-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: CFME 5.8.0 security, bug, and enhancement update Advisory ID: RHSA-2017:1367-01 Product: Red Hat CloudForms Advisory URL: https://access.redhat.com/errata/RHSA-2017:1367 Issue date: 2017-05-31 CVE Names: CVE-2016-4457 CVE-2017-2639 ===================================================================== 1. Summary: An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: CloudForms Management Engine 5.8 - noarch, x86_64 3. Description: Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components. Security Fix(es): * CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks. (CVE-2016-4457) * It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms. (CVE-2017-2639) The CVE-2016-4457 issue was discovered by Simon Lukasik (Red Hat). Additional Changes: This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Technical Notes document linked to in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. 5. Bugs fixed (https://bugzilla.redhat.com/): 1223120 - [RFE] Add TRACE option to EMS refresh 1226456 - [RFE][api] Add support for creation of Catalog Item/Bundle (service_templates) 1298675 - Make All links working on dashboard tab 1321616 - Registering CloudForms with RHN through a proxy fails to update /etc/rhsm/rhsm.conf 1324610 - Change Cluser/Deployment Roles to Resource Pools on cluster summary page 1341308 - CVE-2016-4457 CFME: default certificate used across all installs 1342790 - Disable Smart State Analysis button when no SmartProxy server is found 1348239 - [RFE] Catalog Item Type in Service Catalog item disappears and therefore is unknown after service catalog item creation 1361720 - appliance_console displays warning messages. 1365253 - Self-service UI "My Requests" summary page is missing "Last Message" field 1373850 - [RFE] it's impossible to Provision VMs if VMs view is opened through Providers or Clusters,etc. views 1375737 - IPv6 addresses not rendered on details page 1375740 - IPv6 addresses not selectable field for reports 1379843 - [RFE] cloud network list should have policy/tags button 1380534 - Service : "Remove Catalog items" needs to be replaced with "remove catalogs" 1380728 - [RFE] Azure Instance provisioning doesn't reuse Public ip 1381712 - Service designer : Delete profile does not work 1382714 - Dashboard widgets don't really zoom in 1382724 - Dashboard widgets - tooltip on hover text not always available and doesn't expand strings where available 1383307 - Sorting instances in network managers does not work 1383611 - Middleware - No way to create new XA Datasource 1384122 - Setting memory_reserve lower than vm_memory failed 1384154 - Extract Running Processes no longer works. 1386327 - Notification Bell : The blue icon keeps on showing even after all notifications are read 1386843 - [RFE] Validate that Hot Plug is enabled when re-configuring a powered-on VMware VM 1388411 - [RFE] Limit Topology view tree depth when there are too many objects 1389068 - [RFE] Support for custom Amazon Regions in Provider 1392391 - no events in timelines for Amazon's Availability Zones though appropriate events are present in db 1392822 - [ALL LANG] My Settings - Default Views has missing translations 1393294 - Inconsistency with flash message while deleting saved report 1393501 - Automate Simulate - does not use input field message. 1393530 - "Shutdown Guest" is available from Vm Details menu from "off" state 1393820 - [ALL LANG] Optimize - Utilization has untranslated entries 1393832 - [ALL LANG] Networks - Networks configuration menu has untranslated entries. 1393843 - [ALL LANG] Delete selected Cloud Networks warning message is not translated 1394040 - Provider Refresh Status: unknown attribute '_object' for MiddlewareServerGroup 1394249 - UX: notification bell should be centered between two lines 1394406 - CFME provider OpenStack - missing relation between projects (tenants) and flavors 1394558 - Show notification for the user when tenant quota is exceeded. 1395270 - [RFE] No option to choose provider type in add new network provider 1395371 - While editing a user, "Full Name" field displays "Username" value instead of user's actual Full Name 1395518 - Dashboard widgets do not generate content with "By-Group" visibility filter 1395618 - Notification Bell : It should also notify about failed provisioning 1395742 - Unable to clone SCVMM template.Blank page displayed when clicked on clone template 1395826 - No dialog appears when clicking to verifying a new replication subscription with pglogical 1396063 - Cloud Intel->Timelines shows several reports selected. 1396184 - configuring external auth crashes appliance console 5.7.0.11 1396631 - reconfigure cpu cores is not usable on vsphere with hot plug 1397171 - cloudforms reports not gathering information for rhev infrastructure providers 1397686 - [RFE] Vmware Provisioning Dialog should clearly represent Vlans & DVS in Networking Dialog 1398725 - Can't add provider specific catalog items to global region 1399526 - [RFE] CRUD actions for Snapshots via REST API 1401487 - EC2 "suspended" state while making "Soft Reboot" 1401881 - Service Catalog Item Entry Point Tree is missing Red Hat Domain 1402818 - After saving default filter in datastores and clearing it infinispinner 1402823 - Saving loaded default filter in datastores changes tree view style to old dynatree 1403152 - [AWS][SDN] - Cannot edit or create Cloud networks/subnets 1403213 - Middleware pages are missing both classic search and advanced search, but they have filters panel 1403775 - Middleware - Second Domain - Servers are mixed 1404273 - VM selection single vm option should be renamed to single vm/instance 1405178 - Duplicate Automate Schema entries doesn't show errors 1406945 - Hand pointer in the VM section on service page in SSUI 1409791 - WebUI:Tag Visibility - Ansible Tower Job Templates should honor tag visiblity 1410802 - Translatable yes/no and on/off labels in check box tag 1410910 - When the same action is used twice for a policy, action icons are inconsistent 1411112 - Delete / update cloud tenant not reflected in UI in cloud tenant list 1412043 - Strange prompt "Enter the Choose option 1-5:" in appliance_console 1412573 - Refresh of a template without OS configured fails 1414480 - Missing id attribute on Cloud->Instance Edit form, Child VM MultiBoxSelect 1414672 - Typo in "Configure database" menu option 1414845 - null result when deleting orchestration templates using REST API 1414852 - services under /api/services collection are missing "delete" action with "POST" method 1414881 - delete action in /api/orchestration_templates results in error 1415919 - [RFE] /usr/bin/miq_postgres_upgrade.sh works with y and Y 1415934 - Calendar in timeline is clipped 1416146 - cannot reference parent_service with href when creating new service via REST API 1417267 - Visible flag for service dialogs does not have any effect in the SSUI 1417772 - Data on the Optimize->Utilization page doesn't get updated as different item selections are made on the Utilization tree 1417774 - Data on the Optimize->Bottlenecks page doesn't get updated as different item selections are made on the Bottlenecks tree 1418708 - The option of VM migration to the same host it is already running on is possible 1420824 - WebUI - Web Console button is enabled for archived vm's 1420934 - Wrong unit used in DB table Utilization graphs 1421182 - [RFE] Allow for template network interface type to be overwritten during a provision 1421706 - [SDN][Cloud Networks] - undefined method - Advanced search filter 1422384 - No domains found in Automation explorer; automate domain reset fails 1422449 - Missing Paginator on ems_infra control 1422584 - Middleware - Some columns have empty values in lists 1422807 - entities under /api/templates collection are missing "delete" action with "POST" method 1422996 - Event filter For Openstack::InfraManager 1423450 - containers: table "condition" under nodes menu is empty 1425068 - Provisioning against amazon fail because of unset flavor variable in best_fit_amazon stock placement method 1425206 - Retirement of a Vm or Instance should not delete it from the database 1425216 - [RFE] Unify OpenShift Origin and OpenShift Container Platform Providers 1425221 - [RFE] The container dashboard graphs must be available as soon as possible 1425591 - Unable to create snapshot If there is no active snapshot existing for a VM 1425595 - SUI: Deleting All snapshots of a VM from SUI deletes the VM from service 1425597 - Extra row of order is shown in SUI 1426229 - [RFE] Topology View for Container Projects 1426313 - Middleware - EAP6 server icon is default Wfly icon 1426486 - Unable to create catalog 1426757 - SUI : Left Align Save and Cancel Buttons on all pages in SUI 1426758 - SUI : Save button is not enabled in "retire service at date" page 1427163 - [RFE] About Screen cannot be rebranded 1427200 - evm_watchdog fails to start 1427210 - [RFE] Query and Display OpenShift Metrics ad-hoc 1427269 - Missing icon on Templates page on SSUI 1427275 - Hand pointer without clickable link on SSUI Template page 1427278 - Unable to edit Dialogs on SSUI 1427338 - entities under /api/service_templates collection are missing "delete" action with "POST" method 1427623 - SSUI : Dashboard FIlter should be removed when directly going to the menu 1427624 - SSUI : Save on Edited template need to navigate to All templates Page 1427930 - Incorrect default repo name shown in ui 1428279 - Unable to open ansible credentials 1428411 - Ad-hoc Metrics - Tag "Apply" button is disabled after initial selection 1428447 - Storage tab cannot be opened 1428602 - Wrong default provisioning entry point in ansible tower catalog item 1428607 - Service : Ansible service request fails with error "`examine_request': undefined method `name' for nil:NilClass" 1428946 - ui controls ignored in Host Comparison 1428953 - Cancel button on catalog edit is broken 1429178 - Objects List view does not show Provider name/Project 1429180 - Containers templates choose - unexpected error 1429308 - SUI - Approved Service link on Dashboard does not show correct data 1429401 - Update oVirt SDK to version 4.1.z 1429410 - After applying filter the title is missing name of filter in Filtered by 1429523 - Filters tab is missing in Load balancer 1429840 - [RFE] Add new Reports and Widgets for OpenShift Provider 1429851 - [Ansible Tower] - icon of Ansible Tower provider is not displayed 1429860 - [Ansible Tower] - event catcher errors 1429891 - [RFE] Support SSL with Validation (CA) for OpenShift Provider 1429964 - [Automate] - unable to import service dialog from yaml 1430058 - SUI: Ellipsis sub menu pop up gets clipped on Template page 1430077 - SUI : Empty page during Breadcrumb navigation on Dialogs page 1430331 - SSUI: Hover text is hiding Download button on Template Summary page. 1430374 - Can't add nonpersistant disk to a powered on vm 1430405 - Mandatory Hawkular endpoint when adding a new provider 1430552 - SUI : Hand pointer without clickable link on power state icon on Service page 1430709 - [VMWare] Provision fails if we have common network named DPortGroup 1430770 - Error when starting SmartState analysis on Host 1431070 - [Ansible Embedded] - Tower string in downloaded files 1431257 - icon of delete host button displayed twice in Host Comparison 1431629 - undefined method during refresh EmbeddedAnsible Provider 1431750 - In GCE provider adding form should be project renamed to Project ID 1431865 - [Regression] Service Chargeback costs not displayed on SSUI dashboard 1432058 - [RFE] My Settings> Start Page should include Container Menus 1432060 - Create snapshot has memory checkbox enabled, even though VM is Down. 1432117 - Persistent volume relationship link broken 1432185 - [Regression]UI error while switching intervals on host,cluster C&U graphs 1432239 - VMDB table name missing on VMDB Summary page 1432296 - Container Provider - Capacity & Utilization: The page you were looking for doesn't exist 1432485 - Instance/VM quadicon state image is square instead of curved 1432686 - Catalog Edit :Either of Cancel and "Do not Save" should be there 1432848 - No option to select type while adding Containers Provider 1432888 - [RFE] Differentiate Snapshot and Image in OpenStack Image View 1432892 - [RFE] OpenStack Operations UI is using Task 1432900 - Exception is thrown when an empty report is opened in full screen 1433209 - SUI :RBAC: Catalog Menu should be hidden or it should show Dashboard when no permissions 1434174 - Tags not sorted while tagging services in SUI 1434454 - Existing MiqQueue rows can contain serialized Rails 4.2 era classes we can't deserialize in Rails 5+ 1434491 - Template table headers moved right 1434553 - Policy conditions based on 'VM and Instance.vLANs' field not working 1434939 - OpsUI - Ansible - MyServices - Details - Hosts - Does not reflect what was set in the dialog for the Hosts 1435004 - evmserverd on global appliance fails to restart after configuring replication 1435141 - NoMethodError Nil actioncable / pubsub_adapter 1435172 - Entities menu does not contain Pod object 1435290 - OpsUI - Ansible - Order Service Item - The hosts parameter in the dialog does not inherit what was set in the service 1435362 - SSUI - Catalog view should default to tile view. 1435364 - SSUI - Post order you are left at the service 1435371 - SUI - Hide templates 1436239 - User input has wrong text 1436835 - no actions listed for /api/vms/:id/snapshots 1437593 - [UI, SDN] - different title in PDF generated in Network managers page 1437594 - Datepicker freezes after the first run of the "C & U Gap Collection". 1437597 - Machine credential dropdown contains only Default 1437607 - Can't reach scaling page - The page you were looking for doesn't exist. 1437631 - C&U UI not showing metrics - for Projects/Pods/Replicators 1437907 - "Save" and "Reset" buttons are absent when adding log collection configuration 1437911 - Edit log collection menu has no spinner 1437922 - Policy to prevent a host scan request did not work 1438074 - SUI : Any action on catalog changes the view from List to Grid 1438075 - SUI : Service toolbar actions should be disabled if no service is selected 1438092 - [Regression] Azure provider refresh fails 1438420 - error when editing /api/policies/:id resource 1438515 - Middleware - Server: Utilization does not open 1438516 - [RFE] Support for obfuscated proxy credentials used by image-inspector 1438518 - [RHV] Timing issue between refreshes when a vm is removed 1438520 - [RFE] Support VMware 6.5 HTML Console 1438521 - Some TreeNode elements are not clickable when their active children aren't in the tree 1438594 - Playbooks are not deleted if ansible inventory deleted 1438599 - SUI : Duplicate order does not provision the service 1438732 - [RFE] pass all v4 requests through the ovirt ruby sdk 1438825 - Extra vars is not shown in Retirement tab of "Ansible Playbook" catalog item 1438826 - OpsUI - Automation - Ansible - Repo - On first run before enabling Embedded Ansible the Add Repo page fails. 1438827 - [Ansible-UI]: Credentials should proper flash message. 1438829 - [Ansible Embedded] - Unable to update description of repository 1438852 - SUI : Catalog/Orders/Reports and Request all are showin dashboard when clicked 1438856 - Cockpit administration tools cannot be accessed from cloud instances views 1438865 - [VMWARE]Auto_placement provision fails due to selecting Host in Maintenance state 1438868 - 404 error in breadcrumbs links of ansible screens 1438906 - Infinite spinner when pressing on ??? in "Adding a new Condition" 1438907 - Unable to interact with ansible playbook service 1439100 - SUI: Information missing in about page 1439286 - Ansible playbook service retirement ignores provided host 1439287 - containers: table "selectors" under replicators was changed to "Node selectors" 1439290 - Azure metrics collection failing with "MonitoringServiceException" 1439294 - [Ansible Embedded] - Menu not highlighted when navigate to Automation -> Ansible 1439295 - The retirement buttons no longer work for services and orchestration stacks selected in the list 1439298 - [Ansible Embedded] - Wrong formatting of flash message after sorting table 1439301 - [GCE] - The page you were looking for doesn't exist. 1439303 - Excessive log lines for "Initializing DRb Connection to MiqServer with ID" 1439310 - OpsUI - Automation - Ansible - Default page 1439311 - Incorrect label in "Run Ansible Playbook" action 1439313 - service dialog can be submitted before entry point code on dynamic fields has completed execution 1439316 - SUI : Hover text on request status should indicate the status (Approved/Denied) 1439397 - Unexpected error on UI when clicking on type link on cloud images list view page 1439400 - UI: Hover text associated for button is not shown properly on Infrastructure Topology page. 1439401 - UI: Hover text is overlapped by navigation menu on Topology 1439773 - Missing retirement tab in retired services 1439935 - SUI : Unable to click on service in Grid View 1439936 - Pop up window layering inconsistent in service UI 1439938 - Encrypted password from Ansible Playbook service dialog needs to be decrypted 1439940 - [Ansible Tower] - URL and Zone not shown in the table 1439944 - Vmware infra provider refresh fail 1439946 - UI: Advanced Search - Canceling delete on saved filter delete confirmation dialog deletes the filter 1439948 - Error "undefined method `name' for nil:NilClass" when clicked on catalog item after deleting the repository. 1440225 - SUI : Catalog Grid View multiple Cards cannot be selected 1440311 - Navigation is not working 1440312 - SUI : The create snapshot field shows description mandatory when it is not 1440317 - Missing style for the flash message in expression editor 1440318 - Unable to save automation task schedule using eastern time zone 1440321 - Access (remote console) at VM level shows twice VM Console and one is greyed out 1440322 - UI: "Add new arbitration profile to this Cloud Provider" throws "Button not yet implemented" flash message 1440323 - Failed Ansible Playbook provision doesn't update status, started and completed fields. 1440324 - Policy to prevent a VM retire request did not work 1440566 - In Container Images table - Configuration button is missing 1440568 - Ad-hoc metrics page title regression 1440573 - [Ansible-UI]: Improve task name for Ansible tasks. 1440574 - Automate import does not update display_name and description attributes in Namespace objects 1440579 - SUI : Only stack name should be shown in relationships table for stack VM 1440851 - [RFE] Add link to Kibana UI from OpenShift Provider 1441198 - Error '[NoMethodError]: undefined method `base_model' for NilClass:Class' generating chargeback for container images report 1441201 - OpenShift Refresh duration exceeds default two hour timeout and grows > 8GB never fully completing 1441203 - Message timeout of 600 seconds does not allow perf_capture_timer to finish 1441244 - CFME collects C&U metrics even before resource creation 1441249 - Unexpected error while executing a custom button 1441253 - Missing Refresh button in Automation/Ansible tabs 1441265 - Add Provider->Type "RHEVM" should change to "RHV" 1441270 - First and Last name are not being populated in automate during life-cycle provisoning 1441271 - queue_name_for_metrics_collection raises an exception when ems is nil 1441295 - Ansible output does not contain line breaks and is hard to read 1441300 - Clicking on credential from grid/tile view is redirected to cloud key pair page 1441303 - [Ansible Tower] - The page you were looking for doesn't exist. 1441318 - SSUI: Hover text is not present on Service summary page. 1441320 - SelfService - " Category and Assigned Value " drop down list displays the same name in edit tags 1441328 - cloud_init re-runs on appliacne reboot, static networking configuration lost 1441329 - IPv6 address in appliance_console summary is "/24" despite not using IPv6 1441330 - appliance_console doesn't ask for database disk while setting secondy DB appliance 1441402 - Wrong year in about popup window 1441404 - SUI : Snapshot is not created when VM is not connected to active provider but success message is displayed. 1441416 - dynamic check box does not update on SSUI 1441647 - methods not sorted in frame on right side in automate 1441657 - Topology View for VMware does not show all relationships 1441658 - "NetworkError attempting to fetch resource" flash during updating ansible credentials 1441661 - Topology View at Project Level does not use proper project icon 1441670 - Add provider screen: No error message when trying to add a provider with a custom ssl certificate that does not match 1441726 - Smartstate Analysis Error Unable to mount filesystem Unable to determine port used by VixDiskLib VMware 1441740 - When moving AWS provider from one zone to another Network Manager info no longer updates 1441753 - Get IP address automation code not working Azure 1441854 - OpenShift provider event storm POD_FAILEDSYNC 1442103 - UI: Topology - unable to confirm search by pressing the Return key, reacts only to a mouse click 1442150 - [SDN] - Disable CRUD actions for Azure/Amazon Network providers 1442163 - OSP refresh fail with Validation failed: Name can't be blank 1442167 - OCP Ad-Hoc metrcis fails with "504 Gateway Time-out The server didn't respond in time" 1442168 - When using dynamic drop downs, sorting of items doesn't work in self service portal. 1442170 - Refresh the CF Provider to refresh its inventory of the PROJECT 1442172 - Ansible Event monitor error's out when it does not reside on same CF appliance with Embedded Ansible/Provider Int/Op 1442174 - [Ansible Tower] - Switching to Grid View or Tile View is not possible 1442175 - EC2 provision dialogs do not support selecting multiple IPs for multi provision 1442179 - containers: web console button is generating an Unexpected error encountered 1442763 - OpenStack refresh fail with nil:NilClass 1442766 - For OSP10 provider, Cinder volume creation is never finishing on the UI 1442767 - [Ansible Tower] - Ansible Tower Jobs - relationships table wrong redirection to Parent Provider 1442768 - Rhev inventory refresh fails after rhev upgrade from 3.6 to 4.0 1442770 - RoutingError when clicked on any job in ansible tower jobs 1442888 - UI log collection does not collect ansible logs 1442891 - error when creating a group + setting the tag in create 1442900 - CloudForms 4.2 is not displaying vm network metric info from OSP10 provider 1442901 - SUI : Error opening VM console 1442902 - SUI: Clicking on catalogs displays all services instead of catalogs. 1443079 - vmware_CustomizeRequest Provisioning Type: ManageIQ::Providers::Vmware::InfraManager::Provision does not match, skipping processing 1443081 - Auto_placement provision in Redhat domain fails due to selecting Host in Maintenance state. 1443082 - SyntaxError when clicking on Refresh button for OpenStack Infra at Dashboard view 1443084 - UI: infinispinner appears on Infrastructure Timelines page. 1443085 - UI: Red Hat Insights Navigation is missing 1443086 - [RFE] Drop support for VMware MKS and old VMRC consoles 1443087 - Amazon S3 Storage Manager | Seahorse::Client::NetworkingError]: Failed to open TCP connection 1443088 - SUI : Wrong pending request count displayed in dashboard 1443091 - [Ansible Embedded] - Unable to edit the repository 1443093 - Provider summary page, Hosts & Clusters, Vms and Templates images has changed into some plain image. 1443094 - Middleware - Domain mode EAP7 container is not immutable 1443096 - Entering Ansible Repository Incorrectly does not provide feedback that creation fails 1443099 - SUI : Custom button needs to be aligned with other buttons in toolbar 1443100 - add repo operation should generate notifications 1443113 - Back button on Provider dashboard screens should be removed 1443118 - Cloud Intel - Reports: Can't import widgets 1443166 - External Auth - FreeIPA - Self-service UI doesn't time out when session timeout is reached 1443243 - UI: "Save" button is still enabled when no server is selected in "Edit Management Engine Relationship" for VM/Instance 1443245 - Clicking on Group or Role name link/icon in the user's details page does nothing 1443247 - Using REST API - encountering "NoMethodError: undefined method `key?' for # 1445368 - Error flash msg of mapping tag with already existing label has additional ", " characters before label name 1445369 - Ampersand not rendering correctly in "Status of Roles for Servers in Zone" 1445376 - Cannot copy a built in OpenSCAP policy 1445378 - FATAL -- : Error caught: while changing page per items on Customization Templates 1445379 - [RFE] Make the process of reintroducing a failed HA node more user-friendly 1445380 - After reintroducing a failed primary node, there are old replication slots left on the "new" node 1445385 - In new db master node, pg_xlog directory got fulled 1445389 - [Ansible Embedded] - Editing Name of Amazon Credentials is not possible without filling keys again 1445803 - Restore to global region fails due to connection to database 1445804 - Getting undefined method `get_folder_paths' after applying RHSA-2017:0898 1445823 - Downloaded pdf summary report for hosts contains "ManageIQ" upstream name 1445888 - VM state is not refreshed, after moving VM from running on one host to another 1445892 - [Ansible Embedded] - Extra variables can be deleted but form cannot be saved 1445893 - Create new cloud tenant fails: Unable to create Cloud Tenant "my_cloud": Expected([200]) <=> Actual(404 Not Found) excon.error.response :body 1445894 - Unable to create ansible playbook catalog item 1445895 - Embedded ansible logs should be rotated 1445899 - Error in re-configuring service: "Error during 'Provisioning': undefined method `match' for 0:Fixnum Did you mean? catch" 1445900 - During Automate Simulation the UI keeps spinning when the result has hash contents 1445936 - SCVMM provisioning started failing with Errno::ENAMETOOLONG 1445942 - Unable to edit the retirement tab in ansible playbook catalog item 1446245 - Standard output is missing in provisioned ansible playbook service 1446251 - Middleware - Add new Datasource Fails 1446277 - Error when displaying reconfigure dialog page for VM if VM has no Flavor 1446303 - Unable to launch targeted ansible refresh from repo list view 1446304 - Reintroducing a standby node that has already be reintroduced causes failure 1446329 - Switch to new Inventory implementation 1446387 - Middleware - Standalone EAP7 Server is shown as Immutable 1446613 - accessing RHEV provider fails with "NoMethodError: undefined method `>=' for nil:NilClass" 1446618 - OpsUI - MyServices - Credentials do not show 1446651 - Month selection arrows for C&U Gap collection are hidden in the UI 1446734 - CFME shows error page and throws exception to log when instance/vm/image/etc title is clicked 1446739 - Metrics collection for osp nodes failed on RHOS11 1446743 - MW - Container linking does not work with EAP on Javaagent 1446775 - containers: [" characters are added to the tags under Smart Management of container services 1446784 - New Orchestration Template Drop-down menu doesn't list vApp Template 1446790 - incorrect href attribute values for Foreman providers 1447049 - [RFE] Volumes summary page does not display any data related to containers that are using persistent volume claim 1447051 - ManageIQ icon on SUI order page 1447086 - [Ansible Embedded] - Privilege escalation for playbook does not work 1447088 - Service Catalogs: Dialogs are hanging and keeps buffering 1447126 - [Ansible Tower] - Search bar missing when navigated to Config manager e.g. from Compute 1447350 - evm fails to start on remote region after upgrading from 5.6 rubyrep to 5.8 1447367 - Ansible playbook service cannot be retired 1447372 - Tag Visibility | Access Controll: All users, groups, and tenants are visible for restricted user 1447373 - limit list of user for tenant-administator role 1447382 - Service : PXE provisioning for RHEV fails 1447388 - Ansible Playbook service retirement option should not include hosts and extra_vars when no playbook is select 1447391 - service dialog dynamic code works in admin portal but not in self-service portal 1447427 - Ansible Playbook service catalog item update failed with new_dialog_name and dialog_id both exist 1447432 - Topology view crashes with container linking in place 1447690 - Service : Separate services are provisioned when a bundle is ordered 1447704 - Crosslinked containers on middleware topology graph 1447752 - WebUI:RBAC-Unable to login when the user has only access to Chargeback feature 1447778 - VM snapshot: revert option is enabled, for Active VM 1448045 - UI lag due to more than 3650 messages in notification 1448071 - [vSphere] UI-RBAC: undefined method `all' for nil:NilClass error appears while setting ownership for template 1448079 - SSUI internationalization is incomplete 1448098 - Ansible Playbook repo's do not load playbooks after editing 1448131 - Show cross linking containers links in middleware server summary page 1448207 - Run time crash error when selecting Compute => Clouds => Topology 1448417 - Default dynamic text boxes should be blank 1448419 - Default value of dynamic dropdown list not honored CloudForms 4.2 1448499 - Invalid ExtManagementSystem id 12,000,000,000,003 specified on volume create --> failed 1448506 - The create_service_provision_request call on a service_template doesn't return a MiqRequest object 1448527 - Report no ReFS FileSystem Support 1448537 - redhat_CustomizeRequest Provisioning Type: does not match, skipping processing 1448545 - Unable to compare cloud instances."Compare selected items" option remains disabled 1448863 - cfme not passing cloud init payload to vm's 1448868 - Retirement tab is not shown for retired service 1448899 - Approve and Deny Order not working 1448902 - Remove search option from Inventory Group summary page of Ansible Tower Provider 1448917 - [Ansible Embedded] - Editing Embedded Ansible Credentials form is not possible without filling credentials again 1448942 - Typo in flash message after cancellation of tenant creation 1448943 - Unable to add multiple elements to a dialog 1449190 - VM provision from ISO fail 1449193 - RHV provider refresh fail on "undefined method `split' for nil:NilClass" 1449215 - CFME SSUI language selection has repetitive entries for Chinese 1449223 - Some notifications show ManageIQ not CFME 1449269 - can't provision to RHEVM 4.0 1449364 - Ansible playbook cannot be added to a bundle 1449365 - UI: Security Groups show fails with comparison of Array with Array error 1449366 - Credential List is Empty when the Ansible Playbook Service Dialog is invoked from a Button versus a Service Order Screen 1449412 - MiqVimBrokerWorker exceeding memory after upgrading from 5.6 -> 5.7 1449748 - retirement runs in any zone as of 5.7.1 1449792 - ServiceUI - Missing Requests column on main dashboard 1449803 - Ansible Playbook : UI issues and button 1449810 - Retirement tab is not shown for retired service if "Copy from Provisioning" was pressed 1449811 - "Copy from Provisioning" leaves "Remove resources?" field value as is 1449843 - Attaching EBS volume to an instance results in error 1449846 - bad error message when adding playbook catalog item while embedded ansible is disabled 1450085 - Network Topology does not show Cloud Routers 1450096 - Refresh button in a dialog does not show in SUI 1450220 - Cannot select placement for Cloud Volumes (openstack cinder storage provider) and this volumes are created in different tenants during provisioning of the instance. 