Project

General

Profile

Bug #26571

CVE-2019-3845 - Add ACLs around Qpid QMF

Added by Jonathon Turel almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
High
Assignee:
Jonathon Turel
Category:
Foreman modules
Target version:
Foreman - 1.22.0
Difficulty:
Triaged:
Yes
Bugzilla link:
1685588
Pull request:
https://github.com/theforeman/puppet-foreman_proxy_content/pull/197, https://github.com/theforeman/puppet-katello/pull/283, https://github.com/theforeman/puppet-foreman_proxy_content/pull/201, https://github.com/theforeman/puppet-qpid/pull/120, https://github.com/theforeman/puppet-katello/pull/285, https://github.com/theforeman/foreman-installer/pull/341
Fixed in Releases:
Foreman - 1.21.3, Foreman - 1.22.0
Found in Releases:
Red Hat JIRA:

Associated revisions

Revision 6946aa8d (diff)
Added by Jonathon Turel almost 4 years ago

Refs #26571 - Support ACL file & router auth

Revision d5f45bb9 (diff)
Added by Jonathon Turel almost 4 years ago

Refs #26571 - Add dispatch router auth

Revision fb380464 (diff)
Added by Jonathon Turel almost 4 years ago

Refs #26571 - Add Qpid ACL file

History

#1 Updated by Jonathon Turel almost 4 years ago

  • Target version deleted (Katello 3.12.0)
  • Project changed from Katello to Installer

#2 Updated by The Foreman Bot almost 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-qpid/pull/120 added

#3 Updated by The Foreman Bot almost 4 years ago

  • Pull request https://github.com/theforeman/puppet-katello/pull/283 added

#4 Updated by The Foreman Bot almost 4 years ago

  • Pull request https://github.com/theforeman/puppet-foreman_proxy_content/pull/197 added

#5 Updated by Jonathon Turel almost 4 years ago

To test (assumes forklifted dev env):

- follow forklift docs (https://github.com/theforeman/forklift/blob/master/docs/development.md#test-puppet-module-pull-requests) to test the linked PRs
- 'vagrant provision centos7-katello-devel'
- verify that /etc/qpid/qpid.acl is populated according to the PR
- verify that /etc/qpid-dispatch/qdrouter.conf "connector" has sasl-mechanism PLAIN, sasl-username katello_agent and sasl-password that resembles a password
- verify that services qpidd and qdrouterd are running properly
- register a client, verify that package actions can be performed as usual

#6 Updated by Jonathon Turel almost 4 years ago

  • Bugzilla link set to 1685588

#7 Updated by Jonathon Turel almost 4 years ago

  • Priority changed from Normal to High

#8 Updated by Ewoud Kohl van Wijngaarden almost 4 years ago

  • Triaged changed from No to Yes
  • Target version set to 1.22.0
  • Status changed from Ready For Testing to Closed
  • Category set to Foreman modules
  • Fixed in Releases 1.22.0 added

#9 Updated by The Foreman Bot almost 4 years ago

  • Pull request https://github.com/theforeman/foreman-installer/pull/341 added

#10 Updated by The Foreman Bot almost 4 years ago

  • Pull request https://github.com/theforeman/puppet-katello/pull/285 added

#11 Updated by Tomer Brisker almost 4 years ago

  • Fixed in Releases 1.21.3 added

#12 Updated by Tomer Brisker almost 4 years ago

  • Subject changed from Add ACLs around Qpid QMF to CVE-2019-3845 - Add ACLs around Qpid QMF

#13 Updated by The Foreman Bot almost 4 years ago

  • Pull request https://github.com/theforeman/puppet-foreman_proxy_content/pull/201 added

Also available in: Atom PDF