Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2012.1149
Low: RHN Proxy Server 5 on Red Hat Enterprise Linux 4 - End Of Life
6 December 2012
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: RHN Proxy Server 5
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux AS/ES/WS 4
Impact/Access: Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
Original Bulletin:
https://rhn.redhat.com/errata/RHSA-2012-1547.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: RHN Proxy Server 5 on Red Hat Enterprise Linux 4 - End Of Life
Advisory ID: RHSA-2012:1547-01
Product: Red Hat Network Proxy Server
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-1547.html
Issue date: 2012-12-05
=====================================================================
1. Summary:
This is the End Of Life notification for RHN Proxy Server 5 versions
released to run on Red Hat Enterprise Linux 4.
2. Relevant releases/architectures:
Red Hat Network Proxy v 5.0 (RHEL v.4 AS) - noarch
Red Hat Network Proxy v 5.1 (RHEL v.4 AS) - noarch
Red Hat Network Proxy v 5.2 (RHEL v.4 AS) - noarch
Red Hat Network Proxy v 5.3 (RHEL v.4 AS) - noarch
3. Description:
On December 1st, 2012, per the life-cycle support policy, the following
versions of Satellite and Proxy products, released on Red Hat Enterprise
Linux 4, exited Production Phase 2 marking the end of their support by
Red Hat.
RHN Satellite & RHN Proxy:
- 5.0
- 5.1
- 5.2 on Red Hat Enterprise Linux 4
- 5.3 on Red Hat Enterprise Linux 4
Please reference the support policy here:
https://access.redhat.com/support/policy/updates/satellite/
Notes:
1) Red Hat will continue to support RHN Satellite and Proxy versions 5.2
and 5.3 running on Red Hat Enterprise Linux 5.
2) All versions of 5.0 and 5.1 are now EOL with this notice.
Though we are committed to the December 1st date for beginning the process
of decommissioning Satellite and Proxy support listed, we recognize that
our customers have woven these products very deeply into their processes
and may need some time to upgrade.
For upgrade purposes, please note the following dates:
* December 1st, 2012 - Satellite and Proxy support for listed versions
running on Red Hat Enterprise Linux 4, ceased to be supported. Official
support ended. Only Severity 1 issues and upgrade assistance will be
addressed. Satellite and Proxy will continue to operate, but all
customers are encouraged to upgrade in a timely manner.
* March 1st, 2013 - Satellite and Proxy versions listed - active status
will be terminated. The Satellite and Proxy versions listed will enter an
inactive state. This includes no longer generating nor providing Satellite
Certificates to customers requesting them for these EOL product versions.
The overview for the Satellite Upgrade process starting point is outlined
here:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Network_Satellite/5.5/html-single/Installation_Guide/index.html#chap-Installation_Guide-Upgrades
For detailed instructions on upgrading Red Hat Network Satellite, please
refer to the /etc/sysconfig/rhn/satellite-upgrade/README file. This can
be found within the rhn-upgrade package. Before proceeding, it is
important to read the complete details, contained within the most current
rhn-upgrade package README file.
As with all Satellite upgrades, please ensure that known good backups are
available, especially of the database.
How to proceed:
* All affected Satellite and Proxy users must plan to upgrade to a newer
version prior to March 1st, 2013.
* If you have a Technical Account Manager, contact that person immediately
to discuss upgrade plans.
* Otherwise, contact support for assistance:
https://www.redhat.com/support/
* Alternatively, Red Hat Consulting can be engaged to assist with a smooth
migration:
http://www.redhat.com/consulting/
More information on Red Hat Consulting for Satellite can be found here:
http://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf
It is critical to ensure you have a plan to upgrade Satellite and Proxy
listed versions, prior to March 1st, 2013.
Listed versions of Satellite and Proxy for this notice are:
- 5.0
- 5.1
- 5.2 on Red Hat Enterprise Linux 4
- 5.3 on Red Hat Enterprise Linux 4
4. Solution:
This erratum contains rhns-certs-tools packages for RHN Proxy 5.0, 5.1, and
5.2, and a spacewalk-certs-tools package for RHN Proxy 5.3 with updated
version numbers to ensure the distribution of this notice; however, no
changes have been made to the packages.
5. Bugs fixed (http://bugzilla.redhat.com/):
882921 - Red Hat Network Proxy on RHEL 4 EOL
6. Package List:
Red Hat Network Proxy v 5.0 (RHEL v.4 AS):
Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHNPROXY/SRPMS/rhns-certs-tools-5.0.1-3.el4_8.src.rpm
noarch:
rhns-certs-tools-5.0.1-3.el4_8.noarch.rpm
Red Hat Network Proxy v 5.1 (RHEL v.4 AS):
Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHNPROXY/SRPMS/rhns-certs-tools-5.1.1-3.el4.src.rpm
noarch:
rhns-certs-tools-5.1.1-3.el4.noarch.rpm
Red Hat Network Proxy v 5.2 (RHEL v.4 AS):
Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHNPROXY/SRPMS/rhns-certs-tools-5.2.0-5.el4.src.rpm
noarch:
rhns-certs-tools-5.2.0-5.el4.noarch.rpm
Red Hat Network Proxy v 5.3 (RHEL v.4 AS):
Source:
ftp://updates.redhat.com/enterprise/4AS/en/RHNPROXY/SRPMS/spacewalk-certs-tools-0.5.5-7.el4sat.src.rpm
noarch:
spacewalk-certs-tools-0.5.5-7.el4sat.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
7. References:
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Network_Satellite/5.5/html-single/Installation_Guide/index.html#chap-Installation_Guide-Upgrades
http://www.redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2012 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFQv4k7XlSAg2UNWIIRAodcAJ4iJJRa9o3z3QwT6nYqdPPULCW3HwCgtb/b
zIFKM9KLM4QXOICWLEHJ7Mg=
=Sft7
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUL/jDu4yVqjM2NGpAQJBQQ/9H046KonZodntRdzLpueNKw+bGZSTkmWU
HDhCVdsgSTA/4jmpXcy57h03h0jF7wSvN+DKDAc0iQ1NExKWyf/lSyrghGOuGGN/
VY48qSa8ORM40JGnKY9HFv1j+dL44J8M0kGjjg8HBtv1/zBCRIjCWVDVaLWW01bV
GML5EXJf6uz0T72E8T+nRlikga1jNeLAKab3zKO0WsAO+7RD+jhzpwB6RaBVWwMC
I/xRxVAlxDaFLPS1VPmcVbnYKYqXfnpqZWgp2iCiBQ8dDvbh4SxcZbI6rtCw4CQw
j5T1hyiS3I87/O/PZ6OlFH6+SGQxj+LI3wVMRgbktfgmKcF8DoUHa/zEycRpsyiB
FHDlO9GKRqjaMk95vRqC8f6CgQCuBCm9x3dpAREfRFHtzxDkESKTp5byybfshbXZ
sfNWMwlOucvfHpgcNV0mOKmKNGGgMBv38J9Zr6eq/GYVjCbCZgunTBAco6sVrmfl
wKLORI5LWEASyiU5PKh3PuARJRiN8YXNWyu89i+h4h2xlGZBAoXd8PUnUnxfJc9F
o2v1vl5TPvVKhPSOP+O72MxrM5MnEA8t1cGQ+x/qoZYti3JQHJNYWfOwJ44UmwHJ
Xp6xBsFYNjh7yMz2vAQJca/EHpp7O35+P8pZ22NV8J5BM+Gg3+ptP/BG9HehVrxD
yswaHxdGGo4=
=Ro11
-----END PGP SIGNATURE-----