Red Hat Customer Portal

Skip to main content

Main Navigation

  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
Red Hat Customer Portal
  • Products & Services
    • Back
    • View All Products
    • Infrastructure and Management
      • Back
      • Red Hat Enterprise Linux
      • Red Hat Virtualization
      • Red Hat Identity Management
      • Red Hat Directory Server
      • Red Hat Certificate System
      • Red Hat Satellite
      • Red Hat Subscription Management
      • Red Hat Update Infrastructure
      • Red Hat Insights
      • Red Hat Ansible Automation Platform
    • Cloud Computing
      • Back
      • Red Hat CloudForms
      • Red Hat OpenStack Platform
      • Red Hat OpenShift Container Platform
      • Red Hat OpenShift Online
      • Red Hat OpenShift Dedicated
      • Red Hat Advanced Cluster Management for Kubernetes
      • Red Hat Quay
      • Red Hat CodeReady Workspaces
    • Storage
      • Back
      • Red Hat Gluster Storage
      • Red Hat Hyperconverged Infrastructure
      • Red Hat Ceph Storage
      • Red Hat Openshift Container Storage
    • Runtimes
      • Back
      • Red Hat Runtimes
      • Red Hat JBoss Enterprise Application Platform
      • Red Hat Data Grid
      • Red Hat JBoss Web Server
      • Red Hat Single Sign On
      • Red Hat support for Spring Boot
      • Red Hat build of Node.js
      • Red Hat build of Thorntail
      • Red Hat build of Eclipse Vert.x
      • Red Hat build of OpenJDK
      • Red Hat build of Quarkus
      • Red Hat CodeReady Studio
    • Integration and Automation
      • Back
      • Red Hat Integration
      • Red Hat Fuse
      • Red Hat AMQ
      • Red Hat 3scale API Management
      • Red Hat JBoss Data Virtualization
      • Red Hat Process Automation
      • Red Hat Process Automation Manager
      • Red Hat Decision Manager
    • Support
    • Production Support
    • Development Support
    • Product Life Cycles
    • Documentation
    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    • Services
    • Consulting
    • Technical Account Management
    • Training & Certifications
    • Ecosystem Catalog
    • Partner Resources
    • Red Hat in the Public Cloud
  • Tools
    • Back
    • Red Hat Insights
    • Tools
    • Solution Engine
    • Packages
    • Errata
    • Customer Portal Labs
    • Explore Labs
    • Configuration
    • Deployment
    • Security
    • Troubleshooting
  • Security
    • Back
    • Product Security Center
    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Security Labs
    • Resources
    • Overview
    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community
    • Back
    • Customer Portal Community
    • Discussions
    • Blogs
    • Private Groups
    • Community Activity
    • Customer Events
    • Red Hat Convergence
    • Red Hat Summit
    • Stories
    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Account
    • Back
    • Log In
    • Register
    • Red Hat Account Number:
    • Account Details
    • User Management
    • Account Maintenance
    • My Profile
    • Notifications
    • Help
    • Log Out
  • Language
    • Back
    • English
    • 한국어
    • 日本語
    • 中文 (中国)
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Search
  • Log In
  • Language
Or troubleshoot an issue.

Log in to Your Red Hat Account

Log In

Your Red Hat account gives you access to your profile, preferences, and services, depending on your status.

Register

If you are a new customer, register now for access to product evaluations and purchasing capabilities.

Need access to an account?

If your company has an existing Red Hat account, your organization administrator can grant you access.

If you have any questions, please contact customer service.

Red Hat Account Number:

Red Hat Account

  • Account Details
  • User Management
  • Account Maintenance
  • Account Team

Customer Portal

  • My Profile
  • Notifications
  • Help

For your security, if you’re on a public computer and have finished using your Red Hat services, please be sure to log out.

Log Out

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)
Red Hat Customer Portal Red Hat Customer Portal
  • Products & Services
  • Tools
  • Security
  • Community
  • Infrastructure and Management

  • Cloud Computing

  • Storage

  • Runtimes

  • Integration and Automation

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS
  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat Openshift Container Storage
  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus
  • Red Hat CodeReady Studio
  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
View All Products
  • Support
  • Production Support
  • Development Support
  • Product Life Cycles

Services

  • Consulting
  • Technical Account Management
  • Training & Certifications
  • Documentation
  • Red Hat Enterprise Linux
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Ecosystem Catalog
  • Red Hat in the Public Cloud
  • Partner Resources

Tools

  • Solution Engine
  • Packages
  • Errata
  • Customer Portal Labs
  • Configuration
  • Deployment
  • Security
  • Troubleshooting

Red Hat Insights

Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

  • Learn more
  • Go to Insights

Red Hat Product Security Center

Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

Product Security Center

Security Updates

  • Security Advisories
  • Red Hat CVE Database
  • Security Labs

Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

  • View Responses

Resources

  • Overview
  • Security Blog
  • Security Measurement
  • Severity Ratings
  • Backporting Policies
  • Product Signing (GPG) Keys

Customer Portal Community

  • Discussions
  • Blogs
  • Private Groups
  • Community Activity

Customer Events

  • Red Hat Convergence
  • Red Hat Summit

Stories

  • Red Hat Subscription Value
  • You Asked. We Acted.
  • Open Source Communities
Red Hat Product Errata RHSA-2013:1263 - Security Advisory
Issued:
2013-09-16
Updated:
2013-09-16

RHSA-2013:1263 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: Red Hat Storage Console 2.1 security update

Type/Severity

Security Advisory: Moderate

Topic

Updated Red Hat Storage Console packages that fix one security issue,
various bugs, and add enhancements are now available for Red Hat Storage
Server 2.1.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

Red Hat Storage Console (RHS-C) is a powerful and simple web based
Graphical User Interface for managing a Red Hat Storage 2.1 environment.
This feature is provided as a Technology Preview, and is currently not
supported under Red Hat Storage subscription services. Refer to the
following for more information about Technology Previews:
https://access.redhat.com/support/offerings/techpreview/

It was found that RESTEasy was vulnerable to XML External Entity (XXE)
attacks. If a remote attacker who is able to access the Red Hat Storage
Console REST API submitted a request containing an external XML entity
to a RESTEasy endpoint, the entity would be resolved, allowing the
attacker to read files accessible to the user running the application
server. This flaw affected DOM (Document Object Model) Document and JAXB
(Java Architecture for XML Binding) input. (CVE-2012-0818)

This update also fixes the following bugs:

  • A new server could not be added to a cluster if the required packages
    were not installed on the server. Now, the administrator can add a server
    to a cluster which will automatically install the required packages, if
    missing. (BZ#850431)
  • Previously, the rhs-log-collector tool did not collect GlusterFS related
    logs. (BZ#855271)
  • Previously, it was not possible for rhsc-setup to complete successfully
    on systems that have SELinux in disabled mode. (BZ#841342)
  • The 'Add Brick' button in the 'Add Bricks' pop up is now placed next to
    the 'Brick Directory' field for a better UI experience. (BZ#863929)
  • The UUID of the volume was not visible. Now, a new field is added to the
    'Summary' sub-tab of the 'Volumes' tab to display the UUIDs. (BZ#887806)
  • The web console was not accessible after a server reboot. The setup
    mechanism has been modified to ensure the web console is accessible after a
    server reboot. (BZ#838284)

This update also adds the following enhancements:

  • Previously, to import an existing storage cluster into the Red Hat
    Storage Console the hosts were added one by one. Now, a new feature has
    been added that allows users to import an existing storage cluster. The new
    Cluster Creation window has an option to import an existing storage
    cluster. If IP_Address or the hostname and password of one of the hosts of
    the cluster is entered, a list containing all the hosts of the cluster is
    displayed and the same can be added to the Console. The volumes which are
    part of the cluster also get imported. (BZ#850438)
  • The command line was required to enable a volume to use CIFS. Now, you
    can enable or disable the export of a volume with the new 'CIFS' checkbox
    in the 'Create Volume' window. (BZ#850452)
  • The new Red Hat Support plug-in for Red Hat Storage is a Technology
    Preview feature that offers seamless, integrated access to the Red Hat
    subscription services from the Red Hat Customer Portal. Subscribers who
    install this plug-in can access these features:
  • Create, manage, and update the Red Hat support cases.
  • Conveniently access exclusive Red Hat knowledge and solutions.
  • Search error codes, messages, etc. and view related knowledge from the
    Red Hat Customer Portal. (BZ#999245)
  • A new 'Event ID' column is added to the 'Events' table in the 'Advanced
    View' of 'Events' tab which allows users to see the ID of each event in the
    'Events' tab. (BZ#889942)
  • A new feature is added to manage and monitor the hooks on the Console. It
    also reports changes in the hooks and checks for new hook scripts by
    polling at regular intervals. (BZ#850483)
  • A new 'Optimize for Virt Store' option is added to optimize a volume to
    use it as a virt store. The system sets the "virt" group option on the
    volume and also the following two volume options:
  • storage.owner-uid=36
  • storage.owner-gid=36

This option is available during volume creation and also for existing
volumes. (BZ#891493, BZ#891491)

All users of Red Hat Storage Server 2.1 are advised to upgrade to these
updated packages.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

  • Red Hat Gluster Storage Management Console (for RHEL Server) 2.1 x86_64

Fixes

  • BZ - 785631 - CVE-2011-5245 CVE-2012-0818 RESTEasy: XML eXternal Entity (XXE) flaw
  • BZ - 855271 - Collecting support data from all storage nodes through RHSC
  • BZ - 863929 - RFE: [RHEVM/RHSC] AddBrick button is currently positioned incorrectly creating confusion
  • BZ - 887806 - [RHSC] RFE: Field to display Volume ID
  • BZ - 889942 - [RHSC] RFE: Field to display code corresponding to each event in the Events tab

CVEs

  • CVE-2012-0818

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/support/offerings/techpreview/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Gluster Storage Management Console (for RHEL Server) 2.1

SRPM
otopi-1.1.0-1.el6ev.src.rpm SHA-256: 7a20857db4ad130d4c11f03e1d414d722d252cc3a4633ccd83554a284a33ea4b
ovirt-host-deploy-1.1.0-1.el6ev.src.rpm SHA-256: e6c884bc85603dcecdb32bac355312c2bdc54381fd99b360d8abb107bb6621d4
python-daemon-1.5.2-1.el6.src.rpm SHA-256: 77df95cd39f16cf585269e96e5e4830421d64f074698c7d359d7bd7804b214a3
python-kitchen-1.1.1-2.el6ev.src.rpm SHA-256: 6e7741f850dbf97470827c55192a09bcfe95aa2af72e8e4ee63fa680c5e6e7b2
python-lockfile-0.8-5.el6.src.rpm SHA-256: 5150a12e3ae0393b28a8dbfe511db5fb15d416571bf618e52aa0b5adc69f8879
python-ply-3.3-7.el6ev.src.rpm SHA-256: 714c36bd0a7ccf4dc8b45085f8379c6f0d74d329d3973f6e8bccead0f3535e20
redhat-access-plugin-storage-2.1.0-0.el6rhs.src.rpm SHA-256: 4540cf2161d390f77423ccc0b866ee0962ee8a56dec4836bc4fe4c7340b0129d
rhsc-2.1.0-0.bb10.el6rhs.src.rpm SHA-256: 49f4ea372d43169397c0ddc90ac4ceda0e2be340ca2eed58b17e3c00e3d632a5
rhsc-cli-2.1.0.0-0.bb3a.el6rhs.src.rpm SHA-256: febcdec495ab4bb9969ff4d5de9723962d1f579078039d6b1bb17f51498c10d6
rhsc-log-collector-2.1-0.1.el6rhs.src.rpm SHA-256: 3bdff54dba38d2ba80ccb6eb0cbff6f761335717c0c7692ff4248780d0001608
rhsc-sdk-2.1.0.0-0.bb3a.el6rhs.src.rpm SHA-256: 552a7f6054dc964cacc436764369ed05a8bd608ff33dbf910017cc433b03489a
x86_64
otopi-1.1.0-1.el6ev.noarch.rpm SHA-256: 3284733c6b04f27d7d9e9898ed9ab0083064f5af71fd34703d794b0390609715
otopi-devel-1.1.0-1.el6ev.noarch.rpm SHA-256: 47ca2aa474a4828d9214d20f4c35c6900c332a9da520f0f866e034dd18ec7362
otopi-java-1.1.0-1.el6ev.noarch.rpm SHA-256: 323f6a13a89410ec2640d82344a18ab1a8cf9e82d6f6adee7a96f17542b3c1a8
otopi-repolib-1.1.0-1.el6ev.noarch.rpm SHA-256: 1bc41118d75eff5586526edce09e0ed6b9caed614116ba9cd7563a20a3a94c19
ovirt-host-deploy-1.1.0-1.el6ev.noarch.rpm SHA-256: b5c67a178cc89797930dbe09f9874e8f0b577b29f70f338960b6abf14872efd5
ovirt-host-deploy-java-1.1.0-1.el6ev.noarch.rpm SHA-256: 072df368c4a9564e68fe6ae002acdff866f9486f4f4112fc21bd3a556056bfe4
ovirt-host-deploy-repolib-1.1.0-1.el6ev.noarch.rpm SHA-256: eb3a75f421ea0e99cd2f37dfafc8c2185e8c030d58dc043667f5f3c3b2ee2f3d
python-daemon-1.5.2-1.el6.noarch.rpm SHA-256: 83f1b9467ddb636ea13fd4805b34f84d21a1b53253dbf0fd00cab13e138b6f7f
python-kitchen-1.1.1-2.el6ev.noarch.rpm SHA-256: 9a48b73251fa19e8c80e3eda55d80905634a0cc400f62647403f9273f8c29d9e
python-lockfile-0.8-5.el6.noarch.rpm SHA-256: 7bd6d47b7da1b9cb804056a43dbea4d3a851e2e7956fd8ef81f24b9322e7e72f
python-ply-3.3-7.el6ev.noarch.rpm SHA-256: 053727954464a2fa9755c06db33ad2db1a3db732861bdabfd09fe197c1cebc5a
redhat-access-plugin-storage-2.1.0-0.el6rhs.noarch.rpm SHA-256: 3e83b4ed2bcd23153fff36e6f1ea045880a36c5186f058e330b8f6f8e2d4ea01
rhsc-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 20d0914e1de841d44aa2b48ca456f8170a88306c2cd39d854a70d7884f140c11
rhsc-backend-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 8e0ee8701169e7c303f6adc8d1f7104b595e8d743f2bb70c9ad96d3e7ba9e874
rhsc-cli-2.1.0.0-0.bb3a.el6rhs.noarch.rpm SHA-256: 00a1e8b0fab115e7a20135e8147bdfe399d4006a29c2c45d46cdfa1e0c3bda29
rhsc-dbscripts-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 4ddab4a9ab3e9ad6e15d487b038f4e30c85f75b68d38ab7a118a14eac47a2243
rhsc-log-collector-2.1-0.1.el6rhs.noarch.rpm SHA-256: eba03b1361ddb9dc6d70354fa2a909b8d43fa3a37f396906dd7ce71323a5b254
rhsc-restapi-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 5fb17b995b1fe8ecf83aa26d5710e64387b74de348a779ea432c9ac405c790e3
rhsc-sdk-2.1.0.0-0.bb3a.el6rhs.noarch.rpm SHA-256: 609eb05edd2c19c2f8580c8a075a5ec3381d67935aaaa415b60d83643c8bd91d
rhsc-setup-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 1f97313ca6bce3c4adcfbd8d2b9da576c4481968b103d8ce4a769ab31c411d3d
rhsc-tools-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 752949ad9e550a8ac239bf4b26ea2689f40102532e0d663f55c5713b56947fb0
rhsc-webadmin-portal-2.1.0-0.bb10.el6rhs.noarch.rpm SHA-256: 06bc9196619d0a1990b765ea051fd792183723f222555ef31e578a230a993113

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • openshift.com
  • developers.redhat.com
  • connect.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2021 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter Facebook