Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.0227 Red Hat Satellite 5 and Red Hat Satellite Proxy 5 - 60 day End Of Life Notice 26 January 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Satellite 5 Red Hat Satellite Proxy 5 Publisher: Red Hat Operating System: Red Hat Enterprise Linux Server 5 Red Hat Enterprise Linux WS/Desktop 5 Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://rhn.redhat.com/errata/RHSA-2017-0191.html https://rhn.redhat.com/errata/RHSA-2017-0192.html Comment: This bulletin contains two (2) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Satellite 5 - 60 day End Of Life Notice Advisory ID: RHSA-2017:0191-01 Product: Red Hat Satellite Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0191.html Issue date: 2017-01-25 ===================================================================== 1. Summary: This is the 60 day notification of the End Of Life (EOL) plans for the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.6 on Red Hat Enterprise Linux 5 2. Relevant releases/architectures: Red Hat Satellite 5.6 (RHEL v.5) - noarch 3. Description: After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: * Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at: https://access.redhat.com/support/policy/updates/satellite/ For detailed instructions on upgrading Red Hat Network Satellite, please refer to the /etc/sysconfig/rhn/satellite-upgrade/README file. This can be found within the rhn-upgrade package. Before proceeding, it is important to read the complete details, contained within the most current rhn-upgrade package README file. As with all Satellite upgrades, please ensure that known good backups are available, especially of the database. Notes: 1) Red Hat will continue to support Red Hat Satellite and Proxy on Red Hat Enterprise Linux 6 and later. 2) Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 will be EOL on March 31 2017. How to proceed: * All affected Satellite and Proxy users must plan to upgrade to a newer version prior to March 31 2017. * Find an overview of various aspects for this upcoming EOL date at: https://access.redhat.com/articles/2868391 * If you have a Technical Account Manager, contact that person immediately to discuss upgrade plans. * Otherwise, contact Red Hat support for assistance at: https://www.redhat.com/en/services/support * Alternatively, Red Hat Consulting can be engaged to assist with a smooth migration, see https://www.redhat.com/en/services/consulting. More information on Red Hat Consulting for Satellite can be found in the PDF document linked to in the References section. It is critical to ensure you have a plan to migrate to Red Hat Enterprise Linux 6 prior to March 31, 2017. Customers who choose to continue to deploy on Red Hat Enterprise Linux 5 will continue to have access via Red Hat Network (RHN) to the following content as part of their active Red Hat Satellite subscription: * Previously released bug fixes, security updates, and product enhancements. * Red Hat Knowledgebase and other content (whitepapers, reference architectures, etc.) found in the Red Hat Customer Portal. * All Red Hat Satellite documentation. Customers are strongly encouraged to take advantage of the upgrade benefits their active Red Hat Satellite subscription has, and migrate to an active version of Red Hat Satellite such as version 5.6 or 5.7. Details of the Red Hat Satellite life-cycle can be found at: https://access.redhat.com/support/policy/updates/satellite/ 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1414121 - Satellite 5.6 on RHEL 5 60 day EoL 6. Package List: Red Hat Satellite 5.6 (RHEL v.5): Source: spacewalk-certs-tools-2.0.1-3.el5sat.src.rpm noarch: spacewalk-certs-tools-2.0.1-3.el5sat.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#low https://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYiIuzXlSAg2UNWIIRAgYcAJsF4wtbxHFfxRbGbpVj16TbEBTx8ACfTgNi qUPI5hr/rX7zkUhg63T4KUE= =DvuW - -----END PGP SIGNATURE----- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Satellite Proxy 5 - 60 day End Of Life Notice Advisory ID: RHSA-2017:0192-01 Product: Red Hat Satellite Proxy Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0192.html Issue date: 2017-01-25 ===================================================================== 1. Summary: This is the 60 day notification of the End Of Life (EOL) plans for the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.6 on Red Hat Enterprise Linux 5 2. Relevant releases/architectures: Red Hat Satellite Proxy 5.6 (RHEL v.5) - noarch 3. Description: After March 31, 2017, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite and Proxy versions 5.6 or older on Red Hat Enterprise Linux 5. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security updates, and product enhancements will no longer be provided for the following product versions: * Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 Details of the Satellite support policy can be found at: https://access.redhat.com/support/policy/updates/satellite/ Notes: 1) Red Hat will continue to support Red Hat Satellite and Proxy on Red Hat Enterprise Linux 6 and later. 2) Red Hat Satellite 5.6 and Proxy 5.6 on Red Hat Enterprise Linux 5 will be EOL on March 31 2017. How to proceed: * All affected Satellite and Proxy users must plan to upgrade to a newer version prior to March 31 2017. * Find an overview of various aspects for this upcoming EOL date at: https://access.redhat.com/articles/2868391 * If you have a Technical Account Manager, contact that person immediately to discuss upgrade plans. * Otherwise, contact Red Hat support for assistance at: https://www.redhat.com/en/services/support * Alternatively, Red Hat Consulting can be engaged to assist with a smooth migration, see https://www.redhat.com/en/services/consulting. More information on Red Hat Consulting for Satellite can be found in the PDF document linked to in the References section. It is critical to ensure you have a plan to migrate to Red Hat Enterprise Linux 6 prior to March 31, 2017. Customers who choose to continue to deploy on Red Hat Enterprise Linux 5 will continue to have access via Red Hat Network (RHN) to the following content as part of their active Red Hat Satellite subscription: * Previously released bug fixes, security updates, and product enhancements. * Red Hat Knowledgebase and other content (whitepapers, reference architectures, etc.) found in the Red Hat Customer Portal. * All Red Hat Satellite documentation. Customers are strongly encouraged to take advantage of the upgrade benefits their active Red Hat Satellite subscription has, and migrate to an active version of Red Hat Satellite such as version 5.6 or 5.7. Details of the Red Hat Satellite life-cycle can be found at: https://access.redhat.com/support/policy/updates/satellite/ 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1414122 - Satellite Proxy 5.6 on RHEL 5 60 day EoL 6. Package List: Red Hat Satellite Proxy 5.6 (RHEL v.5): Source: spacewalk-certs-tools-2.0.1-3.el5sat.src.rpm noarch: spacewalk-certs-tools-2.0.1-3.el5sat.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#low https://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYiIx2XlSAg2UNWIIRAsQrAJ9+wKdEZwkdkpswUYJkQtF/XK7feACfbcrG 7xRLp4M8zy+kwSnTvvfgtOo= =G0IV - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWIlMTIx+lLeg9Ub1AQjSLA//WMWKYJuzvMsjuEWCJdIDMPblRmo0BvKQ ECkEutajMMfoN8wMjXQFZy9RxxsX//F8c8NhsfCiM+Z6X08inMVOntx+rmf2GueB XIUiwXWJxQvv2WHvQ2CWC3tkWlyFjxEeMZmCTLp0+/GipiDBlrH6VIuH5dOFUHV9 5PrXtKEmNkhQQfU7/J+GozCcELm//77rrh8ANXSvIiEPIsIFaZPZleangi74PRnx KSr0dAV0GJywNhyzbq24SSpUjO6z3B2ypf9x80fGb3tM68wgAiSGnCIgB1NF37W1 5SjqFlRabdmL9GT48rbD9v8LxA35FYpdns8b0eGqL9Bwar6fCaYhbhUUePMnvvHb BWklUolwN1yi2jl1lcnM3TKU3yHCg6Kct0z+MaH7u2ZQ44SI0XN8pH/1a+IDxfpM KxHZTlAZs7c2Ecpjx0xfo0npvsm1Ryhtzb+qRgDWFIbmwMTM/GYm3PXDF3lJ7yV9 QUKxol44oSDDU3iVksm7MpXcuNi2169PDpyKdm6kUmgIGSeNeyd/0OqVPU1qN3Nq /H/YJlCGgtuOx2wf/J0A/ku8PtLn1wUrzmi443wAXh5UNtJbwbfAkXCeh8k2bTTX CgqkEh9ZTjzXmCsWob/fibZO3j/9rwi1Jh4YEXnEu9sxGtoTy1GnhnudjZ4jgsbK M/GRDEFrVdo= =5ccz -----END PGP SIGNATURE-----