Red Hat Satellite 6 missing latest rubygem-rake package

Solution Verified - Updated -

Environment

  • Red Hat Satellite 6.x

Issue

  • Latest rubygem-rake is not available in satellite-6.x repository.
  • Available rubygem-rake on satellite repository is vulnerable to following CVE:

Resolution

  • This is a known issue and escalated to the engineering team via Bugzilla.
  • Use following workaround provided by the engineering for the time being:

    # foreman-maintain packages unlock
    # yum --downloadonly --downloaddir=/root --enablerepo=rhel-7-server-optional-rpms install rubygem-rake
    # yum update ./rubygem-rake-0.9.6-36.el7.noarch.rpm
    # foreman-maintain packages lock
    # foreman-maintain service restart
    

Diagnostic Steps

  • To check the installed version of rubygem-rake on your satellite:

    # rpm -qa rubygem-rake
    rubygem-rake.noarch-0.9.2.2-41.el7sat 
    
    # yum list-sec --enablerepo=rhel-7-server-optional-rpms | grep rubygem-rake
    RHSA-2018:0378 Important/Sec. rubygem-rake-0.9.6-33.el7_4.noarch
    RHSA-2018:3738 Important/Sec. rubygem-rake-0.9.6-34.el7_6.noarch
    

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

4 Comments

Why didn't this make it into the repo yet?

As per the Bugzilla status, this will be added on satellite 6.8.

For 6.6 you need:

foreman-maintain packages unlock
yum --downloadonly --downloaddir=/root --enablerepo=rhel-7-server-optional-rpms install rubygem-rake
yum update ./rubygem-rake-0.9.6-36.el7.noarch.rpm
foreman-maintain packages lock

Thanks Jerry, solution updated...