API

BZ#1139147

Previously, listing products using API/CLI was slow and lead to timeouts. This issue has been fixed in this release.

CLI

BZ#1134954

Previously, API call unhandled exceptions were being passed to the client. These exceptions can be cryptic in nature. Now, when an unhandled exception happens on an API call, the error is translated to a debug message and passed to the client.

Client/Agent

BZ#1146292

A recent update in the Red Hat Subscription Manager (RHSM) package moved the ConsumerIdentity class location and prevented goferd from importing the katello plugin. This prevented all katello-agent functionality from working. A fix has been added to reference the new location for ConsumerIdentity. The katello plugin should import without any issues when goferd is started.

Content Management

BZ#1142301

Uploading a puppet module or rpm to a repository in the webUI failed with error : "No such file or directory - /tmp/RackMultipartxxxx" on a Satellite Server installed on a Red Hat Enterprise Linux 7 host. The module/rpm are now pre-copied in a private tmp folder and should successfully upload.

BZ#1144443

When virt-who reports to katello, hypervisor content hosts are created. These hypervisor hosts could not be deleted from the Satellite Server because it was not being recognized as a pulp consumer, only a candlepin consumer. Changes were made to fix this and the ability has been added to delete a hypervisor content host.

BZ#1144194

When changing the repository distributions of a kickstart tree from one version to another, the repo sync failed during the pulp distributor publish step. Changes in pulp have fixed the issue and the resync should successfully execute.

Localization and Internationalization

BZ#1140507

Creating synchronization plans in a language other than english did not save the synchronization plan because time interval units were being incorrectly translated. This update correctly translates the time interval units, allowing the synchronization plan to be saved successfully.

Other

BZ#1135586

Core foreman tests were updated to ensure consistency with upstream testing.

Provisioning

BZ#1112169

Users experienced a loop when provisioning a virtual machine on oVirt/RHEV Compute Resources where the virtual machine will repeatedly kickstart and never finish. This was caused by a logic error in Foreman and is now fixed. Provisioning no longer loops when using oVirt/RHEV Compute Resources.

BZ#1135973

Foreman snippets require indention to render user data templates correctly. An indent helper has been added for use to indent Foreman snippets correctly when processing cloud-init user data scripts.

BZ#1143941

The Satellite Server could not connect to RHEV/oVirt Compute Resources that had non self-signed CA certificates. To fix this issue, the CA field in Compute Resources can now be edited. Providing the correct CA or CA chain should allow the Satellite Server to connect to the compute resource.

Registration

BZ#1155236

Previously, running virt-who on a virtual guest that has been reassigned to another organization did not change the hypervisor's organization affiliation in Subscription Asset Manager (SAM). Headpin had issues associating the hypervisor to the correct organization.The hypervisor should now be registered to the same organization that the virtual machine is registered to whenever virt-who is run.

BZ#1119657

When kickstarting an Openstack and image-based virtualization system, the system fails to register to the Satellite Server. Katello templates and userdata have been added to allow kickstarted image-based virtualization systems to register to the Satellite Server automatically.

Security

BZ#1153812

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. Satellite Server's pulp configuration has been changed to refuse SSLv2 and SSLv3 and to allow TLSv1.0 and greater.

Subscription Management

BZ#1149902

In the previous version, virt-who failed to provide Satellite Server with hypervisor data which results in hypervisors not appearing in the Satellite Server. Code changes have been made to properly process incoming and updated hypervisors. Hypervisors should now appear correctly on the Satellite Server.

BZ#1140653

Previously, when deleting a host through Foreman, the content host was deleted correctly but the subscription remained in use. The content_host_active record would be deleted however the backend candlepin or pulp consumer information was not. In the current release, this has been remedied and subscriptions are made available again once a host is deleted.

Transitions

BZ#1140256

The system-profile-transition rpm has been changed to avoid using advanced rpmlib capabilities to avoid issues with the transition tool and for times when the build operating system is greater than the OS being installed.

WebUI

BZ#1121096

Previously, content source settings on a host group were not inherited when provisioning hosts because of an error in the implementation of host group content source inheritance. This implementation has been corrected and hosts can now inherit their hostgroup's content source.

BZ#1123483

Previously, the Satellite Server did not inform the user of any errors that occured when enabling repositories. Better error reporting messages have been added into the web UI. If an issue crops up when enabling repositories, the UI should now inform the user about these errors.

BZ#1150674

Previously, when selecting a system with applicable errata and going to the bulk actions pane in the errata tab, the errata show up but the 'applicable content hosts' column is blank. It now shows a clickable number in the bulk actions pane that goes to the list of content hosts.