-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat CloudForms security, bug fix, and enhancement update Advisory ID: RHSA-2018:0374-01 Product: Red Hat CloudForms Advisory URL: https://access.redhat.com/errata/RHSA-2018:0374 Issue date: 2018-02-28 Cross references: RHSA-2017:3005 CVE Names: CVE-2017-12191 ===================================================================== 1. Summary: An update is now available for CloudForms Management Engine 5.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: CloudForms Management Engine 5.8 - noarch, x86_64 3. Description: Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Ansible Tower helps you scale IT automation, manage complex deployments and speed productivity. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, job scheduling, integrated notifications and graphical inventory management. And Ansible Tower's REST API and CLI make it easy to embed Ansible Tower into existing tools and processes. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components. Security Fix(es): * A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this account). An attacker could use this vulnerability to view and make changes to settings in the VMRC and virtual machines controlled by it that they should not have access to. (CVE-2017-12191) This issue was discovered by Gellert Kis (Red Hat). Additional Changes: This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 If the postgresql service is running, it will be automatically restarted after installing this update. 5. Bugs fixed (https://bugzilla.redhat.com/): 1458929 - IE 11 on windows 7: On topology page entity icons are not displaying properly 1459190 - Block storage volume list configuration button attach/detach/delete actions are not working 1460377 - Missing Paginator on miq_request/show_list 1460815 - Formatting of Provider summary PDF file generated from provider summary page is very broken 1461164 - Attach/Detach volume to/from instance provides no flash message 1463422 - The 'Assigned Filters' setting in the Settings->Access Control->Groups->[group name] only applies to 'Hosts & Clusters', and not the Network providers. 1478518 - CFME reports VM migration passed when it fails on RHV side 1478520 - VM Migrate doesn't create notifications or log messages when migrations fail. 1479402 - [RFE] Support more Tower credential types 1479939 - Volumes: Get error while trying to edit cloud volume opened from availability zone page 1479940 - Volumes: Get 'Button not yet implemented' while adding tag to cloud volume opened from availability zone page 1481378 - Error provisioning VM, incompatible marshal file format 1481446 - Quota not using cloud volumes in requested resource calculation. 1487306 - Unable to perform any actions on cloud objects from list view when navigated to cloud tenants 1489697 - Missing servers in alert profile assignment screen 1490416 - Unexpected error message while adding new Cloud Subnet 1496900 - appliance_console crash when setting up standby node with no route to host 1496903 - Cockpit web console is not available for RHOS provider 1496904 - [AWS EBS] UI: "Configuration" for Cloud storage throws "Button not yet implemented" in flash message 1496907 - Others rendered as on Utilization page of host/Cluster 1496908 - [Embedded Ansible] Show "Red Cross" Icon in notification instead of "Green Check Mark" if the Repo Addition is failed 1496909 - Duplicate flash msg at rates of chargeback 1496922 - Edit tags not working while navigating to instance through provider 1496925 - Custom Button does not display for Dashboard View of a Provider 1496930 - In block volume snapshot summary selecting volumes based on snapshot results in exception 1496931 - [Azure]Empty IPv6 configuration blocks Refresh of Azure Network Manager 1496932 - Refresh Failing - String Not Recognized Metric Type - OpenShift Hawkular 1496936 - retiring parent service doesn't retire child service 1496937 - VM Migrate gets an error sending completion email. 1496939 - Clicking x button in search box doesn't remove the search 1496943 - No indication of which image is currently being scanned when selecting multiple images 1496945 - UI elements not loading and reporting widgets not showing data points 1496947 - Service Retirements (which work correctly) result in two separate emails to service owner 1496949 - Image SSA - image-inspector unable to pull image - pod_wait is not permitted at state finished 1497209 - User unable to login when role permissions restricted to Everything->Settings 1498506 - Wrong hover view after selecting Red Hat Insights in main navigation 1498511 - Hover view of main navigation disappearing for Compute/Infrastructure/[Networking] 1498516 - Wrong hover view after selecting Middleware/Domains in main navigation 1498518 - Hover view of main navigation disappears after selecting Services/Requests 1498525 - Scroll bar not appearing when looking at notifications 1498542 - date dialogs with "Show Past Dates" unchecked still allow selection of past dates 1498544 - Some Navigation menus are not highlighted 1498891 - Container Product Feature in a Role Required for VM Visibility Menu Box 1500029 - [RFE] widget import file; the page goes blank on custom report page 1500445 - WebMKS Console : Proxy Error 1500448 - WebMKS Console: Some Javascript Error 1500517 - CVE-2017-12191 CFME: VMRC plugin console grants users administrative access 1500808 - UI: infinispinner appears when clicking on Add or cancel button of copy report for Guest OS Information-any OS 1500954 - DetachVolume is missing in AWS EBS cloudwatch event catcher 1501475 - overwriting reports causes new runs of the report to not show data for some columns 1501481 - Edit cloud instance:Show parent and child VMs details for cloud instances too 1501524 - Ansible playbook service max TTL is always divisible by 100 1501897 - Container Providers -> Topology View raises 'capitalize' error 1503611 - Toast notifications missing error icon 1503639 - RHV provider VM Quad icon page: VM power 'reset' option do not fail as expected. 1504199 - RFE: Expose Disks in the ServiceModel through Hardware 1504775 - Wrong flash message displayed when import/commit widget 1505415 - Records with duplicate timestamp in metrics rollup table 1505456 - UI: PDF Download button is missing from the infra provider summary page (it is displayed for cloud providers) 1505501 - [DOC] Cannot copy a built in OpenSCAP policy 1505503 - container group creation\deletion rates are miscalculated for container projects 1505545 - HTML5 Console Does Not Display From SSUI/OPS UI VMWare 1505951 - Azure extra disk information of VM is not showing from CFME which prevents Chargeback calculation for the usage. 1506624 - compute.instance.exists events 1509008 - Global Region Widget doesn't have data 1509024 - "Orders" should be "My Orders" 1509378 - Error messages disappear when clicked or text selected. 1509391 - [REGRESSION][AZURE]Can't provision VM from private image 1509414 - Missing notification type icons in the Notification Drawer 1509419 - Queue workers are frequently querying pg_backend_pid 1509423 - [ja_JP][fr_FR] ON/OFF button varies in size on 'Manage quotas for Tenant' 1510054 - Do not purge session if there are no sessions 1510142 - Cannot ommit Compute->Containers->Containers from RBAC role. 1510175 - managed disks are not removed as part of azure stack retirement 1510241 - Filters under Job Templates do not work properly 1510564 - error while syncing openstack tenants : failed to save the new source_tenant 1510698 - chargeback filters selection issue 1511032 - VM retirement fails when using ovirt-engine SDK (V4) 1511125 - Unable to delete Cloud Network in Cloud Networks View 1511130 - CloudForms does not show region-level Utilization from "Optimize" -> "Utilization" menu 1511135 - 'Optimize > Utilization' only shows a subset of providers 1511142 - Wrong units of net_usage_rate_average in containers metrics 1511144 - Cancellation of 'Create New Host Aggregate' with empty values showing warning 1511147 - unable to scan lvm2 partitions that were thin provisioned under rhevm 4.1 1511196 - Typo or bug in openstack network_manager refresh parser. 1511502 - set_network_adapter method erroring out with undefined method `[]' for nil:NilClass')] 1511517 - When provisioning an Ansible Embedded playbook, dialog's service_name does not set the service name 1511528 - Group Filters: Selected host is deselected after group saving 1511548 - RHOS 12 tenants are not mapped to CFME 1511595 - Several broken associations in container-related service models 1512661 - [RFE] [v2v] There are unsupported v2v operations, that could have been blocked at the v2v submit stage 1512665 - selection doesn't move along with added/copied Condition in Control->Explorer->Policies treeview 1512667 - Network deletion provided with no flash message 1512694 - Inconsistency between filled name and name in accordion of Provision Dialogs 1512695 - Unexpected error encountered while downloading pdf from configuration profile 1512706 - vmdb size constantly increasing 1+gb a day 1512728 - Azure - Disk properties missing or incorrect 1512955 - [v2v] Add a warning to user, in case trying to run v2v for windows VM, without installing the required drivers 1512967 - Smartstate Analysis Snapshot of Azure Managed Disks fails with "The value of parameter snapshot.name is invalid. (cause: 400 Bad Request) creating SSA Snapshot" if the disk name exceeds 60 characters. 1513124 - PG String Data Right Truncation error: Value too long for type character varying(255) 1513509 - Region was offline - after a restart region has lost all data 1513699 - unable to provision against SCVMM with "VMM is unable to perform this operation without a connection to a Virtual Machine Manager management server" 1514139 - Embedded ansible fails to start. Can't create credentials or add repositories. 1514184 - Chargeback report is not available after deleting linked task 1514570 - Changing cloud volumes in a service provisioning dialog still runs with original value. 1515367 - Ops UI service catalog list view displays a cube icon rather than the user's uploaded icon 1515402 - No flash message during duplicate class add. 1515407 - Inconsistency between customization template name and description while deletion 1515416 - VMware WebMKS Console: Does not support CTRL+ALT+DEL Input 1515426 - Button 'Save' is always disabled on Edit Subnet Page 1515483 - Azure Smart State on Windows VM throwing error "undefined method `[]' for nil:NilClass" in evm.log 1518357 - Container Image openSCAP compliance check doesn't response for several Images 1518368 - Duplicate Customization Template name doesn't show flash error message 1518372 - [RFE] Service pane service/explorer Unexpecting error encountered 1518374 - Quota - exclude orphaned VMs from used counts 1518383 - Unable to clone OSP template.Blank page displayed when clicked on clone template 1518392 - Chargeback rate assignment page doesn't show duplicate clusters 1518600 - Element Name must be alphanumeric characters and underscores without spaces 1519809 - setting certain types of filters can cause puma to consume all cpu 1519910 - Smart State Analysis doesn't show data in "Patches" and "Registry Entries" etc for Windows VM. 1519915 - Mismatch between cloud volume table and details 1519987 - Logging of the server process memory/cpu (MiqServer.log_status) is incorrect 1520541 - Multiple cloud volumes can't be added in Catalog 1520557 - error "undefined method `[]=' for nil:NilClass" while syncing against rhevm 3.6 1521036 - Azure NetworkManager refresh failure with "undefined method `source_address_prefix'" error 1522951 - Re-enable Web Console button. 1523402 - Classification validation errors in seeding keep server from starting 1523404 - VMWare WebMKS consoles do not proxy sessions as VNC sessions do in CloudForms 1523408 - C & U collection tab empty and fatal error appears in production log 1523771 - Attempting to collect power status during retirement can cause exception 1523773 - policy profile doesn't get selected in Policy Profiles when policy profile is clicked in one of timelines events 1523774 - Wrong project names on Ad Hoc matrics page cause to internal server error 1523777 - Access Control: No option to 'Delete selected Groups' when selecting multiple groups under Access Control EVM Groups 1523788 - Setting Start Page to Container/Explorer sets to URL to an invalid URL 1523851 - Azure Network Manager refreshes fail with 'undefined method `[]' for nil:NilClass' when executing parse_load_balancer_pool_members 1523855 - Prevent scaling down with scale provider 1524646 - Backport cloud_subnet API collections to CloudForms 1525092 - long loading times of the self service portal dialogs 1525551 - Provision Error "A specified parameter was not correct: spec. nicSettingMap.adapter.ip" under VMware after VM cloning from template. 1525563 - Drift analysis table shows double icons 1525583 - No event in timeline for the web console activity in RHV41 1526040 - Tagged Datastores in chargeback storage don't work 1526473 - Large MiqServer process leads to large generic workers that get killed 1527676 - SSUI: Error while adding to shopping cart: `Must specify a service_template_href for adding a service_request` 1530653 - Unable to set control policies for Kubernetes Events from OpenShift 1530708 - No ESX 6.5 platform filter 1530717 - Empty page on Cloud Volume page 1531146 - configuration options are not correctly being logged into last_boot.log and the evm.log 1531147 - Can't register RHSM or apply cfme updates through webui on IPV6 only appliance 1531156 - [RFE] VCloud provider log and debug option in adv config 1531161 - [Regression] Quota check for users errors out with "no implicit conversion of nil into String" for service provisioning 1531177 - Got unexpected API result object Array 1531178 - Duplicate field called Type in Expression Field 1531256 - When provisioning an Azure instance and selecting NONE for the Public IP Address option a public IP is still assigned. 1531261 - Could not determine root drive letter on Azure Windows 2016 Datacenter VM 1531262 - Can not delete schedules from schedules details page 1531274 - UI of Adding a new group page is different in en_US vs non en_US language 1531554 - [Regression] C&U data can't be fetched for cloud providers 1531615 - C&U Host Graph: Drilling graph for VM with Group by some tag gives unexpected error. 1531618 - C&U Availability Zone Graph: Drilling graph for Instances with Group by some tag gives unexpected error. 1531619 - C&U Cluster Graph: Drilling graph for VM/ Host with Group by some tag gives unexpected error. 1532328 - Authentication issue for api/automation_requests call to Master in multi-region setup 1532854 - Smartstate request taking too long is killed because Worker Monitoring Code incorrectly thinks the busy Smartproxy Worker is not responding 1532857 - custom reports not visible to group/role that could see them prior to recent upgrade 1533167 - Unexpected error encountered while accessing policy event timeline in availability zones 1533169 - WebMKS Console: Toggle Full Screen button does not work on Internet Explorer 11 1533171 - [Regression] HTML5 Console: Toggle Full Screen button does not work on Internet Explorer 11 1534584 - Cloudforms: Event VMDestroy_Task does not exists under event list 1534589 - Quota fails when an active Service request contains an Invalid service_template. 1534591 - Cannot start worker service (evmserverd) 1534601 - [Regression] VM console button is wrongly disabled based on VMware Console Support Configuration from OPS UI 1536052 - Unable to browse VM Summary Screen with a NULL Custom Attribute name 1536672 - Memory Leak in MiqServer process 1537015 - [Embedded Ansible] - Credentials of SCM/Machine repository cannot be edited 1537145 - Edit tag page doesn't open for subnets and routers list opened from network details 1537284 - When provisioning VM in Azure, errors do not appear in UI for certain field 1538349 - [SCVMM] Destination placement_host_name not provided 1538350 - Tag: Restricted items can be selected in drop downs while creation/editing, which cause unexpected error 1538351 - Can't retire stack from details view 1539752 - [RFE] Naming Runs Before Parsed Dialog: Dialog Options missing via prov.get_tags or prov.get_option 1540699 - Selecting filter with "expression Service: Aggregate All Vm Cpus" results in exception 1541072 - After Openstack 10 triggers an "unknown" state on instances, when it recovers Cloudforms duplicates vms instead of recovering them 1542170 - chargeback assignment reset to if another container provider is assigned a rate 1542240 - Change VMware console api detection from vCenter to ESXi Host 1542577 - VMs powered event on/off and vms powered off RSS links are broken 1542741 - Object store objects and containers are not synched to CFME UI and swift manager refresh ends with errors 1543121 - service dialogs api calls create and edit inconsistency - cfme version 5.8.2.3 1543150 - Smartstate Analysis greyed out on workers not in a provider zone (webui zone) 1543172 - Quota - Active provisions calculations allow quota to be over allocated 6. Package List: CloudForms Management Engine 5.8: Source: ansible-2.4.3.0-1.el7ae.src.rpm cfme-5.8.3.4-1.el7cf.src.rpm cfme-appliance-5.8.3.4-1.el7cf.src.rpm cfme-gemset-5.8.3.4-1.el7cf.src.rpm postgresql94-9.4.15-3PGDG.el7at.src.rpm python-crypto-2.6.1-16.el7at.src.rpm python-jmespath-0.9.0-4.el7ae.src.rpm python-paramiko-2.1.1-2.el7ae.src.rpm noarch: ansible-2.4.3.0-1.el7ae.noarch.rpm python-paramiko-2.1.1-2.el7ae.noarch.rpm python-paramiko-doc-2.1.1-2.el7ae.noarch.rpm python2-jmespath-0.9.0-4.el7ae.noarch.rpm x86_64: ansible-tower-server-3.1.5-3.el7at.x86_64.rpm ansible-tower-setup-3.1.5-3.el7at.x86_64.rpm cfme-5.8.3.4-1.el7cf.x86_64.rpm cfme-appliance-5.8.3.4-1.el7cf.x86_64.rpm cfme-appliance-debuginfo-5.8.3.4-1.el7cf.x86_64.rpm cfme-debuginfo-5.8.3.4-1.el7cf.x86_64.rpm cfme-gemset-5.8.3.4-1.el7cf.x86_64.rpm postgresql94-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-contrib-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-debuginfo-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-devel-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-docs-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-libs-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-plperl-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-plpython-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-pltcl-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-server-9.4.15-3PGDG.el7at.x86_64.rpm postgresql94-test-9.4.15-3PGDG.el7at.x86_64.rpm python-crypto-debuginfo-2.6.1-16.el7at.x86_64.rpm python2-crypto-2.6.1-16.el7at.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-12191 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFalqkXXlSAg2UNWIIRArnBAKCMw9buWTAPfrXeiEZuljTz/dIYAgCfUGy4 3alPtPhgZFtenmbXzdie+hs= =C1WF -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce