- Issued:
- 2017-02-27
- Updated:
- 2017-02-27
RHSA-2017:0320 - Moderate: CFME 5.7.1 bug fixes and enhancement update
Synopsis
Moderate: CFME 5.7.1 bug fixes and enhancement update
Type/Severity
Security Advisory Moderate
Topic
Updated cfme packages that fix bugs and add various enhancements are now available for Red Hat CloudForms 4.2.
Description
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
This update fixes various bugs and adds several enhancements. Documentation for these changes is available in the Release Notes linked to in the References section.
Security Fix(es):
- A logic error in valid_role() in CloudForms role validation could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges. (CVE-2017-2632)
This issue was discovered by Matouš Mojžíš (Red Hat).
All CFME users are advised to upgrade to these updated packages, which correct these issues and add these enhancements.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat CloudForms | 4.2 | x86_64 |
Updated Packages
- cfme-5.7.1.3-1.el7cf.src.rpm
- cfme-appliance-5.7.1.3-1.el7cf.src.rpm
- cfme-gemset-5.7.1.3-1.el7cf.x86_64.rpm
- cfme-appliance-debuginfo-5.7.1.3-1.el7cf.x86_64.rpm
- cfme-5.7.1.3-1.el7cf.x86_64.rpm
- cfme-gemset-5.7.1.3-1.el7cf.src.rpm
- cfme-appliance-5.7.1.3-1.el7cf.x86_64.rpm
- cfme-debuginfo-5.7.1.3-1.el7cf.x86_64.rpm
Fixes
- This content is not included.BZ - 1382768
- This content is not included.BZ - 1390729
- This content is not included.BZ - 1390731
- This content is not included.BZ - 1391748
- This content is not included.BZ - 1391750
- This content is not included.BZ - 1391757
- This content is not included.BZ - 1394331
- This content is not included.BZ - 1394339
- This content is not included.BZ - 1394341
- This content is not included.BZ - 1394844
- This content is not included.BZ - 1395304
- This content is not included.BZ - 1395839
- This content is not included.BZ - 1395840
- This content is not included.BZ - 1395857
- This content is not included.BZ - 1395898
- This content is not included.BZ - 1396222
- This content is not included.BZ - 1396238
- This content is not included.BZ - 1396239
- This content is not included.BZ - 1396240
- This content is not included.BZ - 1396241
- This content is not included.BZ - 1396243
- This content is not included.BZ - 1396575
- This content is not included.BZ - 1396576
- This content is not included.BZ - 1396577
- This content is not included.BZ - 1396580
- This content is not included.BZ - 1397151
- This content is not included.BZ - 1397154
- This content is not included.BZ - 1397157
- This content is not included.BZ - 1397158
- This content is not included.BZ - 1397159
- This content is not included.BZ - 1397248
- This content is not included.BZ - 1397416
- This content is not included.BZ - 1397509
- This content is not included.BZ - 1397532
- This content is not included.BZ - 1397874
- This content is not included.BZ - 1399207
- This content is not included.BZ - 1399208
- This content is not included.BZ - 1399209
- This content is not included.BZ - 1399211
- This content is not included.BZ - 1399214
- This content is not included.BZ - 1399216
- This content is not included.BZ - 1399221
- This content is not included.BZ - 1399669
- This content is not included.BZ - 1399677
- This content is not included.BZ - 1399679
- This content is not included.BZ - 1400202
- This content is not included.BZ - 1400204
- This content is not included.BZ - 1400212
- This content is not included.BZ - 1400303
- This content is not included.BZ - 1400616
- This content is not included.BZ - 1400704
- This content is not included.BZ - 1401017
- This content is not included.BZ - 1401018
- This content is not included.BZ - 1401030
- This content is not included.BZ - 1401044
- This content is not included.BZ - 1401103
- This content is not included.BZ - 1401935
- This content is not included.BZ - 1401956
- This content is not included.BZ - 1401957
- This content is not included.BZ - 1402118
- This content is not included.BZ - 1402138
- This content is not included.BZ - 1402139
- This content is not included.BZ - 1402162
- This content is not included.BZ - 1402524
- This content is not included.BZ - 1402526
- This content is not included.BZ - 1402527
- This content is not included.BZ - 1402528
- This content is not included.BZ - 1402529
- This content is not included.BZ - 1403011
- This content is not included.BZ - 1403019
- This content is not included.BZ - 1403981
- This content is not included.BZ - 1403983
- This content is not included.BZ - 1404316
- This content is not included.BZ - 1404365
- This content is not included.BZ - 1404427
- This content is not included.BZ - 1404431
- This content is not included.BZ - 1404447
- This content is not included.BZ - 1404454
- This content is not included.BZ - 1404526
- This content is not included.BZ - 1404669
- This content is not included.BZ - 1404746
- This content is not included.BZ - 1404825
- This content is not included.BZ - 1404827
- This content is not included.BZ - 1405193
- This content is not included.BZ - 1405197
- This content is not included.BZ - 1405200
- This content is not included.BZ - 1405201
- This content is not included.BZ - 1405640
- This content is not included.BZ - 1405641
- This content is not included.BZ - 1406160
- This content is not included.BZ - 1406161
- This content is not included.BZ - 1406163
- This content is not included.BZ - 1406167
- This content is not included.BZ - 1406434
- This content is not included.BZ - 1406798
- This content is not included.BZ - 1408278
- This content is not included.BZ - 1410516
- This content is not included.BZ - 1410535
- This content is not included.BZ - 1410587
- This content is not included.BZ - 1410588
- This content is not included.BZ - 1410791
- This content is not included.BZ - 1410817
- This content is not included.BZ - 1410818
- This content is not included.BZ - 1410819
- This content is not included.BZ - 1410828
- This content is not included.BZ - 1410831
- This content is not included.BZ - 1410844
- This content is not included.BZ - 1410845
- This content is not included.BZ - 1410846
- This content is not included.BZ - 1410851
- This content is not included.BZ - 1410927
- This content is not included.BZ - 1411350
- This content is not included.BZ - 1411351
- This content is not included.BZ - 1411353
- This content is not included.BZ - 1411357
- This content is not included.BZ - 1411358
- This content is not included.BZ - 1411359
- This content is not included.BZ - 1411362
- This content is not included.BZ - 1411364
- This content is not included.BZ - 1411368
- This content is not included.BZ - 1411369
- This content is not included.BZ - 1411370
- This content is not included.BZ - 1411372
- This content is not included.BZ - 1411373
- This content is not included.BZ - 1411433
- This content is not included.BZ - 1411459
- This content is not included.BZ - 1411461
- This content is not included.BZ - 1411463
- This content is not included.BZ - 1411466
- This content is not included.BZ - 1411471
- This content is not included.BZ - 1411473
- This content is not included.BZ - 1411478
- This content is not included.BZ - 1411507
- This content is not included.BZ - 1411509
- This content is not included.BZ - 1411511
- This content is not included.BZ - 1411514
- This content is not included.BZ - 1411516
- This content is not included.BZ - 1411517
- This content is not included.BZ - 1411518
- This content is not included.BZ - 1411519
- This content is not included.BZ - 1411791
- This content is not included.BZ - 1411793
- This content is not included.BZ - 1411797
- This content is not included.BZ - 1411878
- This content is not included.BZ - 1411880
- This content is not included.BZ - 1411881
- This content is not included.BZ - 1411882
- This content is not included.BZ - 1411885
- This content is not included.BZ - 1411941
- This content is not included.BZ - 1411973
- This content is not included.BZ - 1411975
- This content is not included.BZ - 1411982
- This content is not included.BZ - 1412206
- This content is not included.BZ - 1412221
- This content is not included.BZ - 1412279
- This content is not included.BZ - 1412280
- This content is not included.BZ - 1412283
- This content is not included.BZ - 1412284
- This content is not included.BZ - 1412285
- This content is not included.BZ - 1412286
- This content is not included.BZ - 1412287
- This content is not included.BZ - 1412288
- This content is not included.BZ - 1412289
- This content is not included.BZ - 1412290
- This content is not included.BZ - 1412291
- This content is not included.BZ - 1412293
- This content is not included.BZ - 1412312
- This content is not included.BZ - 1412314
- This content is not included.BZ - 1412315
- This content is not included.BZ - 1412316
- This content is not included.BZ - 1412383
- This content is not included.BZ - 1412396
- This content is not included.BZ - 1412682
- This content is not included.BZ - 1412738
- This content is not included.BZ - 1412740
- This content is not included.BZ - 1412825
- This content is not included.BZ - 1413086
- This content is not included.BZ - 1413103
- This content is not included.BZ - 1413113
- This content is not included.BZ - 1413119
- This content is not included.BZ - 1413123
- This content is not included.BZ - 1413154
- This content is not included.BZ - 1413167
- This content is not included.BZ - 1413205
- This content is not included.BZ - 1413207
- This content is not included.BZ - 1413210
- This content is not included.BZ - 1413212
- This content is not included.BZ - 1413621
- This content is not included.BZ - 1413677
- This content is not included.BZ - 1413695
- This content is not included.BZ - 1413769
- This content is not included.BZ - 1414012
- This content is not included.BZ - 1414013
- This content is not included.BZ - 1414014
- This content is not included.BZ - 1414015
- This content is not included.BZ - 1414550
- This content is not included.BZ - 1414583
- This content is not included.BZ - 1414848
- This content is not included.BZ - 1414870
- This content is not included.BZ - 1414872
- This content is not included.BZ - 1414876
- This content is not included.BZ - 1414882
- This content is not included.BZ - 1414884
- This content is not included.BZ - 1414885
- This content is not included.BZ - 1414886
- This content is not included.BZ - 1414887
- This content is not included.BZ - 1414888
- This content is not included.BZ - 1414889
- This content is not included.BZ - 1414891
- This content is not included.BZ - 1415217
- This content is not included.BZ - 1415247
- This content is not included.BZ - 1415248
- This content is not included.BZ - 1415332
- This content is not included.BZ - 1415333
- This content is not included.BZ - 1415754
- This content is not included.BZ - 1415755
- This content is not included.BZ - 1415756
- This content is not included.BZ - 1416001
- This content is not included.BZ - 1416077
- This content is not included.BZ - 1416093
- This content is not included.BZ - 1416821
- This content is not included.BZ - 1416826
- This content is not included.BZ - 1417197
- This content is not included.BZ - 1417974
- This content is not included.BZ - 1418400
- This content is not included.BZ - 1418749
- This content is not included.BZ - 1418846
- This content is not included.BZ - 1419186
- This content is not included.BZ - 1419680
- This content is not included.BZ - 1419738
- This content is not included.BZ - 1420555
- This content is not included.BZ - 1420888
- This content is not included.BZ - 1420916
- This content is not included.BZ - 1420917
- This content is not included.BZ - 1422178
- This content is not included.BZ - 1422241
- This content is not included.BZ - 1423031
- This content is not included.BZ - 1423033
- This content is not included.BZ - 1424260
- This content is not included.BZ - 1424275
- This content is not included.BZ - 1424977
CVEs
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.