Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.3451 Red Hat Satellite Server 5 - 90 day End Of Life Notice 5 November 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Red Hat Satellite Publisher: Red Hat Operating System: Red Hat Impact/Access: Reduced Security -- Unknown/Unspecified Resolution: Patch/Upgrade Original Bulletin: https://access.redhat.com/errata/RHSA-2018:3456 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Satellite Server 5 - 90 day End Of Life Notice Advisory ID: RHSA-2018:3456-01 Product: Red Hat Satellite Advisory URL: https://access.redhat.com/errata/RHSA-2018:3456 Issue date: 2018-11-02 ===================================================================== 1. Summary: This is the 90 day notification of the End Of Life (EOL) plans for the following versions of Red Hat Satellite 5: * Red Hat Satellite 5.6 * Red Hat Satellite 5.7 2. Relevant releases/architectures: Red Hat Satellite 5.6 (RHEL v.6) - noarch Red Hat Satellite 5.7 (RHEL v.6) - noarch 3. Description: The RHN service for Satellite 5.7, 5.6, and earlier versions of Satellite 5 will exit the existing Limited Maintenance Release phase and be permanently shut down on January 31, 2019. After this date, for the affected Satellite 5 versions: * No content will be available from RHN. Both system level updates and channel synchronization will be stopped as a result; * No Satellite certificates for these versions will be generated or provided for these EOL product versions; * As per the life-cycle support policy for Red Hat Satellite, Red Hat will discontinue technical support services as well as software maintenance services; * New bug fixes, security updates, and product enhancements will no longer be provided. Details of the Satellite support policy can be found at: https://access.redhat.com/support/policy/updates/satellite/ Notes: 1) Red Hat will continue to support Red Hat Satellite and Proxy version 5.8. 2) Red Hat Satellite 5.6 and Red Hat Satellite 5.7 will be EOL on January 31, 2019. They will have to be upgraded. How to proceed: * Plan to upgrade to a newer version prior to January 31, 2019. You are strongly encouraged to upgrade to Red Hat Satellite 5.8 immediately, which will be supported through May 31, 2020. You are also encouraged to plan a longer-term transition to Satellite 6, but to first ensure all Satellite and Proxy versions 5.7 and earlier have been upgraded prior to January 31, 2019. * If you have a Technical Account Manager, consider contacting that person immediately to assist with your upgrade plans. Otherwise, contact Red Hat support for assistance at https://www.redhat.com/en/services/support * Alternatively, Red Hat Consulting can be engaged to assist with a smooth upgrade, or migration to Satellite 6, see https://www.redhat.com/en/resources/consulting-offering-transition-to-satel lite-6-datasheet Details of the Red Hat Satellite life cycle can be found at https://access.redhat.com/support/policy/updates/satellite/ 4. Solution: The documentation of the Satellite 5 upgrade process is available in the Red Hat Satellite 5.8 Installation Guide, linked to in the References section. For detailed instructions on upgrading Red Hat Satellite, see the /etc/sysconfig/rhn/satellite-upgrade/README file within the rhn-upgrade package. Before proceeding, it is important to read the complete details, contained within the most current rhn-upgrade package README file. Before the upgrade, ensure that known good backups are available, especially of the database. 5. Bugs fixed (https://bugzilla.redhat.com/): 1640535 - Satellite 5.7 and prior end of life - 90 day warning 6. Package List: Red Hat Satellite 5.6 (RHEL v.6): Source: spacewalk-backend-2.0.3-49.el6sat.src.rpm noarch: spacewalk-backend-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-app-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-applet-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-config-files-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-config-files-common-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-config-files-tool-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-iss-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-iss-export-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-libs-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-package-push-server-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-server-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-sql-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-sql-oracle-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-sql-postgresql-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-tools-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-xml-export-libs-2.0.3-49.el6sat.noarch.rpm spacewalk-backend-xmlrpc-2.0.3-49.el6sat.noarch.rpm Red Hat Satellite 5.7 (RHEL v.6): Source: spacewalk-backend-2.3.3-56.el6sat.src.rpm noarch: spacewalk-backend-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-app-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-applet-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-config-files-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-config-files-common-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-config-files-tool-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-iss-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-iss-export-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-libs-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-package-push-server-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-server-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-sql-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-sql-oracle-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-sql-postgresql-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-tools-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-xml-export-libs-2.3.3-56.el6sat.noarch.rpm spacewalk-backend-xmlrpc-2.3.3-56.el6sat.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-us/red_hat_satellite/5.8/html/installation_guide/upgrading_red_hat_satellite_to_a_new_version 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBW9xtBNzjgjWX9erEAQhXRxAAhBel5/t+3M1v1GXYS+OlUusu1hzXShk8 9rNPLRCbag2/UUuomGEK1AO+m8x/0j7vC9XU3aUbG2iBiaons0oMGoVzMbFPyGjV Oilv2GwhyBNSyeeGERK7J4u47UXhwU1KrIixBw6QVyN6wBeuSJAWSO0dHzsLPPeF QaWTKab81E93ulHk2lJPnpEJDrzJfSAf4LIpzYgIDDBTt2K1I4Ydyg0xIlGzP6Qc 4T0MReg6gAZQETX97MDWKyeqNwJu9dhpM6U7zqzh9+dTB8LNIPjGhG1ph3PvE0z7 96xmRzM+nXsfN/AvlO6uSj8rSgbFrxCeQ77f+j0aEWBLBNRSW3h20Flct7+281Pu WLLkuWG/JZ+21Hbhl5N1TDosTHMGN1OimnaxsUffFfVmOpfGVW3pIviA35ZKBq2D fRZpJIA3tfysl5jn6IQF10Lu9rD5qPrc1KlgZ2b6E7Ms+ROhgm+LAuEAnBEVqAk6 q/Pj21VJ25uCTOrRgwTLzoDgwKXhYDRdRebkLqoo2wxQbeL6+SPXR/+kf2Q8oVov 4uba2p0+KfQ1toUgWVjW9tE4rKSNJm0BXPePHWfYnndnRE1+9TsK8Zgz09fH2Xj3 X+F1ij4C8nRLtKXJ1veqJSq4p1ww50XcXdXSLud76nodQfOXQbIIzbr3vgWGywsM /TxuWUnLnr8= =ASqZ - -----END PGP SIGNATURE----- - -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW9+PSWaOgq3Tt24GAQjOQw//ZqzWN49MNa4iPjYNJJqb6CC+WOWD8tfs AqTCaUjowXL2SEmh5SQ3sZNpYDr6/iprkEMzwRKBTHgskj+gymzepJjqA2oknZUQ Y1vYjNEzTJNcC4aEkbGVo93XxsJWbLe8d/Wc7VuVFLxfG8SdZ80ykLCrINuo2nCo wi46Ltj/XXOsbXKafULk2JYGWL3mVnBGC8VmhMAtpmpWpbZsAQf8CKv066xJ8R+g JKmC53qAK4+6ye1UPfmBf4Bt8I1YK0X9C7mOzinMj+N3fYcp7pgplc81BBsjcDxC tXLEoxbRgoLB36zMHYpBmmzbneyQ6GXx0zkMjVENKoEKVtIWGeqEO6z0wdSuBbtf vOC5GsyxcnWVetmKiWbUKAxA1MpHX8kKxYGT6M00QT2geSd03Zkbg0ypEt4yxvJ2 Ygh0xI1DUgLQsozeo+JZ5MjtC/UF+2QPdX5k2wwr7TGY/Fd2PR1mVC/0+K5iiMSm Scj/B8UOdBEG1MCmyv4p9Uq94bDAo3o7qpj2dGXj+D+CtE72IbHP0PHxPXrl1XoP FEPmetmoIKQdaz3bWcRWtvMa0k3fOkZLSv6rnxhWs93O7p5iLlZQWHGGEd7b0ylr Z6adskbExNBedJdceYXM8q4ij7usnogyamHJDHAthw+SwweWa9JtKWbGypZ+kXc6 5u9pt5k7dks= =emHf -----END PGP SIGNATURE-----