1450469 - Windows7 and Windows 2012- IE 11- HTML5 Console Remains in Connecting State Indefinitely 1450470 - SSA fails on timeout for large images 1450485 - Automate method to order an Ansible Playbook Service from a button 1450492 - Create the .pgpass and print required conf for standby on primary database servers 1450962 - Middleware - Add new JDBC Driver Fails 1450966 - [Ansible Tower] Advanced search feature broken 1451046 - Queued item containing secrets is being dumped in plain-text in evm.log 1451078 - SSUI: Restricted user(tag) can see service items list(but cannot open or order them) 1451081 - Service catalog(count) on right should match the number displayed on left menu 1451121 - Add new repository is shown even when embedded ansible is not enabled. 1451395 - CFME 5.7.2.1 does not support group/tag access restrictions for performance reports 1451457 - Raise minimum memory requirement for CFME appliances to 12GB 1451780 - [Ansible Embedded] - SCM credentials cannot be added 1451920 - [Ansible Embedded] - Empty stdout after playbook execution 1451922 - 404 error on deployment roles page 1451925 - Unexpected error encountered after clicking on RSS Feeds links 1451939 - Ansible - SUI - VMs when linked to service are not shown, opsUI shows them correctly 1452333 - Error when executing a button assigned to a button group 1452823 - [Microsoft]Auto_placement provision fails due to selecting Host in Maintenance state 6. Package List: CloudForms Management Engine 5.8: Source: ansible-2.2.1.0-2.el7.src.rpm bubblewrap-0.1.7-1.el7.src.rpm cfme-5.8.0.17-1.el7cf.src.rpm cfme-appliance-5.8.0.17-1.el7cf.src.rpm cfme-gemset-5.8.0.17-1.el7cf.src.rpm erlang-19.0.4-1.el7at.src.rpm freeipmi-1.5.1-2.el7cf.src.rpm google-compute-engine-2.0.0-1.el7cf.src.rpm google-config-2.0.0-1.el7cf.src.rpm libtomcrypt-1.17-23.el7.src.rpm libtommath-0.42.0-4.el7.src.rpm nginx-1.10.2-1.el7at.src.rpm postgresql94-9.4.11-2PGDG.el7at.src.rpm prince-9.0r2-10.el7cf.src.rpm python-crypto-2.6.1-7.el7.src.rpm python-ecdsa-0.11-4.el7.src.rpm python-httplib2-0.9.1-2.1.el7.src.rpm python-keyczar-0.71c-2.el7.src.rpm python-meld3-0.6.10-1.el7.src.rpm python-paramiko-1.15.2-3.el7.src.rpm python-passlib-1.6.5-1.1.el7.src.rpm rabbitmq-server-3.6.5-1.el7at.src.rpm rh-postgresql95-postgresql-pglogical-1.2.1-1.el7cf.src.rpm rh-postgresql95-repmgr-3.1.3-2.el7cf.src.rpm rh-ruby23-rubygem-bcrypt-3.1.10-3.el7cf.src.rpm rh-ruby23-rubygem-eventmachine-1.0.7-6.el7cf.src.rpm rh-ruby23-rubygem-ffi-1.9.8-4.el7cf.src.rpm rh-ruby23-rubygem-hamlit-2.7.2-1.el7cf.src.rpm rh-ruby23-rubygem-http_parser.rb-0.6.0-1.el7cf.src.rpm rh-ruby23-rubygem-json-2.0.2-1.el7cf.src.rpm rh-ruby23-rubygem-linux_block_device-0.2.1-1.el7cf.src.rpm rh-ruby23-rubygem-memory_buffer-0.1.0-2.el7cf.src.rpm rh-ruby23-rubygem-net_app_manageability-0.1.0-3.el7cf.src.rpm rh-ruby23-rubygem-nio4r-1.2.1-1.el7cf.src.rpm rh-ruby23-rubygem-nokogiri-1.6.8-1.el7cf.src.rpm rh-ruby23-rubygem-ovirt-engine-sdk4-4.1.5-1.el7cf.src.rpm rh-ruby23-rubygem-pg-0.18.2-5.el7cf.src.rpm rh-ruby23-rubygem-pkg-config-1.1.7-1.el7cf.src.rpm rh-ruby23-rubygem-puma-3.3.0-1.el7cf.src.rpm rh-ruby23-rubygem-redhat_access_cfme-1.1.0-1.el7cf.src.rpm rh-ruby23-rubygem-redhat_access_lib-0.1.0-1.el7cf.src.rpm rh-ruby23-rubygem-rugged-0.25.0-b10.2.el7cf.src.rpm rh-ruby23-rubygem-thin-1.7.0-1.el7cf.src.rpm rh-ruby23-rubygem-unf_ext-0.0.7.1-3.el7cf.src.rpm rh-ruby23-rubygem-websocket-driver-0.6.3-1.el7cf.src.rpm smem-1.4-1.el7cf.src.rpm sshpass-1.06-1.el7.src.rpm supervisor-3.1.3-3.el7.src.rpm wmi-1.3.14-7.el7cf.src.rpm noarch: ansible-2.2.1.0-2.el7.noarch.rpm google-compute-engine-2.0.0-1.el7cf.noarch.rpm libtomcrypt-doc-1.17-23.el7.noarch.rpm libtommath-doc-0.42.0-4.el7.noarch.rpm nginx-all-modules-1.10.2-1.el7at.noarch.rpm nginx-filesystem-1.10.2-1.el7at.noarch.rpm python-ecdsa-0.11-4.el7.noarch.rpm python-httplib2-0.9.1-2.1.el7.noarch.rpm python-keyczar-0.71c-2.el7.noarch.rpm python-paramiko-1.15.2-3.el7.noarch.rpm python-paramiko-doc-1.15.2-3.el7.noarch.rpm python-passlib-1.6.5-1.1.el7.noarch.rpm rabbitmq-server-3.6.5-1.el7at.noarch.rpm rh-ruby23-rubygem-bcrypt-doc-3.1.10-3.el7cf.noarch.rpm rh-ruby23-rubygem-eventmachine-doc-1.0.7-6.el7cf.noarch.rpm rh-ruby23-rubygem-ffi-doc-1.9.8-4.el7cf.noarch.rpm rh-ruby23-rubygem-hamlit-doc-2.7.2-1.el7cf.noarch.rpm rh-ruby23-rubygem-http_parser.rb-doc-0.6.0-1.el7cf.noarch.rpm rh-ruby23-rubygem-linux_block_device-doc-0.2.1-1.el7cf.noarch.rpm rh-ruby23-rubygem-memory_buffer-doc-0.1.0-2.el7cf.noarch.rpm rh-ruby23-rubygem-net_app_manageability-doc-0.1.0-3.el7cf.noarch.rpm rh-ruby23-rubygem-nio4r-doc-1.2.1-1.el7cf.noarch.rpm rh-ruby23-rubygem-ovirt-engine-sdk4-doc-4.1.5-1.el7cf.noarch.rpm rh-ruby23-rubygem-pg-doc-0.18.2-5.el7cf.noarch.rpm rh-ruby23-rubygem-pkg-config-1.1.7-1.el7cf.noarch.rpm rh-ruby23-rubygem-pkg-config-doc-1.1.7-1.el7cf.noarch.rpm rh-ruby23-rubygem-puma-doc-3.3.0-1.el7cf.noarch.rpm rh-ruby23-rubygem-redhat_access_cfme-1.1.0-1.el7cf.noarch.rpm rh-ruby23-rubygem-redhat_access_cfme-doc-1.1.0-1.el7cf.noarch.rpm rh-ruby23-rubygem-redhat_access_lib-0.1.0-1.el7cf.noarch.rpm rh-ruby23-rubygem-rugged-doc-0.25.0-b10.2.el7cf.noarch.rpm rh-ruby23-rubygem-unf_ext-doc-0.0.7.1-3.el7cf.noarch.rpm rh-ruby23-rubygem-websocket-driver-doc-0.6.3-1.el7cf.noarch.rpm smem-1.4-1.el7cf.noarch.rpm supervisor-3.1.3-3.el7.noarch.rpm x86_64: ansible-tower-server-3.1.2-1.el7at.x86_64.rpm ansible-tower-setup-3.1.2-1.el7at.x86_64.rpm bubblewrap-0.1.7-1.el7.x86_64.rpm bubblewrap-debuginfo-0.1.7-1.el7.x86_64.rpm cfme-5.8.0.17-1.el7cf.x86_64.rpm cfme-appliance-5.8.0.17-1.el7cf.x86_64.rpm cfme-appliance-debuginfo-5.8.0.17-1.el7cf.x86_64.rpm cfme-debuginfo-5.8.0.17-1.el7cf.x86_64.rpm cfme-gemset-5.8.0.17-1.el7cf.x86_64.rpm erlang-19.0.4-1.el7at.x86_64.rpm erlang-debuginfo-19.0.4-1.el7at.x86_64.rpm freeipmi-1.5.1-2.el7cf.x86_64.rpm freeipmi-bmc-watchdog-1.5.1-2.el7cf.x86_64.rpm freeipmi-debuginfo-1.5.1-2.el7cf.x86_64.rpm freeipmi-devel-1.5.1-2.el7cf.x86_64.rpm freeipmi-ipmidetectd-1.5.1-2.el7cf.x86_64.rpm freeipmi-ipmiseld-1.5.1-2.el7cf.x86_64.rpm google-config-2.0.0-1.el7cf.x86_64.rpm libtomcrypt-1.17-23.el7.x86_64.rpm libtomcrypt-debuginfo-1.17-23.el7.x86_64.rpm libtomcrypt-devel-1.17-23.el7.x86_64.rpm libtommath-0.42.0-4.el7.x86_64.rpm libtommath-debuginfo-0.42.0-4.el7.x86_64.rpm libtommath-devel-0.42.0-4.el7.x86_64.rpm nginx-1.10.2-1.el7at.x86_64.rpm nginx-debuginfo-1.10.2-1.el7at.x86_64.rpm nginx-mod-http-geoip-1.10.2-1.el7at.x86_64.rpm nginx-mod-http-image-filter-1.10.2-1.el7at.x86_64.rpm nginx-mod-http-perl-1.10.2-1.el7at.x86_64.rpm nginx-mod-http-xslt-filter-1.10.2-1.el7at.x86_64.rpm nginx-mod-mail-1.10.2-1.el7at.x86_64.rpm nginx-mod-stream-1.10.2-1.el7at.x86_64.rpm postgresql94-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-contrib-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-debuginfo-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-devel-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-docs-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-libs-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-plperl-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-plpython-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-pltcl-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-server-9.4.11-2PGDG.el7at.x86_64.rpm postgresql94-test-9.4.11-2PGDG.el7at.x86_64.rpm prince-9.0r2-10.el7cf.x86_64.rpm python-crypto-2.6.1-7.el7.x86_64.rpm python-crypto-debuginfo-2.6.1-7.el7.x86_64.rpm python-meld3-0.6.10-1.el7.x86_64.rpm python-meld3-debuginfo-0.6.10-1.el7.x86_64.rpm rh-postgresql95-postgresql-pglogical-1.2.1-1.el7cf.x86_64.rpm rh-postgresql95-postgresql-pglogical-debuginfo-1.2.1-1.el7cf.x86_64.rpm rh-postgresql95-repmgr-3.1.3-2.el7cf.x86_64.rpm rh-postgresql95-repmgr-debuginfo-3.1.3-2.el7cf.x86_64.rpm rh-ruby23-rubygem-bcrypt-3.1.10-3.el7cf.x86_64.rpm rh-ruby23-rubygem-bcrypt-debuginfo-3.1.10-3.el7cf.x86_64.rpm rh-ruby23-rubygem-eventmachine-1.0.7-6.el7cf.x86_64.rpm rh-ruby23-rubygem-eventmachine-debuginfo-1.0.7-6.el7cf.x86_64.rpm rh-ruby23-rubygem-ffi-1.9.8-4.el7cf.x86_64.rpm rh-ruby23-rubygem-ffi-debuginfo-1.9.8-4.el7cf.x86_64.rpm rh-ruby23-rubygem-hamlit-2.7.2-1.el7cf.x86_64.rpm rh-ruby23-rubygem-hamlit-debuginfo-2.7.2-1.el7cf.x86_64.rpm rh-ruby23-rubygem-http_parser.rb-0.6.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-http_parser.rb-debuginfo-0.6.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-json-2.0.2-1.el7cf.x86_64.rpm rh-ruby23-rubygem-json-debuginfo-2.0.2-1.el7cf.x86_64.rpm rh-ruby23-rubygem-json-doc-2.0.2-1.el7cf.x86_64.rpm rh-ruby23-rubygem-linux_block_device-0.2.1-1.el7cf.x86_64.rpm rh-ruby23-rubygem-linux_block_device-debuginfo-0.2.1-1.el7cf.x86_64.rpm rh-ruby23-rubygem-memory_buffer-0.1.0-2.el7cf.x86_64.rpm rh-ruby23-rubygem-memory_buffer-debuginfo-0.1.0-2.el7cf.x86_64.rpm rh-ruby23-rubygem-net_app_manageability-0.1.0-3.el7cf.x86_64.rpm rh-ruby23-rubygem-net_app_manageability-debuginfo-0.1.0-3.el7cf.x86_64.rpm rh-ruby23-rubygem-nio4r-1.2.1-1.el7cf.x86_64.rpm rh-ruby23-rubygem-nio4r-debuginfo-1.2.1-1.el7cf.x86_64.rpm rh-ruby23-rubygem-nokogiri-1.6.8-1.el7cf.x86_64.rpm rh-ruby23-rubygem-nokogiri-debuginfo-1.6.8-1.el7cf.x86_64.rpm rh-ruby23-rubygem-nokogiri-doc-1.6.8-1.el7cf.x86_64.rpm rh-ruby23-rubygem-ovirt-engine-sdk4-4.1.5-1.el7cf.x86_64.rpm rh-ruby23-rubygem-ovirt-engine-sdk4-debuginfo-4.1.5-1.el7cf.x86_64.rpm rh-ruby23-rubygem-pg-0.18.2-5.el7cf.x86_64.rpm rh-ruby23-rubygem-pg-debuginfo-0.18.2-5.el7cf.x86_64.rpm rh-ruby23-rubygem-puma-3.3.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-puma-debuginfo-3.3.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-rugged-0.25.0-b10.2.el7cf.x86_64.rpm rh-ruby23-rubygem-rugged-debuginfo-0.25.0-b10.2.el7cf.x86_64.rpm rh-ruby23-rubygem-thin-1.7.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-thin-debuginfo-1.7.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-thin-doc-1.7.0-1.el7cf.x86_64.rpm rh-ruby23-rubygem-unf_ext-0.0.7.1-3.el7cf.x86_64.rpm rh-ruby23-rubygem-unf_ext-debuginfo-0.0.7.1-3.el7cf.x86_64.rpm rh-ruby23-rubygem-websocket-driver-0.6.3-1.el7cf.x86_64.rpm rh-ruby23-rubygem-websocket-driver-debuginfo-0.6.3-1.el7cf.x86_64.rpm sshpass-1.06-1.el7.x86_64.rpm sshpass-debuginfo-1.06-1.el7.x86_64.rpm wmi-1.3.14-7.el7cf.x86_64.rpm wmi-debuginfo-1.3.14-7.el7cf.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-4457 https://access.redhat.com/security/cve/CVE-2017-2639 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.5/html/release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZLtd1XlSAg2UNWIIRAslNAKCBuGzH75w8IfJiztZHOo/PMbAW/ACeIoSU 2WMAPlJkNuO/yS93mrS8XAA= =w+9I -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce