On Thu, Jun 19, 2014 at 10:38:12AM +0200, Ewoud Kohl van Wijngaarden wrote:
On Wed, Jun 18, 2014 at 03:30:52PM +0200, David Caro wrote:
Maybe it's worth updating foreman
Given we already run 1.5.0 and I'm doing so now. Foreman may be unavailable for a few minutes.
I should have sent an email right after the update, but the upgrade went smooth. If you notice any issues, please report them.
-------- Original Message -------- Subject: [foreman-announce] Foreman 1.5.1 security, bug fix and enhancement update Date: Wed, 18 Jun 2014 13:25:10 +0100 From: Dominic Cleal <dcleal+g@redhat.com> Reply-To: foreman-users <foreman-users@googlegroups.com> To: foreman-announce <foreman-announce@googlegroups.com>, foreman-users <foreman-users@googlegroups.com>
Foreman 1.5.1 has been released, with many bug fixes for issues found in 1.5, three security fixes and a few minor features.
The security issues fixed are:
1. TFTP boot file fetch API permits remote code execution CVE identifier: CVE-2014-0007 Redmine issue: http://projects.theforeman.org/issues/6086 Affects all known Foreman versions
2. Stored cross site scripting (XSS) in notification dialogs CVE identifier: CVE-2014-3491 Redmine issue: http://projects.theforeman.org/issues/5881 Affects all known Foreman versions
3. Stored cross site scripting (XSS) in YAML preview CVE identifier: CVE-2014-3492 Redmine issue: http://projects.theforeman.org/issues/6149 Affects all known Foreman versions
Additional details are available on our security advisories page: http://theforeman.org/security.html
Other notable changes are:
- VMware compute profile issues fixed (#5652) - Puppet 3.6 smart proxy compatibility fixed (#5856) - DHCP lease conflict issues with Discovery (#5637) - New compute profiles API, fixed API host creation (#4250) - Audit field length issue with smart class parameters (#5671)
The release also includes a new version of the Hammer CLI, version 0.1.1 with a number of features and fixes.
See the release notes and Redmine for full change lists: http://theforeman.org/manuals/1.5/index.html#Releasenotesfor1.5.1 http://projects.theforeman.org/rb/release/16
==== Upgrading ==== Fully supported with package upgrades from both 1.4 and 1.5.0.
Packages are in yum.theforeman.org / deb.theforeman.org under the "1.5" directories or components.
Please read the instructions here: http://theforeman.org/manuals/1.5/index.html#3.6Upgrade
-- Dominic Cleal Red Hat Engineering
-- You received this message because you are subscribed to the Google Groups "foreman-announce" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-announce+unsubscribe@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
_______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra
_______________________________________________ Infra mailing list Infra@ovirt.org http://lists.ovirt.org/mailman/listinfo/infra