Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2015.0145 Low: RHN Satellite Server 5.5 4-Month Retirement Notice 22 January 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Satellite Publisher: Red Hat Operating System: Red Hat Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://rhn.redhat.com/errata/RHSA-2015-0065.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: RHN Satellite Server 5.5 4-Month Retirement Notice Advisory ID: RHSA-2015:0065-01 Product: Red Hat Satellite Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0065.html Issue date: 2015-01-20 ===================================================================== 1. Summary: This is the four-month notification for the retirement of the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.2 * Red Hat Satellite 5.3 * Red Hat Satellite 5.4 * Red Hat Satellite 5.5 2. Description: After May 29 2015, as per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services for all Red Hat Satellite versions 5.5 or older. The listed versions will exit the existing Limited Maintenance Release phase. This means that new bug fixes, security errata, and product enhancements will no longer be provided for the above listed product versions. Please reference the support policy here: https://access.redhat.com/support/policy/updates/satellite/ Note: 1) Red Hat will continue to support Red Hat Satellite and Proxy version 5.6 and newer 2) All versions of Satellite 5.5 and below will be retired on May 29 2015. Though we are committed to the May 29 2015 date for beginning the process of decommissioning Satellite and Proxy support listed, we recognize that our customers have woven these products very deeply into their processes and may need some time to upgrade. For upgrade purposes, please note the following date: * May 29 2015 - active status for the listed Satellite and Proxy versions will be terminated. The Satellite and Proxy versions listed will enter an inactive state. This includes no longer generating nor providing Satellite Certificates to customers requesting them for these EOL product versions. How to proceed: * All affected Satellite and Proxy users must plan to upgrade to a newer version prior to May 29, 2015. * If you have a Technical Account Manager, contact that person immediately to discuss upgrade plans. * Otherwise, contact support for assistance: https://www.redhat.com/support/ * Alternatively, Red Hat Consulting can be engaged to assist with a smooth migration: http://www.redhat.com/consulting/ More information on Red Hat Consulting for Satellite can be found here: https://redhat.com/f/pdf/consulting/RHNSatelliteImplementation-Brochure.pdf It is critical to ensure you have a plan to upgrade Red Hat Satellite and Proxy listed versions, prior to May 29 2015. The listed versions of Red Hat Satellite and Proxy for this notice are: * Red Hat Satellite 5.2 * Red Hat Satellite 5.3 * Red Hat Satellite 5.4 * Red Hat Satellite 5.5 Customers who choose to continue to deploy any of the listed Red Hat Satellite or Proxy offerings will continue to have access via Red Hat Network (RHN) to the following content as part of their active Red Hat Satellite subscription: - - - Previously released bug fixes, security errata and product enhancements. - - - Red Hat Knowledge Base and other content (whitepapers, reference architectures, etc) found in the Red Hat Customer Portal. - - - All Red Hat Satellite documentation. Customers are strongly encouraged to take advantage of the upgrade benefits of their active Red Hat Satellite subscription and migrate to an active version of Red Hat Satellite such as version 5.6 or 5.7. Details of the Red Hat Satellite life-cycle can be found on the Red Hat website: https://access.redhat.com/support/policy/updates/satellite/ 3. Solution: The overview for the Satellite Upgrade process starting point is outlined in the Red Hat Satellite 5.7 Installation Guide, linked to in the References section. For detailed instructions on upgrading Red Hat Satellite, please refer to the /etc/sysconfig/rhn/satellite-upgrade/README file. This can be found within the rhn-upgrade package. Before proceeding, it is important to read the complete details, contained within the most current rhn-upgrade package README file. As with all Satellite upgrades, please ensure that known good backups are available, especially of the database. 4. Bugs fixed (https://bugzilla.redhat.com/): 1182754 - Satellite 5.5 and prior end of life - 4 month warning 5. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/5.7/html/Installation_Guide/chap-Upgrades.html 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUv9nuXlSAg2UNWIIRAjPMAJ41EGawoUcrVgpuihTo2lL+/FIB1QCfdkS/ 9Ay/ILIYDN8ModdWYNVMREM= =mZQw - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVMAxaxLndAQH1ShLAQJifg/+NQbSLVSV5K4x0uSlhh2UTg0XaTMY3mp8 rcYw4AmynRJNVh93HccBWmQSe00X2/XOJOcCB5MWT4DWX5crEmeN+Fd+o8zfdX2h mOVnB3bBurb0Wm2IgXEqEGh7TqoGuKaHwpP3ZFs7FX3i55u2quxlh6WVjTrAbU4V Dz7vJvO2y1LKrZDK7mPF7AzPBBrpuWjlhfB15ZDQZJ+rloQUv76LYCIEw5ZTHm67 Uauq4hycSC8MZIkn/gCTVt7WbmMbL3wmXpBu79Q+/uwPdU9L4GMpCflMwPJcIgov Rv4bdS8O2I7fFf5jH2M4xWzIfJMY0ksmfrqJsQkWGzWJuTKncBH5F6baBGqsN1WU R7UNDmpfHvhvk3cqlJ6/V3GmfG35sDGiwiEpWEOkGIa74I661lE+lU0FdgXGTcIi C38Up2WjS4CuVA0PJH+yKY4hVh93jSsUfSEIK3KWCgWSNNDLA/cHBzv1qUc+0Khy Z1otZ5U/br685IQPLXRQBnq7KNBpQwrapqzFwf8EeFZxJvE9LFQJfxWDnTiMvDPY j79ZUgvG87V/yuPpYHNHRBuFe/YREg0Y0aCt5IxDXpBlPcCzGgoK9DO5PCxClrlY rGX14ylTi7sY1LqnSI1vJ++xVqVOEUP4RozsYmlJTyr1FscpaYZSPZK3a3fCuffM Aq5cxdEsJME= =9Dar -----END PGP SIGNATURE-----