RHBA-2012:0280 - Bug Fix Advisory

Topic

An updated python-rhsm package that fixes several bugs is now available for Red
Hat Enterprise Linux 5.

Description

The python-rhsm package is a library for communicating with the REST interface
of the Red Hat Unified Entitlement Platform. It provides access to the
Subscription Management tools which help users to understand specific products
which are installed on their machines and specific subscriptions which their
machines consume.

This updated python-rhsm package includes fixes for the following bugs:

• Previously, python-rhsm wrote entitlement certificate files that were readable

by all users. Consequently, all users could view the system's entitlements by
looking at the files. Now, python-rhsm writes certificates that are only
readable by the root user. As a result, only root is able to view system
entitlements using manual certificate inspection. (BZ#720360)

• The virt-who agent required new API calls to candlepin, the entitlement

management system, for reporting the status of hypervisors and virtual guests.
Without support in python-rhsm for these calls, virt-who would be unable to send
the required information to candlepin. With this update, wrappers for these
hypervisor-specific API calls have been added to python-rhsm. As a result,
virt-who is able to pass hypervisor-specific information for host and guest
entitlement management. (BZ#749853)

• Previously, if a system was subscribed to future-dated entitlements, the

"subscription-manager repos --list" command showed the future-dated
entitlement's repo in the repo list. This is incorrect and could be confusing to
users. This has been corrected by performing a check for future-dated
entitlements while iterating over the list of available repos. Users should no
longer see future-dated entitlements when using the "repos --list" command
directive. (BZ#768983)

All users of python-rhsm are advised to upgrade to this updated package, which
fixes these bugs.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 749853 - backport new python-rhsm API calls present in 6.2 for 5.8
• BZ - 768506 - Remove flex expiry code from client side
• BZ - 768983 - When consuming a future subscription, the repos --list should be empty.

CVEs

(none)

References

(none)