—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256

=====================================================================
Red Hat Security Advisory

Synopsis: Moderate: CloudForms 4.6.5 security, bug fix and enhancement update
Advisory ID: RHSA-2018:3466-01
Product: Red Hat CloudForms
Advisory URL: https://access.redhat.com/errata/RHSA-2018:3466
Issue date: 2018-11-05
Cross references: RHSA-2018:2561
CVE Names: CVE-2018-1000544
=====================================================================

1. Summary:

An update is now available for CloudForms Management Engine 5.9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

CloudForms Management Engine 5.9 – x86_64

3. Description:

Red Hat CloudForms Management Engine delivers the insight, control, and
automation needed to address the challenges of managing virtual
environments. CloudForms Management Engine is built on Ruby on Rails, a
model-view-controller (MVC) framework for web application development.
Action Pack implements the controller and the view components.

Security Fix(es):

* rubyzip: arbitrary file write vulnerability / arbitrary code execution
using a specially crafted zip file (CVE-2018-1000544)

For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.

Additional Changes:

This update fixes various bugs and adds enhancements. Documentation for
these changes is available from the Release Notes document.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1592571 – Service Dialog Editor localization in French Incomplete
1593001 – CVE-2018-1000544 rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file
1599349 – API with an invalid zone name kill the appliance
1603026 – Vim Performance States Table Causing Region to Lock up During a Vacuum
1607409 – The remote_ws_url value does not failover if the appliance is stopped, so “api_url” can be incorrect in an Ansible playbook
1607438 – Alerts do not trigger and do not send email notification
1608368 – Ansible Jobs Causing State Machine to Fail due to Inactivity Threshold Exceeding 0
1608770 – custom buttom page empty
1612905 – internal server error when cloud_tenants or flavors subcollection is requested on infra provider
1613333 – Couldn’t find EmsFolder with ‘id’
1613420 – OpenStack deletion gives problem
1615465 – Using database wildcard `%25` in VM queries causes exception, returns 500 to client
1618800 – Open URL Does Not Work When Using a DIalog with a Button
1618805 – CloudForms tries to collect metrics from OCP despite not being configured for it
1618807 – [RFE] Restore VM ownership and retirement during migration
1618808 – Migrations linking jobs and miq_tasks could take long time when upgrading to 5.9
1619431 – [v2v] Network Missing in Infra Mapping
1619654 – [v2v] Schedule Unschedule Migration does not seem to work correctly
1621441 – Change VMware URI to connect directly to ESXi
1621445 – Default Dashboard can’t be updated
1621449 – Fix displaying disk type of a VM created from template and passing clone parameter to RHV
1622631 – reports using “group by” on date show a total column per vm instead of showing a total at the end of the report
1622652 – Service Retirement runs twice for direct service children
1623557 – virt-v2v Fails with IMS when Using AD Credentials for VMware Provider
1623559 – [RFE] Add state_machine_phase attribute to transformation state machines
1623560 – Dynamic Text Area and Text Box Elements Load Even Though Load on Init is not Marked
1623561 – displaying -Child Orchestration Stacks- throwing UI error
1623563 – unable to generate chargeback based on metering for vms with traceback in logs
1623565 – Add log messages to Chargeback
1623573 – unable to add disk to vm via rest-api vm reconfiguration on vmware [request backport from existing commit]
1623582 – Change in chargeback report logging output
1625249 – Read Action Forbidden When User Tries to Attach Cloud Volume OpenStack
1625323 – UI breaks when viewing instance details.
1625376 – Wrong timezone when selecting retirement time
1626143 – Storage Domain ignored on provisioning
1626219 – nuage refresh fails – undefined method `[]’ … security_groups
1626474 – Handle service retirement date in service dialog
1628348 – Update to Azure Government endpoint
1628657 – Unable to retry Embedded Ansible method in a state machine
1629089 – [RFE] Add more RAM options size to life cycle dialog
1629090 – [SSUI] Able to create snapshot with memory on powered down VM
1629094 – Make the checkbox column in the column view not click-able
1629121 – When a button is for ‘single and list’ or ‘list’ and has a visibility expression, the button does not display in the list view even when all VMs in the list meet the expression
1629124 – giving volume name shouldn’t be mandatory in case of Openstack instance provisioning
1629125 – OSP domain user seen objects from other domain tenants
1629126 – [RFE] Add support to oVirt provider to set VM memory and CPU
1629127 – UI Monitor Alerts page is slow to load and when clicking on link it shows blank page with no alerts
1629129 – Cannot add Ansible Tower or refresh already added Ansible Tower
1629897 – Memory threshold set from Workers tab doesn’t work
1630938 – Refactor restoring VM attributes during migration
1631557 – Unable to provision VM with “choose automatic option”
1631817 – Not able to access Openstack instance console from selfservice portal
1632769 – Triggered Refresh Still Occurs for Dialog After Changing Type to Static
1634032 – To be able to add and create reports, the edit report role is needed.
1634808 – Password hashes in Automate Log
1635038 – VMware vCloud Provider’s vApp Provisioning Dialog Cannot be Submitted
1635764 – Power management via API falling into the wrong zone leading to permanently queued requests
1637035 – Add transformation utils methods
1637185 – [RHV] ISO provisioning fails with undefined SDK method
1637720 – Unable to see chargeback rate under rates accordion
1638684 – VMware vCloud Provider’s vApp Service Cannot be Fully Retired
1639300 – Unable to perform chargeback assignments for compute
1639413 – When ordering a service via the API the service dialog is not executed
1639877 – Can’t change Server’s Zone
1641670 – [regression][Custom Button] Unexpected error encountered in infrastructure and datastore object type when method and dialog both attached
1641810 – undefined method `find_tagged_with’ for #<Class:0x000000000b5e3228> [miq_request/show_list]

6. Package List:

CloudForms Management Engine 5.9:

Source:
ansible-tower-3.2.7-1.el7at.src.rpm
cfme-5.9.5.3-1.el7cf.src.rpm
cfme-amazon-smartstate-5.9.5.3-1.el7cf.src.rpm
cfme-appliance-5.9.5.3-1.el7cf.src.rpm
cfme-gemset-5.9.5.3-1.el7cf.src.rpm

x86_64:
ansible-tower-3.2.7-1.el7at.x86_64.rpm
ansible-tower-server-3.2.7-1.el7at.x86_64.rpm
ansible-tower-setup-3.2.7-1.el7at.x86_64.rpm
ansible-tower-ui-3.2.7-1.el7at.x86_64.rpm
ansible-tower-venv-ansible-3.2.7-1.el7at.x86_64.rpm
ansible-tower-venv-tower-3.2.7-1.el7at.x86_64.rpm
cfme-5.9.5.3-1.el7cf.x86_64.rpm
cfme-amazon-smartstate-5.9.5.3-1.el7cf.x86_64.rpm
cfme-appliance-5.9.5.3-1.el7cf.x86_64.rpm
cfme-appliance-common-5.9.5.3-1.el7cf.x86_64.rpm
cfme-appliance-debuginfo-5.9.5.3-1.el7cf.x86_64.rpm
cfme-appliance-tools-5.9.5.3-1.el7cf.x86_64.rpm
cfme-debuginfo-5.9.5.3-1.el7cf.x86_64.rpm
cfme-gemset-5.9.5.3-1.el7cf.x86_64.rpm
cfme-gemset-debuginfo-5.9.5.3-1.el7cf.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-1000544
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_cloudforms/4.6/html/release_notes

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2018 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIVAwUBW+BM7dzjgjWX9erEAQgslw/8DEgNrrVa720mqy/N2URv8ozTMKEbojHN
zSTMbDy+uHxz3ei8Qv2dPDgy06tNgz24XAojc2V9S4kGvOLn4+m7vbtgyLgO/S8h
JGoEqXn2kRiQLG5S7guM3/jwj5/zkJjxo+wAhm1pZ+/+i/gcdj8ilriU4JRHTDez
Cv2qwhoD0/9LZsRirXf3e/BDT3nwGn1hAul1m0fK8AuXKaQx9jUU6pHQ7oFejL8g
k05A+Egb6Uko7jPng2AFi0qf79LTS0VdZqJdb4fCTEwA7BnP6KIoYJIxA+ASb1G/
XCnXuLPHgZQUFY+f26xuU7904p/2scN+XOHVgBXg8sVgKL4V1z77LfzvymERRCOZ
8fnkqGNfHFBCKUjnbS6w+qTFZSWB+rimEKMmS9JfJ4MqaRLJ/CS/UbytCJ4yZiqI
KwkV9B3gmqJJlcloq7Upeu+W/K+AjCcAVy72OkOjKj8fyCw4fu+zzO5AYMcOou63
QSDah1bZCOIib50L1YL59/i8qSP8Sfw+BdjLc0uuKD9TYkg+ea6FAjew3QsqFfmx
/+c+V/q0yfaHJKTuE7qbwu7oT8bD0gqsLpnfL3O0NjrsSNej1BZpBE2zSlGXFRkp
RwpgmaCH8CH0MRJ/y6PoGcN1nq1hk27hz6yeQD1bHbBdDzPMgucCirQg31ETmI+K
Y82FHX4wIVU=
=2gRR
—–END PGP SIGNATURE—–

—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce