- Issued:
- 2018-11-07
- Updated:
- 2018-11-07
RHBA-2018:3520 - Bug Fix Advisory
Synopsis
RHUI 3.0.6 bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated RHUI 3 packages that fix several bugs and add various enhancements are now available.
Description
Red Hat Update Infrastructure (RHUI) is a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances. Based on the upstream Pulp project, RHUI allows cloud providers to locally mirror Red Hat-hosted repository content, create custom repositories with their own content, and make those repositories available to a large group of end users through a load-balanced content delivery system.
This update fixes the following bugs:
- If the Red Hat entitlement certificate was deleted while rhui-manager was running, rhui-manager did not handle this loss correctly and an unexpected error occurred when trying to add a new repository. This update adds proper checks to rhui-manager that prevent the error from occurring. (BZ#1325390)
- Previously, rhui-manager did not load SSH keys from the ~/.ssh/known_hosts file while adding a CDS or HAProxy node. Consequently, it was not possible to add a CDS or HAProxy node unless the -u option was used, which skipped SSH host key verification. With this update, rhui-manager loads the ~/.ssh/known_hosts file. If the SSH host key for the CDS or HAProxy node is already known, it is used to verify that the remote host is the intended one; otherwise, a message is printed to encourage the RHUI administrator to add the SSH host key to the ~/.ssh/known_hosts file. (BZ#1409460)
- Prior to this update, if the host name of a CDS or HAProxy node to add contained capital letters while the actual host name contained all lowercase letters, the addition failed. All letters in host names being added are now converted to lowercase, which resolves this issue. (BZ#1572623)
In addition, this update adds the following enhancements.
- With this update, custom repositories can be created using the command line interface of rhui-manager. Also, any repositories can be deleted from the command line interface. See Appendix B. Red Hat Update Infrastructure Command-Line Interface in the System Administrator's Guide, linked to in the References section, for information about the command line parameters that add these features. (BZ#1582087)
- This update ensures that content certificates for RHUI clients are signed using Secure Hash Algorithm (SHA) 256, which is considered more secure than SHA 1, previously used when generating the certificates on RHEL 6. (BZ#1628957)
Users of RHUI are advised to upgrade to these updated packages that fix these bugs and add these enhancements.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Update Infrastructure 3 for RHEL 7 x86_64
- Red Hat Update Infrastructure 3 for RHEL 6 x86_64
Fixes
- BZ - 1325390 - function 'a - add a new Red Hat content repository' doesn't check whether the RH certificate file exists
- BZ - 1409460 - 'rhui-manager {cds,haproxy} add' wants {cds,haproxy} in known_hosts or ssh connection error
- BZ - 1572623 - [RHUI3] rhui cds add "FQDN with upper case" failed
- BZ - 1582087 - RFE: create a custom repo & delete a repo in the CLI
- BZ - 1628957 - Use sha256 for content certificates for RHUI clients
CVEs
(none)
Red Hat Update Infrastructure 3 for RHEL 7
SRPM | |
---|---|
rh-rhui-tools-3.0.6-7.el7ui.src.rpm | SHA-256: c9fd3d61f73645c9ef40474342a3bd3bcd63fd0b909fd7e10e519c0ce9602e4c |
x86_64 | |
rh-rhui-tools-3.0.6-7.el7ui.noarch.rpm | SHA-256: 8e33344296706935db1e9355031afd5b663f714bb328e2874ad68ebd65dac4a0 |
rh-rhui-tools-libs-3.0.6-7.el7ui.noarch.rpm | SHA-256: 5727ba9c8449457513d4faffb280cca2a00779a2961820cba093dde9a8d2780b |
Red Hat Update Infrastructure 3 for RHEL 6
SRPM | |
---|---|
rh-rhui-tools-3.0.6-7.el6ui.src.rpm | SHA-256: c5b3728b9c9042d506e667673ea6735190b7ac2a50e2a187cd27da417add73fd |
x86_64 | |
rh-rhui-tools-3.0.6-7.el6ui.noarch.rpm | SHA-256: b77a80ff55b353c4084765818dad4f8316de5d1ccfeb88c7160acd9e854af5ad |
rh-rhui-tools-libs-3.0.6-7.el6ui.noarch.rpm | SHA-256: 80e8d4de4683c27dcf4804b4048c4d4d4e50a8200b0e318bf143b192640bdc93 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.