RHBA-2016:0171 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

CFME 5.4.5 bug fixes, and enhancement update

Type/Severity

Bug Fix Advisory

Topic

Updated cfme packages that fix a security issue, several bugs,
and add various enhancements are now available for Red Hat
CloudForms 3.2.

Red Hat Product Security has rated this update as having Moderate
Security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Description

Red Hat CloudForms Management Engine delivers the insight, control,
and automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails,
a model-view-controller (MVC) framework for web application
development. Action Pack implements the controller and the view
components.

This update also fixes several bugs. Documentation for these changes
is available in the Release Notes linked to in the References section.

All CFME users are advised to upgrade to these updated packages, which
correct these issues and add these enhancements.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/articles/

Affected Products

Red Hat CloudForms 3.2 x86_64

Fixes

BZ - 1214511 - [UI] Console Not working in Firefox or Chrome
BZ - 1256941 - UI : Error: Wrong validation message shown when template not selected for SCVMM provider
BZ - 1256944 - SmartState Analysis on EC2 instance via Quadicon
BZ - 1273191 - Heat stack deployment gets stuck when stack parameter is not found
BZ - 1286120 - post 5.3 => 5.4.2 => 5.4.3.1 upgrade, it is possible to encounter issues interacting with openstack data present since 5.3
BZ - 1286864 - Intermittent "RangeError: 0xnnnnnnn is recycled object" errors when running automation scripts
BZ - 1287731 - VMware provider refresh fails with 'divided by 0'
BZ - 1287759 - non-admin users are unable to view saved reports
BZ - 1289688 - Scheduled reports generate for last group selected by user when user is a member of multiple groups
BZ - 1290536 - CFME 5.4 beta - Cannot add a Control Action that specifies an Action Type of "Invoke a Custom Automation"
BZ - 1291881 - Searching on Host vmm_vendor in the UI brings back no records
BZ - 1292575 - Backport custom support url length.
BZ - 1292579 - UI: Download file from saved report is named after the current date rather than after the report saved date
BZ - 1292581 - WebUI: Host: Services: Error "undefined method `id' for nil:NilClass [host/host_services]" found while accessing Services
BZ - 1293417 - Cloudforms widget not refreshed as scheduled
BZ - 1293734 - Amazon t2.nano instance type is not supported
BZ - 1297005 - Edit menu for CFME database backup schedule displays a wrong Starting time.
BZ - 1297434 - CF 3.2: Switching user groups invalidates browser/version/os information, which might be disabling the console buttons on the VM.
BZ - 1297952 - CF 3.2: Automation code throwing "0x000... is recycled object" exceptions
BZ - 1298965 - Unexpected error after clicking on hosts under Utilization
BZ - 1300071 - Product Assistance text box renders incorrectly for non-super administrators
BZ - 1300080 - odd behavior sorting automate domains
BZ - 1300804 - Foreman UI: Provider detail page is missing the "Configuration" button in the toolbar
BZ - 1301084 - network association missing from vm.hardware.nics
BZ - 1303872 - The control engine is not detecting "VM Retirement Warn" event.
BZ - 1304006 - Error while executing a report
BZ - 1305171 - Flash message displayed twice while adding, deleting, editing schedules
BZ - 1306361 - CloudForms inventory fails when an openstack cinder volume contains no 'device' directive in the attachments property
BZ - 1306433 - /etc/cron.hourly/miq_top_hourly calls /bin/miqtop which does not exist
BZ - 1306713 - Update license for Prince
BZ - 1308692 - During retirement the user that started the retirement should be stored as userid not user_id
BZ - 1308991 - Incorrect flash message while enabling/disabling schedule
BZ - 1310248 - AMQP connection doesn't recover after rabbitmq-server restart
BZ - 1311279 - UI: Reports - Edit - reset breaks tabs
BZ - 1317906 - 5.4.5.0 updated to 5.4.5.1 does not work properly (DOA?)

CVEs

(none)

References

http://www.redhat.com/security/updates/classification/#normal

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat CloudForms 3.2

SRPM
cfme-5.4.5.2-1.el6cf.src.rpm	SHA-256: 814cbe191110b38b85da124eab253ad3b97727f5bd968ca975076f0956e92c90
cfme-gemset-5.4.5.2-1.el6cf.src.rpm	SHA-256: d32b8f0413512cf0d4095c6694b306ab962e8f5df4a7a5a629dd3bb026d3014d
x86_64
cfme-5.4.5.2-1.el6cf.x86_64.rpm	SHA-256: 8cd37cb2ce05c829b06ed6dd9305650e90b8d639e0553bd79514627c27bd1990
cfme-appliance-5.4.5.2-1.el6cf.x86_64.rpm	SHA-256: 446c454b2fabb2390656a6f85d25dff411835dae3d92fa2c659aa62a157d6282
cfme-debuginfo-5.4.5.2-1.el6cf.x86_64.rpm	SHA-256: 1fc3c508ee87af4266343c409892affb21e83206462bee9495bf556ecd0c65ff
cfme-gemset-5.4.5.2-1.el6cf.x86_64.rpm	SHA-256: f900f6dade0df1667aae8c04f04371d88bf533275b7052528332b98d993c10b4
cfme-lib-5.4.5.2-1.el6cf.x86_64.rpm	SHA-256: eafd3e95a72fcf7f172cbe9172a5ef15657a45008daf3075388e525ee686160f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories