Operating System:

[RedHat]

Published:

26 January 2017

Protect yourself against future threats.

//Service

Member Security Incident Notifications

Be proactive with your security and receive our daily Member Security Incident Notifications (MSINs) custom to your network.

Read more
Resources > Security Bulletins > ESB-2017.0227 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.0227
        Red Hat Satellite 5 and Red Hat Satellite Proxy 5 - 60 day
                            End Of Life Notice
                              26 January 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Red Hat Satellite 5
                   Red Hat Satellite Proxy 5
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 5
                   Red Hat Enterprise Linux WS/Desktop 5
Impact/Access:     Reduced Security -- Unknown/Unspecified
Resolution:        Patch/Upgrade

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2017-0191.html
   https://rhn.redhat.com/errata/RHSA-2017-0192.html

Comment: This bulletin contains two (2) Red Hat security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Low: Red Hat Satellite 5 - 60 day End Of Life Notice
Advisory ID:       RHSA-2017:0191-01
Product:           Red Hat Satellite
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2017-0191.html
Issue date:        2017-01-25
=====================================================================

1. Summary:

This is the 60 day notification of the End Of Life (EOL) plans for the 
following versions of Red Hat Satellite 5:

* Red Hat Satellite 5.6 on Red Hat Enterprise Linux 5

2. Relevant releases/architectures:

Red Hat Satellite 5.6 (RHEL v.5) - noarch

3. Description:

After March 31, 2017, as per the life-cycle support policy for Red Hat
Satellite, Red Hat will discontinue technical support services as well as
software maintenance services for all Red Hat Satellite and Proxy versions
5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit
the existing Limited Maintenance Release phase. This means that new bug
fixes, security updates, and product enhancements will no longer be
provided for the following product versions:

* Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5

Details of the Satellite support policy can be found at:

https://access.redhat.com/support/policy/updates/satellite/

For detailed instructions on upgrading Red Hat Network Satellite, please
refer to the /etc/sysconfig/rhn/satellite-upgrade/README file. This can
be found within the rhn-upgrade package. Before proceeding, it is
important to read the complete details, contained within the most current
rhn-upgrade package README file.

As with all Satellite upgrades, please ensure that known good backups are
available, especially of the database.

Notes:

1) Red Hat will continue to support Red Hat Satellite and Proxy on Red Hat
Enterprise Linux 6 and later.

2) Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 will
be EOL on March 31 2017.

How to proceed:

* All affected Satellite and Proxy users must plan to upgrade to a newer
version prior to March 31 2017.

* Find an overview of various aspects for this upcoming EOL date at:

https://access.redhat.com/articles/2868391

* If you have a Technical Account Manager, contact that person immediately
to discuss upgrade plans.

* Otherwise, contact Red Hat support for assistance at:

https://www.redhat.com/en/services/support

* Alternatively, Red Hat Consulting can be engaged to assist with a smooth
migration, see https://www.redhat.com/en/services/consulting.

More information on Red Hat Consulting for Satellite can be found in the
PDF document linked to in the References section.

It is critical to ensure you have a plan to migrate to Red Hat Enterprise
Linux 6 prior to March 31, 2017.

Customers who choose to continue to deploy on Red Hat Enterprise Linux 5
will continue to have access via Red Hat Network (RHN) to the following
content as part of their active Red Hat Satellite subscription:

* Previously released bug fixes, security updates, and product
enhancements.

* Red Hat Knowledgebase and other content (whitepapers, reference
architectures, etc.) found in the Red Hat Customer Portal.

* All Red Hat Satellite documentation.

Customers are strongly encouraged to take advantage of the upgrade
benefits their active Red Hat Satellite subscription has, and migrate to an
active version of Red Hat Satellite such as version 5.6 or 5.7.

Details of the Red Hat Satellite life-cycle can be found at:

https://access.redhat.com/support/policy/updates/satellite/

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1414121 - Satellite 5.6 on RHEL 5 60 day EoL

6. Package List:

Red Hat Satellite 5.6 (RHEL v.5):

Source:
spacewalk-certs-tools-2.0.1-3.el5sat.src.rpm

noarch:
spacewalk-certs-tools-2.0.1-3.el5sat.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/updates/classification/#low
https://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFYiIuzXlSAg2UNWIIRAgYcAJsF4wtbxHFfxRbGbpVj16TbEBTx8ACfTgNi
qUPI5hr/rX7zkUhg63T4KUE=
=DvuW
- -----END PGP SIGNATURE-----

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Low: Red Hat Satellite Proxy 5 - 60 day End Of Life Notice
Advisory ID:       RHSA-2017:0192-01
Product:           Red Hat Satellite Proxy
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2017-0192.html
Issue date:        2017-01-25
=====================================================================

1. Summary:

This is the 60 day notification of the End Of Life (EOL) plans for the 
following versions of Red Hat Satellite 5:

* Red Hat Satellite 5.6 on Red Hat Enterprise Linux 5

2. Relevant releases/architectures:

Red Hat Satellite Proxy 5.6 (RHEL v.5) - noarch

3. Description:

After March 31, 2017, as per the life-cycle support policy for Red Hat
Satellite, Red Hat will discontinue technical support services as well as
software maintenance services for all Red Hat Satellite and Proxy versions
5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit
the existing Limited Maintenance Release phase. This means that new bug
fixes, security updates, and product enhancements will no longer be
provided for the following product versions:

* Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5

Details of the Satellite support policy can be found at:

https://access.redhat.com/support/policy/updates/satellite/

Notes:

1) Red Hat will continue to support Red Hat Satellite and Proxy on Red Hat
Enterprise Linux 6 and later.

2) Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 will
be EOL on March 31 2017.

How to proceed:

* All affected Satellite and Proxy users must plan to upgrade to a newer
version prior to March 31 2017.

* Find an overview of various aspects for this upcoming EOL date at:

https://access.redhat.com/articles/2868391

* If you have a Technical Account Manager, contact that person immediately
to discuss upgrade plans.

* Otherwise, contact Red Hat support for assistance at:

https://www.redhat.com/en/services/support

* Alternatively, Red Hat Consulting can be engaged to assist with a smooth
migration, see https://www.redhat.com/en/services/consulting.

More information on Red Hat Consulting for Satellite can be found in the
PDF document linked to in the References section.

It is critical to ensure you have a plan to migrate to Red Hat Enterprise
Linux 6 prior to March 31, 2017.

Customers who choose to continue to deploy on Red Hat Enterprise Linux 5
will continue to have access via Red Hat Network (RHN) to the following
content as part of their active Red Hat Satellite subscription:

* Previously released bug fixes, security updates, and product
enhancements.

* Red Hat Knowledgebase and other content (whitepapers, reference
architectures, etc.) found in the Red Hat Customer Portal.

* All Red Hat Satellite documentation.

Customers are strongly encouraged to take advantage of the upgrade
benefits their active Red Hat Satellite subscription has, and migrate to an
active version of Red Hat Satellite such as version 5.6 or 5.7.

Details of the Red Hat Satellite life-cycle can be found at:

https://access.redhat.com/support/policy/updates/satellite/

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1414122 - Satellite Proxy 5.6 on RHEL 5 60 day EoL

6. Package List:

Red Hat Satellite Proxy 5.6 (RHEL v.5):

Source:
spacewalk-certs-tools-2.0.1-3.el5sat.src.rpm

noarch:
spacewalk-certs-tools-2.0.1-3.el5sat.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/updates/classification/#low
https://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFYiIx2XlSAg2UNWIIRAsQrAJ9+wKdEZwkdkpswUYJkQtF/XK7feACfbcrG
7xRLp4M8zy+kwSnTvvfgtOo=
=G0IV
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWIlMTIx+lLeg9Ub1AQjSLA//WMWKYJuzvMsjuEWCJdIDMPblRmo0BvKQ
ECkEutajMMfoN8wMjXQFZy9RxxsX//F8c8NhsfCiM+Z6X08inMVOntx+rmf2GueB
XIUiwXWJxQvv2WHvQ2CWC3tkWlyFjxEeMZmCTLp0+/GipiDBlrH6VIuH5dOFUHV9
5PrXtKEmNkhQQfU7/J+GozCcELm//77rrh8ANXSvIiEPIsIFaZPZleangi74PRnx
KSr0dAV0GJywNhyzbq24SSpUjO6z3B2ypf9x80fGb3tM68wgAiSGnCIgB1NF37W1
5SjqFlRabdmL9GT48rbD9v8LxA35FYpdns8b0eGqL9Bwar6fCaYhbhUUePMnvvHb
BWklUolwN1yi2jl1lcnM3TKU3yHCg6Kct0z+MaH7u2ZQ44SI0XN8pH/1a+IDxfpM
KxHZTlAZs7c2Ecpjx0xfo0npvsm1Ryhtzb+qRgDWFIbmwMTM/GYm3PXDF3lJ7yV9
QUKxol44oSDDU3iVksm7MpXcuNi2169PDpyKdm6kUmgIGSeNeyd/0OqVPU1qN3Nq
/H/YJlCGgtuOx2wf/J0A/ku8PtLn1wUrzmi443wAXh5UNtJbwbfAkXCeh8k2bTTX
CgqkEh9ZTjzXmCsWob/fibZO3j/9rwi1Jh4YEXnEu9sxGtoTy1GnhnudjZ4jgsbK
M/GRDEFrVdo=
=5ccz
-----END PGP SIGNATURE-----