.py. (jhnidek@redhat.com)
- 1553266: When d-bus methods are unavailable, show appropriate message. *
  Added a "safe call" mechanism that makes the initial dbus calls
  (entitlementService, configService, productsService) only if the service is
  available, tries to restart the rhsm service if possible, and otherwise
  failing gracefully. * Added new UI curtain that provides a meaningful message
  and advice to the end user. * Re-added utility method statusUpdateFailed that
  was accidentally deleted. (nmoumoul@redhat.com)
- 1580996: Fix comparision of objects in Python 3 (ENT-578)
  (jhnidek@redhat.com)
- Make xauth Idempotent again (csnyder@redhat.com)
- Fixes missing locale issues while running nosetests (csnyder@redhat.com)
- Remove freezegun (khowell@redhat.com)
- 1576582: Make rhsm.full_fresh_on_yum=1 working again (ENT-534)
  (jhnidek@redhat.com)
- ansible-fix: fixed ansible failing during vagrant up (aparadka@redhat.com)
- Update the license of the subman-cockpit-plugin to GPLv2 (csnyder@redhat.com)
- 1510920: Allow access to job cancellation API (wpoteat@redhat.com)
- ENT-447 Add icons to RPM package for subman cockpit plugin
  (jhnidek@redhat.com)
* Fri Jun  8 2018 Christopher Snyder <csnyder@redhat.com> 1.22.0-1
- Remove F26 from releasers (Fedora 26 EOL) (csnyder@redhat.com)
* Thu Jun  7 2018 Christopher Snyder <csnyder@redhat.com> 1.21.5-1
- Fix python-rhsm Provides and Obsoletes (csnyder@redhat.com)
- 1568609: Updated man page for --after list option (aparadka@redhat.com)
- Get Initial Setup Addon to run during installation in Vagrant
  (jhnidek@redhat.com)
- ENT-447 Create .desktop file that opens web page with our cockpit plugin
  (jhnidek@redhat.com)
- ENT-481 service-level command & options now update syspurpose metadata
  (nmoumoul@redhat.com)
- 1560727: Search for proxy auth message in whole error string
  (aria.paradkar@gmail.com)
- 1555384: get_libexecdir now returns a string instead of bytes
  (aria.paradkar@gmail.com)
- Added generic set/unset and add/remove commands to syspurpose
  (crog@redhat.com)
- ENT-488 syspurpose now warns if running in container (nmoumoul@redhat.com)
- 1574706: Create python2-subscription-manager-rhsm properly
  (jhnidek@redhat.com)
- Automatic rebuilding of updates.img on PXE Server (jhnidek@redhat.com)
- 1574529: Fix rhsmcertd integer overflow on i386 & i686
 (csnyder@redhat.com)
- Respecting proxy port configured in rhsm.conf (oskar@wycislak.pl)
* Tue May  1 2018 Christopher Snyder <csnyder@redhat.com> 1.21.4-3
- Add dist back to release (csnyder@redhat.com)
* Tue May  1 2018 Christopher Snyder <csnyder@redhat.com> 1.21.4-2
- Add missing buildrequires to fix upstream fedora python2 builds
  (csnyder@redhat.com)
* Tue May  1 2018 Christopher Snyder <csnyder@redhat.com> 1.21.4-1
- Stop building subscription-manager-gui, when Python 3 is used
  (jhnidek@redhat.com)
- Remove kitchen from install_requires (khowell@redhat.com)
* Wed Apr 25 2018 Christopher Snyder <csnyder@redhat.com> 1.21.3-1
- 1439645: Perform a full entitlement refresh in the yum/dnf/zypper plugins
  (csnyder@redhat.com)
- 1527727: Add proc_stat.btime fact (csnyder@redhat.com)
- 1568214: rhsmcertd no longer uses reload on py3 (csnyder@redhat.com)
- 1559227: Do not use str format for python 2.6 (csnyder@redhat.com)
- 1425766: Additional message in status to indicate content access
  (wpoteat@redhat.com)
- Adds a new cli utility 'syspurpose' (csnyder@redhat.com)
- 1559227: Do not log Error messages for missing identity cert/key
  (csnyder@redhat.com)
- 1458159: python-dmidecode bug fix requires specific RPM release.
  (awood@redhat.com)
- fix for proxy-server provisioning - resolving of
 'candlepin.example.com'
  (jstavel@redhat.com)
- 1458159: Require latest version of python-dmidecode (awood@redhat.com)
- 1551044: Add the option to build both python{3,2}-subscription-manager-rhsm
  (csnyder@redhat.com)
- 1559743: Reduce log level of network address fact collection to debug
  (csnyder@redhat.com)
- added a vagrant section for a VM for proxy-server (jstavel@redhat.com)
- ansible role rhsm-services and TESTING.md document (jstavel@redhat.com)
- Fix updates.img to include required Python packages (jhnidek@redhat.com)
- Do not remove existing zypper repos when disconnected (csnyder@redhat.com)
- Apply updates.img druing PXE boot (jhnidek@redhat.com)
- Do not use private network addresses for vagrant hostmanager
  (csnyder@redhat.com)
- Adds tool to make updates.img file for use with anaconda (csnyder@redhat.com)
- 1554482: Reenable RHUI support (csnyder@redhat.com)
- Fix building on SLES 11 (jhnidek@redhat.com)
- Added PXE BOOT client to the Vagrant setup (jhnidek@redhat.com)
- New Vagrant file for creating PXEBOOT server (jhnidek@redhat.com)
- 1551386: Cannot put unicode into gtk for button label (wpoteat@redhat.com)
- 1551465: Fix unicode decode issue on py 2.6 (csnyder@redhat.com)
- Remove unneeded spec file directives (awood@redhat.com)
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1553266 - Oops! in subscription-manager-cockpit TypeError:
 f.GetStatus is not a function
        https://bugzilla.redhat.com/show_bug.cgi?id=1553266
  [ 2 ] Bug #1434493 - CVE-2017-2663 subscription-manager: unsafe dbus
 interface [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=1434493
  [ 3 ] Bug #1612282 - Man page scan results for subscription-manager
        https://bugzilla.redhat.com/show_bug.cgi?id=1612282
  [ 4 ] Bug #1564735 - subscription-manager-rhsm subpackage has been dropped on
 Fedora 27
        https://bugzilla.redhat.com/show_bug.cgi?id=1564735
  [ 5 ] Bug #1505955 - claims "subscription required" which is false on
 Fedora
        https://bugzilla.redhat.com/show_bug.cgi?id=1505955
  [ 6 ] Bug #1156510 - [rfe] use dnf instead of yum (if dnf is installed)
        https://bugzilla.redhat.com/show_bug.cgi?id=1156510
  [ 7 ] Bug #1598514 - [RFE] Set owner/group/umask for /etc/pki/entitlement/
 certs
        https://bugzilla.redhat.com/show_bug.cgi?id=1598514
  [ 8 ] Bug #1446256 - [RFE] Too large dependency chain
        https://bugzilla.redhat.com/show_bug.cgi?id=1446256
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-a675aa39fc' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung