Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2015.0145
Low: RHN Satellite Server 5.5 4-Month Retirement Notice
22 January 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Red Hat Satellite
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Reduced Security -- Unknown/Unspecified
Resolution: Patch/Upgrade
Original Bulletin:
https://rhn.redhat.com/errata/RHSA-2015-0065.html
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Low: RHN Satellite Server 5.5 4-Month Retirement Notice
Advisory ID: RHSA-2015:0065-01
Product: Red Hat Satellite
Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0065.html
Issue date: 2015-01-20
=====================================================================
1. Summary:
This is the four-month notification for the retirement of the following
versions of Red Hat Satellite 5:
* Red Hat Satellite 5.2
* Red Hat Satellite 5.3
* Red Hat Satellite 5.4
* Red Hat Satellite 5.5
2. Description:
After May 29 2015, as per the life-cycle support policy for Red Hat
Satellite, Red Hat will discontinue technical support services as well as
software maintenance services for all Red Hat Satellite versions 5.5 or
older. The listed versions will exit the existing Limited Maintenance
Release phase. This means that new bug fixes, security errata, and product
enhancements will no longer be provided for the above listed product
versions.
Please reference the support policy here:
https://access.redhat.com/support/policy/updates/satellite/
Note:
1) Red Hat will continue to support Red Hat Satellite and Proxy version 5.6
and newer
2) All versions of Satellite 5.5 and below will be retired on May 29 2015.
Though we are committed to the May 29 2015 date for beginning the process
of decommissioning Satellite and Proxy support listed, we recognize that
our customers have woven these products very deeply into their processes
and may need some time to upgrade.
For upgrade purposes, please note the following date:
* May 29 2015 - active status for the listed Satellite and Proxy versions
will be terminated. The Satellite and Proxy versions listed will enter an
inactive state. This includes no longer generating nor providing Satellite
Certificates to customers requesting them for these EOL product versions.
How to proceed:
* All affected Satellite and Proxy users must plan to upgrade to a newer
version prior to May 29, 2015.
* If you have a Technical Account Manager, contact that person immediately
to discuss upgrade plans.
* Otherwise, contact support for assistance:
https://www.redhat.com/support/
* Alternatively, Red Hat Consulting can be engaged to assist with a smooth
migration: http://www.redhat.com/consulting/
More information on Red Hat Consulting for Satellite can be found here:
https://redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf
It is critical to ensure you have a plan to upgrade Red Hat Satellite and
Proxy listed versions, prior to May 29 2015.
The listed versions of Red Hat Satellite and Proxy for this notice are:
* Red Hat Satellite 5.2
* Red Hat Satellite 5.3
* Red Hat Satellite 5.4
* Red Hat Satellite 5.5
Customers who choose to continue to deploy any of the listed Red Hat
Satellite or Proxy offerings will continue to have access via Red Hat
Network (RHN) to the following content as part of their active Red Hat
Satellite subscription:
- - - Previously released bug fixes, security errata and product enhancements.
- - - Red Hat Knowledge Base and other content (whitepapers, reference
architectures, etc) found in the Red Hat Customer Portal.
- - - All Red Hat Satellite documentation.
Customers are strongly encouraged to take advantage of the upgrade benefits
of their active Red Hat Satellite subscription and migrate to an active
version of Red Hat Satellite such as version 5.6 or 5.7.
Details of the Red Hat Satellite life-cycle can be found on the Red Hat
website: https://access.redhat.com/support/policy/updates/satellite/
3. Solution:
The overview for the Satellite Upgrade process starting point is outlined
in the Red Hat Satellite 5.7 Installation Guide, linked to in the
References section.
For detailed instructions on upgrading Red Hat Satellite, please refer to
the /etc/sysconfig/rhn/satellite-upgrade/README file. This can be found
within the rhn-upgrade package. Before proceeding, it is important to read
the complete details, contained within the most current rhn-upgrade package
README file.
As with all Satellite upgrades, please ensure that known good backups are
available, especially of the database.
4. Bugs fixed (https://bugzilla.redhat.com/):
1182754 - Satellite 5.5 and prior end of life - 4 month warning
5. References:
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/5.7/html/Installation_Guide/chap-Upgrades.html
6. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2015 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFUv9nuXlSAg2UNWIIRAjPMAJ41EGawoUcrVgpuihTo2lL+/FIB1QCfdkS/
9Ay/ILIYDN8ModdWYNVMREM=
=mZQw
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVMAxaxLndAQH1ShLAQJifg/+NQbSLVSV5K4x0uSlhh2UTg0XaTMY3mp8
rcYw4AmynRJNVh93HccBWmQSe00X2/XOJOcCB5MWT4DWX5crEmeN+Fd+o8zfdX2h
mOVnB3bBurb0Wm2IgXEqEGh7TqoGuKaHwpP3ZFs7FX3i55u2quxlh6WVjTrAbU4V
Dz7vJvO2y1LKrZDK7mPF7AzPBBrpuWjlhfB15ZDQZJ+rloQUv76LYCIEw5ZTHm67
Uauq4hycSC8MZIkn/gCTVt7WbmMbL3wmXpBu79Q+/uwPdU9L4GMpCflMwPJcIgov
Rv4bdS8O2I7fFf5jH2M4xWzIfJMY0ksmfrqJsQkWGzWJuTKncBH5F6baBGqsN1WU
R7UNDmpfHvhvk3cqlJ6/V3GmfG35sDGiwiEpWEOkGIa74I661lE+lU0FdgXGTcIi
C38Up2WjS4CuVA0PJH+yKY4hVh93jSsUfSEIK3KWCgWSNNDLA/cHBzv1qUc+0Khy
Z1otZ5U/br685IQPLXRQBnq7KNBpQwrapqzFwf8EeFZxJvE9LFQJfxWDnTiMvDPY
j79ZUgvG87V/yuPpYHNHRBuFe/YREg0Y0aCt5IxDXpBlPcCzGgoK9DO5PCxClrlY
rGX14ylTi7sY1LqnSI1vJ++xVqVOEUP4RozsYmlJTyr1FscpaYZSPZK3a3fCuffM
Aq5cxdEsJME=
=9Dar
-----END PGP SIGNATURE-----