Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2012.1148
Low: RHN Satellite Server 5 on Red Hat Enterprise Linux 4 - End Of Life
6 December 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: RHN Satellite Server 5
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 4
Impact/Access: Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
Original Bulletin:
https://rhn.redhat.com/errata/RHSA-2012-1546.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: RHN Satellite Server 5 on Red Hat Enterprise Linux 4 - End Of Life
Advisory ID: RHSA-2012:1546-01
Product: Red Hat Network Satellite Server
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1546.html
Issue date: 2012-12-05
=====================================================================
1. Summary:
This is the End Of Life notification for RHN Satellite Server 5 versions
released to run on Red Hat Enterprise Linux 4.
2. Relevant releases/architectures:
Red Hat Network Satellite Server 5.0 (RHEL v.4 AS) - noarch
Red Hat Network Satellite Server 5.1 (RHEL v.4 AS) - noarch
Red Hat Network Satellite Server 5.2 (RHEL v.4 AS) - noarch
Red Hat Network Satellite Server 5.3 (RHEL v.4) - noarch
3. Description:
On December 1st, 2012, per the life-cycle support policy, the following
versions of Satellite and Proxy products, released on Red Hat Enterprise
Linux 4, exited Production Phase 2 marking the end of their support by
Red Hat.
RHN Satellite & RHN Proxy:
- 5.0
- 5.1
- 5.2 on Red Hat Enterprise Linux 4
- 5.3 on Red Hat Enterprise Linux 4
Please reference the support policy here:
https://access.redhat.com/support/policy/updates/satellite/
Notes:
1) Red Hat will continue to support RHN Satellite and Proxy versions 5.2
and 5.3 running on Red Hat Enterprise Linux 5.
2) All versions of 5.0 and 5.1 are now EOL with this notice.
Though we are committed to the December 1st date for beginning the process
of decommissioning Satellite and Proxy support listed, we recognize that
our customers have woven these products very deeply into their processes
and may need some time to upgrade.
For upgrade purposes, please note the following dates:
* December 1st, 2012 - Satellite and Proxy support for listed versions
running on Red Hat Enterprise Linux 4, ceased to be supported. Official
support ended. Only Severity 1 issues and upgrade assistance will be
addressed. Satellite and Proxy will continue to operate, but all
customers are encouraged to upgrade in a timely manner.
* March 1st, 2013 - Satellite and Proxy versions listed - active status
will be terminated. The Satellite and Proxy versions listed will enter an
inactive state. This includes no longer generating nor providing Satellite
Certificates to customers requesting them for these EOL product versions.
The overview for the Satellite Upgrade process starting point is outlined
here:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Network_Satellite/5.5/html-single/Installation_Guide/index.html#chap-Installation_Guide-Upgrades
For detailed instructions on upgrading Red Hat Network Satellite, please
refer to the /etc/sysconfig/rhn/satellite-upgrade/README file. This can
be found within the rhn-upgrade package. Before proceeding, it is
important to read the complete details, contained within the most current
rhn-upgrade package README file.
As with all Satellite upgrades, please ensure that known good backups are
available, especially of the database.
How to proceed:
* All affected Satellite and Proxy users must plan to upgrade to a newer
version prior to March 1st, 2013.
* If you have a Technical Account Manager, contact that person immediately
to discuss upgrade plans.
* Otherwise, contact support for assistance:
https://www.redhat.com/support/
* Alternatively, Red Hat Consulting can be engaged to assist with a smooth
migration:
http://www.redhat.com/consulting/
More information on Red Hat Consulting for Satellite can be found here:
http://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf
It is critical to ensure you have a plan to upgrade Satellite and Proxy
listed versions, prior to March 1st, 2013.
Listed versions of Satellite and Proxy for this notice are:
- 5.0
- 5.1
- 5.2 on Red Hat Enterprise Linux 4
- 5.3 on Red Hat Enterprise Linux 4
4. Solution:
This erratum contains rhns-certs-tools packages for RHN Satellite 5.0, 5.1,
and 5.2, and a spacewalk-certs-tools package for RHN Satellite 5.3 with
updated version numbers to ensure the distribution of this notice; however,
no changes have been made to the packages.
5. Bugs fixed (http://bugzilla.redhat.com/):
882920 - Red Hat Network Satellite on RHEL 4 EOL
6. Package List:
Red Hat Network Satellite Server 5.0 (RHEL v.4 AS):
Source:
rhns-certs-tools-5.0.1-3.el4_8.src.rpm
noarch:
rhns-certs-tools-5.0.1-3.el4_8.noarch.rpm
Red Hat Network Satellite Server 5.1 (RHEL v.4 AS):
Source:
rhns-certs-tools-5.1.1-3.el4.src.rpm
noarch:
rhns-certs-tools-5.1.1-3.el4.noarch.rpm
Red Hat Network Satellite Server 5.2 (RHEL v.4 AS):
Source:
rhns-certs-tools-5.2.0-5.el4.src.rpm
noarch:
rhns-certs-tools-5.2.0-5.el4.noarch.rpm
Red Hat Network Satellite Server 5.3 (RHEL v.4):
Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHNSAT/SRPMS/spacewalk-certs-tools-0.5.5-7.el4sat.src.rpm
noarch:
spacewalk-certs-tools-0.5.5-7.el4sat.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Network_Satellite/5.5/html-single/Installation_Guide/index.html#chap-Installation_Guide-Upgrades
http://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQv4jeXlSAg2UNWIIRAt6rAJ9WH1Rjq34B4lMw6SnPZkcJjRs3ggCfYFX6
gP9Uo3WWTXnfQ37U8j9tF7c=
=sAyE
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUL/i/+4yVqjM2NGpAQLpTw/7BNHflJZVqliZX4U+0oBxSH/pBU2sHfyk
BOTrbcTX18FwcbBHCiaDMJDTbPW/RMjKFcB0ttT4QBa35QOlhts9ld/wLAxzkWKS
gmwYWxHTpXdoGRiR9U8Q4Z/oUg9f1cWC3PAmh9upr5GAc3CsK8nhngEcTv8u/Py6
dacQXhQ6uc9dHlwPvHc2S3M4xb0toGjV37ewIMxslo22GLYp/gyfLapC92gQTJI2
tN78xxBft7wWfdtFiGXDKxsXcqFGQRMXlff/xQ4sOcqRgb4EbxtXp37zZmY6ASbh
Lefw6nHHiIUN2Q7jDtpozVM+zjQMP7UNfYJA2b2kGTeStGR38/+jD8uQtL9Dii1D
OjzyOaxSQJehvjjkBD6Jfm3bjXCRhRxsHzYI0NnJ2a4pHGGSjZCL9COgMgRmXlQ/
0B+OBzUIINVMTZKuwiMB+Zuom5LTFM6Zp1KyocE7ET1Dk8xbGQBGRIpikQVvaX+N
gzOJYHj9Dz6SGm9Wg5NiFyH5+9CP+GRA2LXHhJqUwfQQIEBA2WApEraBLhjrLwEL
FbzXMvWmWgdlEMJ3SpO0YJx6BXAl1nz0rQLdXKotBE1O+0SMldOXseEmZ3jECB5G
1Vro0qHZNO4pX4taX9cpPPE0ROwxWaqHUhPKItSXyjBHXDtuShF3fnfdIgyWuaK8
UHHyuo/2FyQ=
=N77s
-----END PGP SIGNATURE-----