• The Product Security Blog has moved!

    Red Hat Product Security has joined forces with other security teams inside Red Hat to publish our content in a common venue using the Security channel of the Red Hat Blog. This move provides a wider variety of important Security topics, from experts all over Red Hat, in a more modern and functional interface. We hope everyone will enjoy the new experience!
    Posted 2019-03-19T19:38:17+00:00 - 3
  • How to configure Satellite 6.4 to execute Insights' remediation playbooks

    Configuring Satellite 6.4 for Insights' remediation playbook execution As explained in my previous post, in Satellite 6.4 Insights integration has gone deeper than ever. With this new release, now Insights remediation playbooks can be executed from within the Satellite Web interface. In this post, we are going to cover how Satellite 6.4 has to be configured in order to do so. Basically, we simply need to allow Foreman to execute commands remotely. This plugin enables Foreman to run arbitrary...
    Posted 2018-11-20T16:36:03+00:00 - 12
  • Satellite Blog move - What you need to know

    After many years of being hosted on the customer portal, the Satellite blog has been moved to the main Red Hat blog with the majority of the official blogs. Along with hosting on a more modern platform colocated with many of the other Red Hat blogs, this change will allow us to create more dynamic content, reach a broader audience and focus on a variety of management and automation topics and trends. The new blog is part of the Automation and Management channel which focuses on covering key...
    Posted 2018-11-08T20:35:37+00:00 - 2
  • Running Insights remediation playbooks within Satellite 6.4

    What’s all the fuss about Satellite 6.4? Haven’t you heard the news? Satellite 6.4 gives you the ability to remediate your systems with Insights by executing remediation playbooks directly from the UI. How awesome is that?! Let’s walk through the steps… Insights Remediation within Satellite In this blog, we’re going to identify and resolve issues with Insights, but this time from the Satellite UI (6.4 required), using Satellite 6.4’s new Ansible capabilities. The first steps are the same as...
    Posted 2018-10-17T10:30:01+00:00 - 10
  • Satellite 6.3.4 has just been released.

    The main driver for the 6.3.4 release is ongoing performance and stability improvements. There are 17 bugs squashed in this release - the complete list is below. There is one erratum for the server [1] and one for the hosts [2]. The install ISOs will be updated next week. Customers who have already upgraded to Satellite 6.3 should follow the instructions in the errata. Customers who are on older versions of Satellite should refer to the Upgrading and Updating Red Hat Satellite Guide. You may...
    Posted 2018-10-10T21:58:58+00:00 - 14
  • Red Hat Insights guidelines for deployment at scale

    Insights guidelines for deployment at scale Insights usage varies from customer to customer so there is no real "one size fits all" template. However it is worth highlighting some of the features Red Hat has in place to assist with large sized deployments. This is not intended to be a best-practices guide, just some things to consider. Deployment I typically emphasize how easy it is to deploy insights - with its minimal steps, because it is a SaaS solution. See the getting started guide. If a...
    Posted 2018-09-07T15:04:56+00:00 - 0
  • Red Hat Satellite 6.4 Beta is now available

    We are pleased to announce that Red Hat Satellite 6.4 is now available in beta to current Satellite customers. Red Hat Satellite is an infrastructure management platform, designed to manage system patching, provisioning, configurations and subscriptions across the entirety of a Red Hat environment. Satellite offers a lifecycle management solution to help keep your Red Hat infrastructure running efficiently and with greater security, which can reduce costs and overall environmental complexity....
    Posted 2018-09-05T12:55:50+00:00 - 3
  • Satellite 6.3.3 is now available

    Satellite 6.3.3 has just been released. The main driver for the 6.3.3 release is ongoing performance and stability improvements. There are 24 bugs squashed in this release - the complete list is below. The most notable issue is there was a critical Pulp maintenance routine that never executed that is now resolved with this update. 6.3.3 adds a weekly cron schedule to ensure execution of the maintenance job. For customers with large numbers of content hosts (10,000+) there may be a possible...
    Posted 2018-08-23T00:06:45+00:00 - 1
  • New Red Hat Product Security OpenPGP key

    Red Hat Product Security has transitioned from using its old 1024-bit DSA OpenPGP key to a new 4096-bit RSA OpenPGP key. This was done to improve the long-term security of our communications with our customers and also to meet current key recommendations from NIST (NIST SP 800-57 Pt. 1 Rev. 4 and NIST SP 800-131A Rev. 1). The old key will continue to be valid for some time, but it is preferred that all future correspondence use the new key. Replies and new messages either signed or encrypted...
    Posted 2018-08-22T13:30:00+00:00 - 0
  • Plans within Satellite!

    Remediation plans within Satellite! One of the most exciting capabilities in Satellite 6.3 is greater integration with Red Hat Insights. Although there are tons of other great features, this one is so important I thought it worth a blog post. Using Red Hat Insights from the Satellite UI is now no different than using it in the Customer Portal. The coolest added feature brings the full functionality of Insights Planner to Satellite (planner itself was added in 6.2). You can now create...
    Posted 2018-07-23T09:46:03+00:00 - 2
  • SPECTRE Variant 1 scanning tool

    As part of Red Hat's commitment to product security we have developed a tool internally that can be used to scan for variant 1 SPECTRE vulnerabilities. As part of our commitment to the wider user community, we are introducing this tool via this article. This tool is not a Red Hat product. As such, it is not supported and does not come with any kind of warranty. The tool only works on static binaries and does not simulate an entire running system. This means it will neither follow jumps through...
    Posted 2018-07-18T13:30:00+00:00 - 0
  • Red Hat’s disclosure process

    Last week, a vulnerability (CVE-2018-10892) that affected CRI-O, Buildah, Podman, and Docker was made public before some affected upstream projects were notified. We regret that this was not handled in a way that lives up to our own standards around responsible disclosure. It has caused us to look back to see what went wrong so as to prevent this from happening in the future. Because of how important our relationships with the community and industry partners are and how seriously we treat non-...
    Posted 2018-07-10T13:00:00+00:00 - 0
  • What you need to know to be ready for Satellite 6.4 and Puppet 5

    As we work towards a Satellite 6.4 release this fall there are some very important changes to Puppet that are coming that the Satellite team wants to prepare you for. Note: This affects ALL Satellite 6.3 users, even if you are not using Puppet or if you are using Puppet Enterprise. The last few releases of Satellite have supported Puppet 3.8, a version which has been end-of-life since December 31, 2016. Satellite 6.3 introduced support for Puppet 4, but since there were some major changes on...
    Posted 2018-06-26T22:49:49+00:00 - 7
  • Satellite 6.3.2 is now available

    Satellite 6.3.2 has just been released. The main driver for the 6.3.2 release is allowing customers to disable weak ciphers, but there are several other new features and fixes. There are two errata for the server [1][3] and one for the hosts [2]. The install ISOs will be updated later this week. Customers who have already upgraded to Satellite 6.3 should follow the instructions in the errata. Customers who are on older versions of Satellite should refer to the Upgrading and Updating Red Hat...
    Posted 2018-06-20T07:04:16+00:00 - 0
  • Insights 103

    Back in the Hood!! After a crazy and exciting week of innovations in San Francisco, here I am again to tell you a bit more on how to customize Red Hat Insights to your needs! To blacklist or not to blacklist, that is the question As explained in my previous post Red Hat Insights 102, you can control the data Red Hat Insights sends to Red Hat servers, how data is sent, and when it is sent. But deviating from the default has its drawbacks too. We want to provide our customers with the necessary...
    Posted 2018-05-29T19:35:47+00:00 - 10
  • Satellite 6.2.15 is now available

    Red Hat Satellite 6.2.15 includes bug fixes for improving the performance of Satellite 6.2.x. There is one erratum for the server [1] and one for the hosts [2]. ISOs should be published next week. Customers who have already upgraded to 6.2 should follow the instructions in the errata. Customers who are on 6.1.x should follow the upgrade instructions in the Satellite 6.2 Installation Guide. Customers who have received hotfixes should verify the list below to ensure their hotfix is contained in...
    Posted 2018-05-23T11:23:32+00:00 - 2
  • Go West, [not so] young Spinks: One Satellite member’s guide to Red Hat Summit 2018

    Greetings! I’m John Spinks, Technical Marketing Manager for Satellite. While I’m relatively new to Red Hat, I get to work with Red Hat Satellite engineers and customers every day. Next week is my first Red Hat Summit so I’m excited to get to see so many of both in one place. Not only is this my first Summit as an attendee, I’m honored to say that this will also be my first time at Summit as a speaker. Brent Midwood and I will be presenting the session: Live Demonstration: Find it. Fix it....
    Posted 2018-05-02T13:10:32+00:00 - 0
  • Red Hat Management & Automation with Insights at Red Hat Summit San Francisco 2018!

    Hi again everyone, I'm Will Nix, Technical Evangelist for Red Hat Management & Automation and I'm headed into my 7th year here at Red Hat. I'm really excited for everyone to join us this year at Red Hat Summit 2018 in San Francisco's Moscone center. For the past several years I've presented at Summit, and again this year I'll be presenting in several sessions, labs, and workshops. Check out a really brief description below and join me! Sign up for the events in your Red Hat Summit app, and...
    Posted 2018-05-01T15:21:09+00:00 - 1
  • Satellite 5 and RHN End of Life - Making sure that you are only connected to RHSM.

    Have you completed your migration from Satellite 5 to Satellite 5.8, but you keep getting messages from us about upgrading before January 31, 2019? It could be that your systems are still registered with Red Hat Network (RHN), even if you have moved to a newer version. Let's walk through a couple steps to show you how you can check and see if you are registered with RHN or Red Hat Subscription Manager (RHSM). I moved to Satellite 6 - Does this affect me? If you have moved off of Satellite 5 to...
    Posted 2018-04-30T13:00:07+00:00 - 1
  • Join us in San Francisco at the 2018 Red Hat Summit

    This year’s Red Hat Summit will be held on May 8-10 in beautiful San Francisco, USA. Product Security will be joining many Red Hat security experts in presenting and assisting subscribers and partners at the show. Here is a sneak peek at the more than 125 sessions that a security-minded attendee can see at Summit this year. Sessions Cloud Management and Automation S1181 - Automating security and compliance for hybrid environments S1467 - Live demonstration: Find it. Fix it. Before it breaks....
    Posted 2018-04-23T14:30:00+00:00 - 0
  • Certificate Transparency and HTTPS

    Google has announced that on April 30, 2018, Chrome will: “...require that all TLS server certificates issued after 30 April, 2018 be compliant with the Chromium CT Policy. After this date, when Chrome connects to a site serving a publicly-trusted certificate that is not compliant with the Chromium CT Policy, users will begin seeing a full page interstitial indicating their connection is not CT-compliant. Sub-resources served over https connections that are not CT-compliant will fail to load...
    Posted 2018-04-17T15:00:01+00:00 - 0
  • Satellite 6.3.1 is now available

    Red Hat Satellite 6.3.1 includes packages that supports Red Hat Enterprise Linux 7.5 as well as a variety of performance enhancements and general bug fixes. Especially notable is the improvements in the performance of content views. In our tests we've seen publishing of a single content view on RHEL7 redunce in time by 43% and publishing of composite views reduced 95%. To put numbers to this 6.3.0 took 320 seconds to publish a composite view while 6.3.1 took 14 seconds to publish the same CV...
    Posted 2018-04-13T14:43:30+00:00 - 0
  • Preparing to Upgrade Satellite? Open a Proactive Support Case.

    Worried about your upcoming Satellite upgrade? Don’t be. In addition to our detailed upgrade documentation, our support team has been through hundreds of upgrades and they’re happy to help if something deviates from your expectations. In order to optimize your upgrade experience if you chose to engage our support team, please submit what we call a “Proactive Support Case” ahead of your planned upgrade window. Why should you do this? This will allow for an experienced Satellite support...
    Posted 2018-04-11T16:33:49+00:00 - 1
  • Let's talk about PCI-DSS

    For those who aren’t familiar with Payment Card Industry Data Security Standard (PCI-DSS), it is the standard that is intended to protect our credit card data as it flows between systems and is stored in company databases. PCI-DSS requires that all vulnerabilities rated equal to, or higher than, CVSS 4.0 must be addressed by PCI-DSS compliant organizations (notably, those which process and/or store cardholder data). While this was done with the best of intentions, it has had an impact on many...
    Posted 2018-02-28T14:30:00+00:00 - 3
  • Satellite 6.3 is now available

    Red Hat Satellite 6.3 is now available. Red Hat is pleased to announce the general availability of Red Hat Satellite 6.3. The latest release increases product stability and usability, and introduces new and enhanced features designed to meet user needs. Key features of Red Hat Satellite 6.3 are organized into key content areas below. Most of the new features include links to the feature overview available on the content portal. Content Management: Improved content download policies and...
    Posted 2018-02-21T16:57:28+00:00 - 41

Pages