search

soukron / errata2cv

Satellite 6 - Content View Errata Updater
GNU General Public License v3.0
5 stars 2 forks source link

KeyError: 'pending' when running. #4

Closed dburrell505 closed 6 years ago

dburrell505 commented 6 years ago

[root@sattxsawh10 errata2cv]# ./errata2cv.py --cv RHEL7_CV --severity none,low,moderate,important,critical --propagate --from-date 2018/02/05 --update-hosts NON_PROD 2018-02-08 17:01:04,385 INFO: Processing content-view RHEL7_CV. 2018-02-08 17:01:04,483 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server 2018-02-08 17:01:04,602 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64 2018-02-08 17:01:04,691 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server 2018-02-08 17:01:04,800 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server 2018-02-08 17:01:04,884 INFO: Searching for erratas in repository Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64 2018-02-08 17:01:04,965 INFO: Searching for erratas in repository Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server 2018-02-08 17:01:05,070 INFO: Found RHSA-2018:0279 (Security - Moderate) errata. Reboot suggested: No. 2018-02-08 17:01:05,070 INFO: Selected content-view RHEL7_CV (version 1.0) as baseline to include 1 erratas. 2018-02-08 17:01:05,070 INFO: Publishing incremental content-view version. Traceback (most recent call last): File "./errata2cv.py", line 262, in main() File "./errata2cv.py", line 212, in main while(incremental_update["pending"] != False): KeyError: 'pending'

soukron commented 6 years ago

Hi @dburrell505, thanks for reporting the error. Can you provide the version of Satellite 6 which is being used for this issue? I tested it with Satellite 6.2.10 and something may have change in the task API.

dburrell505 commented 6 years ago 
[root@sattxsawh10 errata2cv]# rpm -qa satellite
satellite-6.2.14-4.0.el7sat.noarch
soukron commented 6 years ago

I should have figured out :) I'll need some time to make my own tests. Please stay tuned.

dburrell505 commented 6 years ago

Apologies for the duplicate issue. How is the testing going? Have you found out anything yet?

soukron commented 6 years ago

Not really, I've been busier than usual. I expect to have anything useful during this week for 6.2.14 and 6.3.

soukron commented 6 years ago

Testing against 6.2.14. Please @dburrell505 can you run the previous command including --debug parameter and attach the result?

Feel free to remove the result of the GET call with the organization information which may contain sensitive data useless for this issue.

soukron commented 6 years ago

It seems a problem sending the request to get new erratas. Since 6.2.12 something is wrong with this script. I'm updating the README file until it's fixed.

soukron commented 6 years ago

Hi again. Please update your version using the latest in master.

Some notes:

If it still reproduces, please send the output of the command with --debug parameter.

dburrell505 commented 6 years ago

Here is the requested information:

[root@sattxsawh10 errata2cv]# ./errata2cv.py --cv RHEL7_CV --type security --propagate --from-date 2018/02/25 --update-hosts DMZ --severity none,low,moderate,important,critical --debug
2018-03-19 14:08:27,847 DEBUG: Looking for organization information.
2018-03-19 14:08:27,847 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/organizations/MYORG
2018-03-19 14:08:28,169 DEBUG: Request result: {"library_id": 1, "hostgroups": [{"title": "RHEL6_NP_HG", "id": 2, "name": "RHEL6_NP_HG"}, {"title": "RHEL6_NP_PUPPET_HG", "id": 6, "name": "RHEL6_NP_PUPPET_HG"}, {"title": "RHEL6_P_HG", "id": 9, "name": "RHEL6_P_HG"}, {"title": "RHEL7_DMZ_HG", "id": 5, "name": "RHEL7_DMZ_HG"}, {"title": "RHEL7_DMZ_PUPPET_HG", "id": 7, "name": "RHEL7_DMZ_PUPPET_HG"}, {"title": "RHEL7_NP_HG", "id": 1, "name": "RHEL7_NP_HG"}, {"title": "RHEL7_NP_PUPPET_HG", "id": 8, "name": "RHEL7_NP_PUPPET_HG"}, {"title": "RHEL7_P_HG", "id": 10, "name": "RHEL7_P_HG"}, {"title": "RHEL7_P_PUPPET_HG", "id": 11, "name": "RHEL7_P_PUPPET_HG"}], "updated_at": "2018-02-14 18:26:20 -0600", "environments": [{"name": "example_env", "id": 7}, {"name": "KT_MYORG_Library_A_PUPPET_CCV_18", "id": 6}, {"name": "KT_MYORG_Library_PUPPET_FORGE_CV_11", "id": 5}, {"name": "KT_MYORG_Library_MYORG_CV_21", "id": 8}, {"name": "KT_MYORG_Library_MYORG_PUPPET_16", "id": 4}, {"name": "NON_PROD", "id": 2}, {"name": "PROD", "id": 1}], "ptables": [{"id": 61, "created_at": "2018-01-29 13:44:20 -0600", "os_family": "Redhat", "updated_at": "2018-01-29 13:44:20 -0600", "name": "Kickstart default"}, {"id": 104, "created_at": "2018-01-31 11:23:58 -0600", "os_family": "Redhat", "updated_at": "2018-01-31 11:25:58 -0600", "name": "MYORG RHEL6 Standard Partition Table"}, {"id": 103, "created_at": "2018-01-31 11:20:53 -0600", "os_family": "Redhat", "updated_at": "2018-01-31 11:26:00 -0600", "name": "MYORG RHEL7 Standard Partition Table"}], "provisioning_templates": [{"template_kind_name": "provision", "template_kind_id": 5, "id": 10, "name": "Atomic Kickstart default"}, {"template_kind_name": "Bootdisk", "template_kind_id": 1, "id": 72, "name": "Boot disk iPXE - generic host"}, {"template_kind_name": "Bootdisk", "template_kind_id": 1, "id": 71, "name": "Boot disk iPXE - host"}, {"template_kind_name": "kexec", "template_kind_id": 11, "id": 82, "name": "Discovery Red Hat kexec"}, {"template_kind_name": null, "template_kind_id": null, "id": 45, "name": "fix_hosts"}, {"template_kind_name": null, "template_kind_id": null, "id": 46, "name": "freeipa_register"}, {"template_kind_name": null, "template_kind_id": null, "id": 47, "name": "http_proxy"}, {"template_kind_name": null, "template_kind_id": null, "id": 76, "name": "idm_register"}, {"template_kind_name": "finish", "template_kind_id": 6, "id": 26, "name": "Kickstart default finish"}, {"template_kind_name": "iPXE", "template_kind_id": 4, "id": 28, "name": "Kickstart default iPXE"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 27, "name": "Kickstart default PXELinux"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 29, "name": "Kickstart default user data"}, {"template_kind_name": null, "template_kind_id": null, "id": 48, "name": "kickstart_networking_setup"}, {"template_kind_name": null, "template_kind_id": null, "id": 50, "name": "puppet.conf"}, {"template_kind_name": "PXEGrub", "template_kind_id": 3, "id": 4, "name": "PXEGrub default local boot"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 5, "name": "PXELinux chain iPXE"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 6, "name": "PXELinux chain iPXE UNDI"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 2, "name": "PXELinux default local boot"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 3, "name": "PXELinux default memdisk"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 1, "name": "PXELinux global default"}, {"template_kind_name": null, "template_kind_id": null, "id": 51, "name": "redhat_register"}, {"template_kind_name": null, "template_kind_id": null, "id": 52, "name": "remote_execution_ssh_keys"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 77, "name": "Satellite Atomic Kickstart Default"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 73, "name": "Satellite Kickstart Default"}, {"template_kind_name": "finish", "template_kind_id": 6, "id": 75, "name": "Satellite Kickstart Default Finish"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 74, "name": "Satellite Kickstart Default User Data"}, {"template_kind_name": null, "template_kind_id": null, "id": 69, "name": "subscription_manager_registration"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 35, "name": "UserData default"}, {"template_kind_name": null, "template_kind_id": null, "id": 107, "name": "MYORG Firewall Services"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 105, "name": "MYORG Satellite Kickstart"}, {"template_kind_name": null, "template_kind_id": null, "id": 106, "name": "MYORG Software Packages"}], "service_levels": ["Premium", "Standard"], "compute_resources": [], "id": 1, "description": "", "parent_name": null, "parameters": [], "owner_details": {"updated": "2018-02-28T20:37:56.912+0000", "displayName": "MYORG", "parentOwner": null, "created": "2018-01-29T19:44:21.268+0000", "logLevel": null, "contentPrefix": "/MYORG/$env", "virt_who": true, "href": "/owners/MYORG", "defaultServiceLevel": null, "key": "MYORG", "autobindDisabled": null, "upstreamConsumer": {"updated": "2018-02-28T20:37:56.564+0000", "name": "MYORG", "created": "2018-02-28T20:37:56.564+0000", "webUrl": "access.redhat.com/management/distributors/", "uuid": "fde02f3b-faf3-4463-81f8-e3177f18bf3a", "apiUrl": "https://subscription.rhn.redhat.com/subscription/consumers/", "ownerId": "OWNERID", "type": {"manifest": true, "id": "1006", "label": "sam"}, "id": "ID", "idCert": {"updated": "2018-02-28T20:37:56.562+0000", "created": "2018-02-28T20:37:56.562+0000", "cert": "----- CERTIFICATE-----\n", "key": "-----RSA PRIVATE KEY-----\n", "serial": {"updated": "2018-02-28T20:37:56.558+0000", "revoked": false, "created": "2018-02-28T20:37:56.558+0000", "expiration": "2019-01-29T19:30:56.000+0000", "collected": false, "serial": SERIAL, "id": ID}, "id": "ID"}}, "id": "OWNERID"}, "media": [{"id": 10, "name": "MYORG/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_6_Server_Kickstart_x86_64_6_9"}, {"id": 13, "name": "MYORG/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_3"}, {"id": 9, "name": "MYORG/Library/Red_Hat_Server/Red_Hat_Enterprise_Linux_7_Server_Kickstart_x86_64_7_4"}, {"id": 11, "name": "MYORG/Library/Red_Hat_Workstation/Red_Hat_Enterprise_Linux_6_Workstation_Kickstart_x86_64_6_9"}, {"id": 12, "name": "MYORG/Library/Red_Hat_Workstation/Red_Hat_Enterprise_Linux_7_Workstation_Kickstart_x86_64_7_4"}], "label": "MYORG", "parent_id": null, "redhat_repository_url": "https://cdn.redhat.com", "select_all_types": ["Domain"], "subnets": [{"network_address": "10.200.130.0/24", "id": 149, "name": "10.200.130.0"}, {"network_address": "192.168.35.0/24", "id": 11, "name": "192.168.35.0"}, {"network_address": "192.168.62.0/24", "id": 12, "name": "192.168.62.0"}, {"network_address": "192.168.65.0/24", "id": 13, "name": "192.168.65.0"}, {"network_address": "192.168.66.0/24", "id": 14, "name": "192.168.66.0"}, {"network_address": "192.168.67.0/24", "id": 15, "name": "192.168.67.0"}, {"network_address": "192.168.68.0/24", "id": 16, "name": "192.168.68.0"}, {"network_address": "192.168.69.0/24", "id": 17, "name": "192.168.69.0"}, {"network_address": "10.214.145.0/24", "id": 5, "name": "10.214.145.0"}, {"network_address": "10.214.127.0/24", "id": 9, "name": "10.214.127.0"}, {"network_address": "10.214.126.0/24", "id": 10, "name": "10.214.126.0"}, {"network_address": "192.168.70.0/24", "id": 18, "name": "192.168.70.0"}, {"network_address": "192.168.71.0/24", "id": 19, "name": "192.168.71.0"}, {"network_address": "192.168.72.0/24", "id": 20, "name": "192.168.72.0"}, {"network_address": "192.168.73.0/24", "id": 21, "name": "192.168.73.0"}, {"network_address": "192.168.74.0/24", "id": 22, "name": "192.168.74.0"}, {"network_address": "192.168.75.0/24", "id": 23, "name": "192.168.75.0"}, {"network_address": "192.168.76.0/24", "id": 24, "name": "192.168.76.0"}, {"network_address": "192.168.77.0/24", "id": 25, "name": "192.168.77.0"}, {"network_address": "192.168.78.0/24", "id": 26, "name": "192.168.78.0"}, {"network_address": "192.168.79.0/24", "id": 27, "name": "192.168.79.0"}, {"network_address": "192.168.80.0/24", "id": 28, "name": "192.168.80.0"}, {"network_address": "10.212.244.0/24", "id": 29, "name": "10.212.244.0"}, {"network_address": "10.212.1.0/24", "id": 30, "name": "10.212.1.0"}, {"network_address": "10.212.2.0/24", "id": 31, "name": "10.212.2.0"}, {"network_address": "10.212.3.0/24", "id": 32, "name": "10.212.3.0"}, {"network_address": "10.212.4.0/24", "id": 33, "name": "10.212.4.0"}, {"network_address": "10.212.5.0/24", "id": 34, "name": "10.212.5.0"}, {"network_address": "10.212.6.0/24", "id": 35, "name": "10.212.6.0"}, {"network_address": "10.212.7.0/24", "id": 36, "name": "10.212.7.0"}, {"network_address": "10.212.8.0/24", "id": 37, "name": "10.212.8.0"}, {"network_address": "10.212.9.0/24", "id": 38, "name": "10.212.9.0"}, {"network_address": "10.212.10.0/24", "id": 39, "name": "10.212.10.0"}, {"network_address": "10.212.11.0/24", "id": 40, "name": "10.212.11.0"}, {"network_address": "10.212.12.0/24", "id": 41, "name": "10.212.12.0"}, {"network_address": "10.212.13.0/24", "id": 42, "name": "10.212.13.0"}, {"network_address": "10.212.14.0/24", "id": 43, "name": "10.212.14.0"}, {"network_address": "10.212.47.0/24", "id": 44, "name": "10.212.47.0"}, {"network_address": "10.212.50.0/24", "id": 45, "name": "10.212.50.0"}, {"network_address": "10.212.51.0/24", "id": 46, "name": "10.212.51.0"}, {"network_address": "10.212.52.0/24", "id": 47, "name": "10.212.52.0"}, {"network_address": "10.212.53.0/24", "id": 48, "name": "10.212.53.0"}, {"network_address": "10.212.54.0/24", "id": 49, "name": "10.212.54.0"}, {"network_address": "10.212.55.0/24", "id": 50, "name": "10.212.55.0"}, {"network_address": "10.212.102.0/24", "id": 51, "name": "10.212.102.0"}, {"network_address": "10.212.104.0/24", "id": 52, "name": "10.212.104.0"}, {"network_address": "10.212.191.0/24", "id": 53, "name": "10.212.191.0"}, {"network_address": "10.212.192.0/24", "id": 54, "name": "10.212.192.0"}, {"network_address": "10.212.193.0/24", "id": 55, "name": "10.212.193.0"}, {"network_address": "10.212.194.0/24", "id": 56, "name": "10.212.194.0"}, {"network_address": "10.212.195.0/24", "id": 57, "name": "10.212.195.0"}, {"network_address": "10.212.197.0/24", "id": 58, "name": "10.212.197.0"}, {"network_address": "10.212.200.0/24", "id": 59, "name": "10.212.200.0"}, {"network_address": "10.212.201.0/24", "id": 60, "name": "10.212.201.0"}, {"network_address": "10.212.203.0/24", "id": 61, "name": "10.212.203.0"}, {"network_address": "10.212.204.0/24", "id": 62, "name": "10.212.204.0"}, {"network_address": "10.212.205.0/24", "id": 63, "name": "10.212.205.0"}, {"network_address": "10.212.206.0/24", "id": 64, "name": "10.212.206.0"}, {"network_address": "10.212.207.0/24", "id": 65, "name": "10.212.207.0"}, {"network_address": "10.212.208.0/24", "id": 66, "name": "10.212.208.0"}, {"network_address": "10.212.209.0/24", "id": 67, "name": "10.212.209.0"}, {"network_address": "10.212.210.0/24", "id": 68, "name": "10.212.210.0"}, {"network_address": "10.212.211.0/24", "id": 69, "name": "10.212.211.0"}, {"network_address": "10.212.212.0/24", "id": 70, "name": "10.212.212.0"}, {"network_address": "10.212.213.0/24", "id": 71, "name": "10.212.213.0"}, {"network_address": "10.212.214.0/24", "id": 72, "name": "10.212.214.0"}, {"network_address": "10.212.220.0/24", "id": 73, "name": "10.212.220.0"}, {"network_address": "10.212.221.0/24", "id": 74, "name": "10.212.221.0"}, {"network_address": "10.212.222.0/24", "id": 75, "name": "10.212.222.0"}, {"network_address": "10.212.223.0/24", "id": 76, "name": "10.212.223.0"}, {"network_address": "10.212.224.0/24", "id": 77, "name": "10.212.224.0"}, {"network_address": "10.212.225.0/24", "id": 78, "name": "10.212.225.0"}, {"network_address": "10.212.226.0/24", "id": 79, "name": "10.212.226.0"}, {"network_address": "10.212.227.0/24", "id": 80, "name": "10.212.227.0"}, {"network_address": "10.212.228.0/24", "id": 81, "name": "10.212.228.0"}, {"network_address": "10.212.229.0/24", "id": 82, "name": "10.212.229.0"}, {"network_address": "10.212.230.0/24", "id": 83, "name": "10.212.230.0"}, {"network_address": "10.212.231.0/24", "id": 84, "name": "10.212.231.0"}, {"network_address": "10.212.232.0/24", "id": 85, "name": "10.212.232.0"}, {"network_address": "10.212.233.0/24", "id": 86, "name": "10.212.233.0"}, {"network_address": "10.212.234.0/24", "id": 87, "name": "10.212.234.0"}, {"network_address": "10.212.235.0/24", "id": 88, "name": "10.212.235.0"}, {"network_address": "10.212.236.0/24", "id": 89, "name": "10.212.236.0"}, {"network_address": "10.212.237.0/24", "id": 90, "name": "10.212.237.0"}, {"network_address": "10.212.238.0/24", "id": 91, "name": "10.212.238.0"}, {"network_address": "10.212.239.0/24", "id": 92, "name": "10.212.239.0"}, {"network_address": "10.212.242.0/24", "id": 93, "name": "10.212.242.0"}, {"network_address": "10.212.251.0/24", "id": 94, "name": "10.212.251.0"}, {"network_address": "10.212.252.0/24", "id": 95, "name": "10.212.252.0"}, {"network_address": "10.214.2.0/24", "id": 96, "name": "10.214.2.0"}, {"network_address": "10.214.10.0/24", "id": 97, "name": "10.214.10.0"}, {"network_address": "10.214.17.0/24", "id": 98, "name": "10.214.17.0"}, {"network_address": "10.214.18.0/24", "id": 99, "name": "10.214.18.0"}, {"network_address": "10.214.19.0/24", "id": 100, "name": "10.214.19.0"}, {"network_address": "10.214.180.0/24", "id": 101, "name": "10.214.180.0"}, {"network_address": "10.214.181.0/24", "id": 102, "name": "10.214.181.0"}, {"network_address": "10.214.182.0/24", "id": 103, "name": "10.214.182.0"}, {"network_address": "10.214.183.0/24", "id": 104, "name": "10.214.183.0"}, {"network_address": "10.214.184.0/24", "id": 105, "name": "10.214.184.0"}, {"network_address": "10.214.185.0/24", "id": 106, "name": "10.214.185.0"}, {"network_address": "10.214.186.0/24", "id": 107, "name": "10.214.186.0"}, {"network_address": "10.214.187.0/24", "id": 108, "name": "10.214.187.0"}, {"network_address": "10.214.188.0/24", "id": 109, "name": "10.214.188.0"}, {"network_address": "10.214.189.0/24", "id": 110, "name": "10.214.189.0"}, {"network_address": "10.214.190.0/24", "id": 111, "name": "10.214.190.0"}, {"network_address": "10.214.191.0/24", "id": 112, "name": "10.214.191.0"}, {"network_address": "10.214.192.0/24", "id": 113, "name": "10.214.192.0"}, {"network_address": "10.214.193.0/24", "id": 114, "name": "10.214.193.0"}, {"network_address": "10.214.194.0/24", "id": 115, "name": "10.214.194.0"}, {"network_address": "10.214.195.0/24", "id": 116, "name": "10.214.195.0"}, {"network_address": "10.214.196.0/24", "id": 117, "name": "10.214.196.0"}, {"network_address": "10.214.197.0/24", "id": 118, "name": "10.214.197.0"}, {"network_address": "10.214.198.0/24", "id": 119, "name": "10.214.198.0"}, {"network_address": "10.214.199.0/24", "id": 120, "name": "10.214.199.0"}, {"network_address": "10.214.200.0/24", "id": 121, "name": "10.214.200.0"}, {"network_address": "10.214.201.0/24", "id": 122, "name": "10.214.201.0"}, {"network_address": "10.214.202.0/24", "id": 123, "name": "10.214.202.0"}, {"network_address": "10.214.231.0/24", "id": 124, "name": "10.214.231.0"}, {"network_address": "10.214.232.0/24", "id": 125, "name": "10.214.232.0"}, {"network_address": "10.214.233.0/24", "id": 126, "name": "10.214.233.0"}, {"network_address": "10.214.234.0/24", "id": 127, "name": "10.214.234.0"}, {"network_address": "10.214.235.0/24", "id": 128, "name": "10.214.235.0"}, {"network_address": "10.214.236.0/24", "id": 129, "name": "10.214.236.0"}, {"network_address": "10.214.237.0/24", "id": 130, "name": "10.214.237.0"}, {"network_address": "10.214.238.0/24", "id": 131, "name": "10.214.238.0"}, {"network_address": "10.214.239.0/24", "id": 132, "name": "10.214.239.0"}, {"network_address": "10.214.204.0/24", "id": 133, "name": "10.214.204.0"}, {"network_address": "10.214.205.0/24", "id": 134, "name": "10.214.205.0"}, {"network_address": "10.214.135.0/24", "id": 1, "name": "10.214.135.0"}, {"network_address": "10.214.207.0/24", "id": 136, "name": "10.214.207.0"}, {"network_address": "10.214.110.0/24", "id": 137, "name": "10.214.110.0"}, {"network_address": "10.214.111.0/24", "id": 138, "name": "10.214.111.0"}, {"network_address": "10.214.112.0/24", "id": 139, "name": "10.214.112.0"}, {"network_address": "10.214.120.0/24", "id": 140, "name": "10.214.120.0"}, {"network_address": "10.214.121.0/24", "id": 141, "name": "10.214.121.0"}, {"network_address": "10.214.122.0/24", "id": 142, "name": "10.214.122.0"}, {"network_address": "10.214.130.0/24", "id": 143, "name": "10.214.130.0"}, {"network_address": "10.214.140.0/24", "id": 144, "name": "10.214.140.0"}, {"network_address": "10.214.115.0/24", "id": 145, "name": "10.214.115.0"}, {"network_address": "10.214.116.0/24", "id": 146, "name": "10.214.116.0"}, {"network_address": "10.214.117.0/24", "id": 147, "name": "10.214.117.0"}, {"network_address": "10.214.125.0/24", "id": 148, "name": "10.214.125.0"}, {"network_address": "10.214.206.0/24", "id": 135, "name": "10.214.206.0"}], "service_level": null, "users": [{"login": "dburrell", "id": 4}, {"login": "LDBHMY", "id": 24}, {"login": "LG2SDJ", "id": 27}, {"login": "LW3Q3M", "id": 25}, {"login": "LJBNDS", "id": 31}, {"login": "L98666", "id": 26}, {"login": "NWS005", "id": 32}], "locations": [{"description": "", "title": "HQ", "id": 2, "name": "HQ"}, {"description": "", "title": "HQ", "id": 2, "name": "HQ"}, {"description": "Westover Hills Datacenter", "title": "WH", "id": 3, "name": "WH"}], "config_templates": [{"template_kind_name": "provision", "template_kind_id": 5, "id": 10, "name": "Atomic Kickstart default"}, {"template_kind_name": "Bootdisk", "template_kind_id": 1, "id": 72, "name": "Boot disk iPXE - generic host"}, {"template_kind_name": "Bootdisk", "template_kind_id": 1, "id": 71, "name": "Boot disk iPXE - host"}, {"template_kind_name": "kexec", "template_kind_id": 11, "id": 82, "name": "Discovery Red Hat kexec"}, {"template_kind_name": null, "template_kind_id": null, "id": 45, "name": "fix_hosts"}, {"template_kind_name": null, "template_kind_id": null, "id": 46, "name": "freeipa_register"}, {"template_kind_name": null, "template_kind_id": null, "id": 47, "name": "http_proxy"}, {"template_kind_name": null, "template_kind_id": null, "id": 76, "name": "idm_register"}, {"template_kind_name": "finish", "template_kind_id": 6, "id": 26, "name": "Kickstart default finish"}, {"template_kind_name": "iPXE", "template_kind_id": 4, "id": 28, "name": "Kickstart default iPXE"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 27, "name": "Kickstart default PXELinux"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 29, "name": "Kickstart default user data"}, {"template_kind_name": null, "template_kind_id": null, "id": 48, "name": "kickstart_networking_setup"}, {"template_kind_name": null, "template_kind_id": null, "id": 50, "name": "puppet.conf"}, {"template_kind_name": "PXEGrub", "template_kind_id": 3, "id": 4, "name": "PXEGrub default local boot"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 5, "name": "PXELinux chain iPXE"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 6, "name": "PXELinux chain iPXE UNDI"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 2, "name": "PXELinux default local boot"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 3, "name": "PXELinux default memdisk"}, {"template_kind_name": "PXELinux", "template_kind_id": 2, "id": 1, "name": "PXELinux global default"}, {"template_kind_name": null, "template_kind_id": null, "id": 51, "name": "redhat_register"}, {"template_kind_name": null, "template_kind_id": null, "id": 52, "name": "remote_execution_ssh_keys"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 77, "name": "Satellite Atomic Kickstart Default"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 73, "name": "Satellite Kickstart Default"}, {"template_kind_name": "finish", "template_kind_id": 6, "id": 75, "name": "Satellite Kickstart Default Finish"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 74, "name": "Satellite Kickstart Default User Data"}, {"template_kind_name": null, "template_kind_id": null, "id": 69, "name": "subscription_manager_registration"}, {"template_kind_name": "user_data", "template_kind_id": 8, "id": 35, "name": "UserData default"}, {"template_kind_name": null, "template_kind_id": null, "id": 107, "name": "MYORG Firewall Services"}, {"template_kind_name": "provision", "template_kind_id": 5, "id": 105, "name": "MYORG Satellite Kickstart"}, {"template_kind_name": null, "template_kind_id": null, "id": 106, "name": "MYORG Software Packages"}], "ancestry": null, "realms": [], "default_content_view_id": 1, "name": "MYORG", "smart_proxies": [{"url": "https://sattxsawh10.MYORG.com:9090", "name": "sattxsawh10.MYORG.com", "id": 1}], "created_at": "2018-01-29 13:44:18 -0600", "title": "MYORG", "domains": [{"id": 2, "name": "corp.MYORG.com"}, {"id": 1, "name": "MYORG.com"}]}
2018-03-19 14:08:28,170 INFO: Processing content-view RHEL7_CV.
2018-03-19 14:08:28,170 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/organizations/1/content_views
2018-03-19 14:08:28,170 DEBUG: Request data: {"search": "name=RHEL7_CV", "nondefault": 1, "noncomposite": 1}
2018-03-19 14:08:28,255 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "name=RHEL7_CV", "results": [{"last_published": "2018-02-13 14:58:02 -0600", "name": "RHEL7_CV", "versions": [{"version": "1.0", "environment_ids": [], "id": 2, "published": "2018-01-30 12:44:00 -0600"}, {"version": "2.0", "environment_ids": [], "id": 121, "published": "2018-02-14 18:08:25 -0600"}, {"version": "3.0", "environment_ids": [1], "id": 137, "published": "2018-02-28 02:00:06 -0600"}, {"version": "3.1", "environment_ids": [], "id": 153, "published": "2018-03-10 22:11:08 -0600"}, {"version": "1.1", "environment_ids": [], "id": 98, "published": "2018-02-13 14:58:02 -0600"}], "composite": false, "created_at": "2018-01-30 10:01:44 -0600", "repositories": [{"label": "Red_Hat_Enterprise_Linux_7_Server_RPMs_x86_64_7Server", "id": 1, "content_type": "yum", "name": "Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server"}, {"label": "Red_Hat_Enterprise_Linux_7_Server_-_Extras_RPMs_x86_64", "id": 2, "content_type": "yum", "name": "Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64"}, {"label": "Red_Hat_Enterprise_Linux_7_Server_-_Optional_RPMs_x86_64_7Server", "id": 3, "content_type": "yum", "name": "Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server"}, {"label": "Red_Hat_Enterprise_Linux_7_Server_-_Supplementary_RPMs_x86_64_7Server", "id": 4, "content_type": "yum", "name": "Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server"}, {"label": "Red_Hat_Software_Collections_RPMs_for_Red_Hat_Enterprise_Linux_7_Server_x86_64_7Server", "id": 30, "content_type": "yum", "name": "Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server"}, {"label": "Red_Hat_Satellite_Tools_6_2_for_RHEL_7_Server_RPMs_x86_64", "id": 5, "content_type": "yum", "name": "Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64"}], "updated_at": "2018-02-28 02:00:06 -0600", "environments": [{"permissions": {"readable": true}, "label": "Library", "id": 1, "name": "Library"}], "label": "RHEL7_CV", "default": false, "component_ids": [], "components": [], "organization": {"id": 1, "name": "MYORG", "label": "MYORG"}, "activation_keys": [], "repository_ids": [1, 2, 3, 4, 30, 5], "puppet_modules": [], "permissions": {"promote_or_remove_content_views": true, "view_content_views": true, "publish_content_views": true, "destroy_content_views": true, "edit_content_views": true}, "id": 2, "next_version": 4, "description": null}], "error": null, "per_page": 200, "total": 14, "subtotal": 1, "page": 1}
2018-03-19 14:08:28,255 DEBUG: Using 2018/02/25 as start date.
2018-03-19 14:08:28,255 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server RPMs x86_64 7Server
2018-03-19 14:08:28,255 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:28,255 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 1, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:28,872 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [{"hosts_applicable_count": 2, "updated": "2018-03-19", "packages": ["firefox-52.7.2-1.el6_9.i686", "firefox-52.7.2-1.el6_9.x86_64", "firefox-52.7.2-1.el7_4.i686", "firefox-52.7.2-1.el7_4.x86_64"], "errata_id": "RHSA-2018:0549", "severity": "Critical", "title": "Critical: firefox security update", "hosts_available_count": 0, "issued": "2018-03-19", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "summary": "An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5146.html", "cve_id": "CVE-2018-5146"}], "reboot_suggested": false, "type": "security", "id": "e63eb875-c284-487f-9fca-ef64e83de9ed", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.7.2 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 1, "updated": "2018-03-15", "packages": ["firefox-52.7.0-1.el7_4.i686", "firefox-52.7.0-1.el7_4.x86_64"], "errata_id": "RHSA-2018:0527", "severity": "Critical", "title": "Critical: firefox security update", "hosts_available_count": 0, "issued": "2018-03-15", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "summary": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5125.html", "cve_id": "CVE-2018-5125"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5127.html", "cve_id": "CVE-2018-5127"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5129.html", "cve_id": "CVE-2018-5129"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5130.html", "cve_id": "CVE-2018-5130"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5131.html", "cve_id": "CVE-2018-5131"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5144.html", "cve_id": "CVE-2018-5144"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5145.html", "cve_id": "CVE-2018-5145"}], "reboot_suggested": false, "type": "security", "id": "f96da796-9767-4130-b998-6dcc180f4bf0", "description": "Mozilla Firefox is an open source web browser.\n\nThis update upgrades Firefox to version 52.7.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125)\n\n* Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07) (CVE-2018-5127)\n\n* Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07) (CVE-2018-5129)\n\n* Mozilla: Mismatched RTP payload type can trigger memory corruption (MFSA 2018-07) (CVE-2018-5130)\n\n* Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources (MFSA 2018-07) (CVE-2018-5131)\n\n* Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07) (CVE-2018-5144)\n\n* Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 0, "updated": "2018-03-13", "packages": ["mailman-2.1.15-26.el7_4.1.x86_64"], "errata_id": "RHSA-2018:0505", "severity": "Moderate", "title": "Moderate: mailman security update", "hosts_available_count": 0, "issued": "2018-03-13", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for mailman is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5950.html", "cve_id": "CVE-2018-5950"}], "reboot_suggested": false, "type": "security", "id": "4b970a2d-a5e3-4234-9ec1-64582d906e29", "description": "Mailman is a program used to help manage e-mail discussion lists.\n\nSecurity Fix(es):\n\n* mailman: Cross-site scripting (XSS) vulnerability in web UI (CVE-2018-5950)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 39, "updated": "2018-03-12", "packages": ["dhclient-4.2.5-58.el7_4.3.x86_64", "dhcp-4.2.5-58.el7_4.3.x86_64", "dhcp-common-4.2.5-58.el7_4.3.x86_64", "dhcp-devel-4.2.5-58.el7_4.3.i686", "dhcp-devel-4.2.5-58.el7_4.3.x86_64", "dhcp-libs-4.2.5-58.el7_4.3.i686", "dhcp-libs-4.2.5-58.el7_4.3.x86_64"], "errata_id": "RHSA-2018:0483", "severity": "Important", "title": "Important: dhcp security update", "hosts_available_count": 0, "issued": "2018-03-12", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for dhcp is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5732.html", "cve_id": "CVE-2018-5732"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5733.html", "cve_id": "CVE-2018-5733"}], "reboot_suggested": false, "type": "security", "id": "57ee76e2-c304-4fde-842f-cecb6c341276", "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732)\n\n* dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues."}, {"hosts_applicable_count": 0, "updated": "2018-03-06", "packages": ["php-5.4.16-43.el7_4.1.x86_64", "php-bcmath-5.4.16-43.el7_4.1.x86_64", "php-cli-5.4.16-43.el7_4.1.x86_64", "php-common-5.4.16-43.el7_4.1.x86_64", "php-dba-5.4.16-43.el7_4.1.x86_64", "php-devel-5.4.16-43.el7_4.1.x86_64", "php-embedded-5.4.16-43.el7_4.1.x86_64", "php-enchant-5.4.16-43.el7_4.1.x86_64", "php-fpm-5.4.16-43.el7_4.1.x86_64", "php-gd-5.4.16-43.el7_4.1.x86_64", "php-intl-5.4.16-43.el7_4.1.x86_64", "php-ldap-5.4.16-43.el7_4.1.x86_64", "php-mbstring-5.4.16-43.el7_4.1.x86_64", "php-mysql-5.4.16-43.el7_4.1.x86_64", "php-mysqlnd-5.4.16-43.el7_4.1.x86_64", "php-odbc-5.4.16-43.el7_4.1.x86_64", "php-pdo-5.4.16-43.el7_4.1.x86_64", "php-pgsql-5.4.16-43.el7_4.1.x86_64", "php-process-5.4.16-43.el7_4.1.x86_64", "php-pspell-5.4.16-43.el7_4.1.x86_64", "php-recode-5.4.16-43.el7_4.1.x86_64", "php-snmp-5.4.16-43.el7_4.1.x86_64", "php-soap-5.4.16-43.el7_4.1.x86_64", "php-xml-5.4.16-43.el7_4.1.x86_64", "php-xmlrpc-5.4.16-43.el7_4.1.x86_64"], "errata_id": "RHSA-2018:0406", "severity": "Moderate", "title": "Moderate: php security update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "summary": "An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-7890.html", "cve_id": "CVE-2017-7890"}], "reboot_suggested": false, "type": "security", "id": "c3ca856c-c3da-4d47-8c5a-909fc29120ee", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function (CVE-2017-7890)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 38, "updated": "2018-03-06", "packages": ["kernel-3.10.0-693.21.1.el7.x86_64", "kernel-abi-whitelists-3.10.0-693.21.1.el7.noarch", "kernel-debug-3.10.0-693.21.1.el7.x86_64", "kernel-debug-devel-3.10.0-693.21.1.el7.x86_64", "kernel-devel-3.10.0-693.21.1.el7.x86_64", "kernel-doc-3.10.0-693.21.1.el7.noarch", "kernel-headers-3.10.0-693.21.1.el7.x86_64", "kernel-tools-3.10.0-693.21.1.el7.x86_64", "kernel-tools-libs-3.10.0-693.21.1.el7.x86_64", "kernel-tools-libs-devel-3.10.0-693.21.1.el7.x86_64", "perf-3.10.0-693.21.1.el7.x86_64", "python-perf-3.10.0-693.21.1.el7.x86_64"], "errata_id": "RHSA-2018:0395", "severity": "Important", "title": "Important: kernel security and bug fix update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "summary": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-12188.html", "cve_id": "CVE-2017-12188"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-7518.html", "cve_id": "CVE-2017-7518"}], "reboot_suggested": true, "type": "security", "id": "1e5bc03a-7dfe-4b8d-bb58-25b7cf82753b", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes, some of which you can see below. Space precludes documenting\nall of these bug fixes in this advisory. To see the complete list of bug\nfixes, users are directed to the related Knowledge Article:\nhttps://access.redhat.com/articles/3368501.\n\nSecurity Fix(es):\n\n* Kernel: KVM: MMU potential stack buffer overrun during page walks (CVE-2017-12188, Important)\n\n* Kernel: KVM: debug exception via syscall emulation (CVE-2017-7518, Moderate)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 0, "updated": "2018-03-06", "packages": ["389-ds-base-1.3.6.1-28.el7_4.x86_64", "389-ds-base-devel-1.3.6.1-28.el7_4.x86_64", "389-ds-base-libs-1.3.6.1-28.el7_4.x86_64", "389-ds-base-snmp-1.3.6.1-28.el7_4.x86_64"], "errata_id": "RHSA-2018:0414", "severity": "Important", "title": "Important: 389-ds-base security and bug fix update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the 389 server service will be restarted automatically.", "summary": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-15135.html", "cve_id": "CVE-2017-15135"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-1054.html", "cve_id": "CVE-2018-1054"}], "reboot_suggested": false, "type": "security", "id": "1c8eb7ef-2585-49ac-a6b7-a803d7200cb3", "description": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054)\n\n* 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-15135 issue was discovered by Martin Poole (Red Hat).\n\nBug Fix(es):\n\n* Previously, if an administrator configured an index for an attribute with a specific matching rule in the \"nsMatchingRule\" parameter, Directory Server did not use the retrieved indexer. As a consequence, Directory Server did not index the values of this attribute with the specified matching rules, and searches with extended filters were unindexed. With this update, Directory Server uses the retrieved indexer that processes the specified matching rule. As a result, searches using extended filters with a specified matching rule are now indexed. (BZ#1536343)"}, {"hosts_applicable_count": 8, "updated": "2018-02-28", "packages": ["ruby-2.0.0.648-33.el7_4.x86_64", "ruby-devel-2.0.0.648-33.el7_4.x86_64", "ruby-doc-2.0.0.648-33.el7_4.noarch", "rubygem-bigdecimal-1.2.0-33.el7_4.x86_64", "rubygem-io-console-0.4.2-33.el7_4.x86_64", "rubygem-json-1.7.7-33.el7_4.x86_64", "rubygem-minitest-4.3.2-33.el7_4.noarch", "rubygem-psych-2.0.0-33.el7_4.x86_64", "rubygem-rake-0.9.6-33.el7_4.noarch", "rubygem-rdoc-4.0.0-33.el7_4.noarch", "rubygems-2.0.14.1-33.el7_4.noarch", "rubygems-devel-2.0.14.1-33.el7_4.noarch", "ruby-irb-2.0.0.648-33.el7_4.noarch", "ruby-libs-2.0.0.648-33.el7_4.i686", "ruby-libs-2.0.0.648-33.el7_4.x86_64", "ruby-tcltk-2.0.0.648-33.el7_4.x86_64"], "errata_id": "RHSA-2018:0378", "severity": "Important", "title": "Important: ruby security update", "hosts_available_count": 0, "issued": "2018-02-28", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-0898.html", "cve_id": "CVE-2017-0898"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0899.html", "cve_id": "CVE-2017-0899"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0900.html", "cve_id": "CVE-2017-0900"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0901.html", "cve_id": "CVE-2017-0901"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0902.html", "cve_id": "CVE-2017-0902"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0903.html", "cve_id": "CVE-2017-0903"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-10784.html", "cve_id": "CVE-2017-10784"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-14033.html", "cve_id": "CVE-2017-14033"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-14064.html", "cve_id": "CVE-2017-14064"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-17405.html", "cve_id": "CVE-2017-17405"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-17790.html", "cve_id": "CVE-2017-17790"}], "reboot_suggested": false, "type": "security", "id": "ea43a29a-2028-4b49-8244-bfeba12400d6", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into downloading files with specially crafted names using the Net::FTP module. (CVE-2017-17405)\n\n* A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter. (CVE-2017-0898)\n\n* It was found that rubygems did not sanitize gem names during installation of a given gem. A specially crafted gem could use this flaw to install files outside of the regular directory. (CVE-2017-0901)\n\n* A vulnerability was found where rubygems did not sanitize DNS responses when requesting the hostname of the rubygems server for a domain, via a _rubygems._tcp DNS SRV query. An attacker with the ability to manipulate DNS responses could direct the gem command towards a different domain. (CVE-2017-0902)\n\n* A vulnerability was found where the rubygems module was vulnerable to an unsafe YAML deserialization when inspecting a gem. Applications inspecting gem files without installing them can be tricked to execute arbitrary code in the context of the ruby interpreter. (CVE-2017-0903)\n\n* It was found that WEBrick did not sanitize all its log messages. If logs were printed in a terminal, an attacker could interact with the terminal via the use of escape sequences. (CVE-2017-10784)\n\n* It was found that the decode method of the OpenSSL::ASN1 module was vulnerable to buffer underrun. An attacker could pass a specially crafted string to the application in order to crash the ruby interpreter, causing a denial of service. (CVE-2017-14033)\n\n* A vulnerability was found where rubygems did not properly sanitize gems' specification text. A specially crafted gem could interact with the terminal via the use of escape sequences. (CVE-2017-0899)\n\n* It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary. (CVE-2017-0900)\n\n* A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory. (CVE-2017-14064)\n\n* The \"lazy_initialize\" function in lib/resolv.rb did not properly process certain filenames. A remote attacker could possibly exploit this flaw to inject and execute arbitrary commands. (CVE-2017-17790)"}, {"hosts_applicable_count": 0, "updated": "2018-02-28", "packages": ["quagga-0.99.22.4-5.el7_4.i686", "quagga-0.99.22.4-5.el7_4.x86_64", "quagga-contrib-0.99.22.4-5.el7_4.x86_64", "quagga-devel-0.99.22.4-5.el7_4.i686", "quagga-devel-0.99.22.4-5.el7_4.x86_64"], "errata_id": "RHSA-2018:0377", "severity": "Important", "title": "Important: quagga security update", "hosts_available_count": 0, "issued": "2018-02-28", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the bgpd daemon must be restarted for the update to take effect.", "summary": "An update for quagga is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5379.html", "cve_id": "CVE-2018-5379"}], "reboot_suggested": false, "type": "security", "id": "30d0118a-ea21-40e1-8911-292195a42e6a", "description": "The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es):\n\n* quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code (CVE-2018-5379)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Quagga project for reporting this issue."}, {"hosts_applicable_count": 0, "updated": "2018-02-26", "packages": ["gcab-0.7-4.el7_4.x86_64", "libgcab1-0.7-4.el7_4.i686", "libgcab1-0.7-4.el7_4.x86_64", "libgcab1-devel-0.7-4.el7_4.i686", "libgcab1-devel-0.7-4.el7_4.x86_64"], "errata_id": "RHSA-2018:0350", "severity": "Important", "title": "Important: gcab security update", "hosts_available_count": 0, "issued": "2018-02-26", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for gcab is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5345.html", "cve_id": "CVE-2018-5345"}], "reboot_suggested": false, "type": "security", "id": "5a1b2029-61e2-40b8-82e9-4868f87e91e5", "description": "The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet (.cab) files.\n\nSecurity Fix(es):\n\n* gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution (CVE-2018-5345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 110, "updated": "2018-02-26", "packages": ["java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-accessibility-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-headless-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el6_9.noarch", "java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el7_4.noarch", "java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el7_4.x86_64"], "errata_id": "RHSA-2018:0349", "severity": "Important", "title": "Important: java-1.7.0-openjdk security update", "hosts_available_count": 110, "issued": "2018-02-26", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.", "summary": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-2579.html", "cve_id": "CVE-2018-2579"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2588.html", "cve_id": "CVE-2018-2588"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2599.html", "cve_id": "CVE-2018-2599"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2602.html", "cve_id": "CVE-2018-2602"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2603.html", "cve_id": "CVE-2018-2603"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2618.html", "cve_id": "CVE-2018-2618"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2629.html", "cve_id": "CVE-2018-2629"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2633.html", "cve_id": "CVE-2018-2633"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2634.html", "cve_id": "CVE-2018-2634"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2637.html", "cve_id": "CVE-2018-2637"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2641.html", "cve_id": "CVE-2018-2641"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2663.html", "cve_id": "CVE-2018-2663"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2677.html", "cve_id": "CVE-2018-2677"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2678.html", "cve_id": "CVE-2018-2678"}], "reboot_suggested": false, "type": "security", "id": "42eef472-c9ab-4c7c-9ca0-f6666b334ce0", "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)"}], "error": null, "per_page": 200, "total": 2603, "subtotal": 11, "page": 1}
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0549 (Security - Critical) errata. Reboot suggested: No.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0527 (Security - Critical) errata. Reboot suggested: No.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0505 (Security - Moderate) errata. Reboot suggested: No.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0483 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0406 (Security - Moderate) errata. Reboot suggested: No.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0395 (Security - Important) errata. Reboot suggested: Yes.
2018-03-19 14:08:28,873 INFO: Found RHSA-2018:0414 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,874 INFO: Found RHSA-2018:0378 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,874 INFO: Found RHSA-2018:0377 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,874 INFO: Found RHSA-2018:0350 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,874 INFO: Found RHSA-2018:0349 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:28,874 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Extras RPMs x86_64
2018-03-19 14:08:28,874 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:28,874 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 2, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:28,955 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [], "error": null, "per_page": 200, "total": 671, "subtotal": 0, "page": 1}
2018-03-19 14:08:28,956 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server
2018-03-19 14:08:28,956 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:28,956 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 3, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:29,145 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [{"hosts_applicable_count": 2, "updated": "2018-03-19", "packages": ["firefox-52.7.2-1.el6_9.i686", "firefox-52.7.2-1.el6_9.x86_64", "firefox-52.7.2-1.el7_4.i686", "firefox-52.7.2-1.el7_4.x86_64"], "errata_id": "RHSA-2018:0549", "severity": "Critical", "title": "Critical: firefox security update", "hosts_available_count": 0, "issued": "2018-03-19", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "summary": "An update for firefox is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5146.html", "cve_id": "CVE-2018-5146"}], "reboot_suggested": false, "type": "security", "id": "e63eb875-c284-487f-9fca-ef64e83de9ed", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 52.7.2 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 1, "updated": "2018-03-15", "packages": ["firefox-52.7.0-1.el7_4.i686", "firefox-52.7.0-1.el7_4.x86_64"], "errata_id": "RHSA-2018:0527", "severity": "Critical", "title": "Critical: firefox security update", "hosts_available_count": 0, "issued": "2018-03-15", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.", "summary": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5125.html", "cve_id": "CVE-2018-5125"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5127.html", "cve_id": "CVE-2018-5127"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5129.html", "cve_id": "CVE-2018-5129"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5130.html", "cve_id": "CVE-2018-5130"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5131.html", "cve_id": "CVE-2018-5131"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5144.html", "cve_id": "CVE-2018-5144"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5145.html", "cve_id": "CVE-2018-5145"}], "reboot_suggested": false, "type": "security", "id": "f96da796-9767-4130-b998-6dcc180f4bf0", "description": "Mozilla Firefox is an open source web browser.\n\nThis update upgrades Firefox to version 52.7.0 ESR.\n\nSecurity Fix(es):\n\n* Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125)\n\n* Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07) (CVE-2018-5127)\n\n* Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07) (CVE-2018-5129)\n\n* Mozilla: Mismatched RTP payload type can trigger memory corruption (MFSA 2018-07) (CVE-2018-5130)\n\n* Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources (MFSA 2018-07) (CVE-2018-5131)\n\n* Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07) (CVE-2018-5144)\n\n* Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 39, "updated": "2018-03-12", "packages": ["dhclient-4.2.5-58.el7_4.3.x86_64", "dhcp-4.2.5-58.el7_4.3.x86_64", "dhcp-common-4.2.5-58.el7_4.3.x86_64", "dhcp-devel-4.2.5-58.el7_4.3.i686", "dhcp-devel-4.2.5-58.el7_4.3.x86_64", "dhcp-libs-4.2.5-58.el7_4.3.i686", "dhcp-libs-4.2.5-58.el7_4.3.x86_64"], "errata_id": "RHSA-2018:0483", "severity": "Important", "title": "Important: dhcp security update", "hosts_available_count": 0, "issued": "2018-03-12", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for dhcp is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5732.html", "cve_id": "CVE-2018-5732"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-5733.html", "cve_id": "CVE-2018-5733"}], "reboot_suggested": false, "type": "security", "id": "57ee76e2-c304-4fde-842f-cecb6c341276", "description": "The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network.\n\nSecurity Fix(es):\n\n* dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732)\n\n* dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank ISC for reporting these issues. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of these issues."}, {"hosts_applicable_count": 0, "updated": "2018-03-06", "packages": ["php-5.4.16-43.el7_4.1.x86_64", "php-bcmath-5.4.16-43.el7_4.1.x86_64", "php-cli-5.4.16-43.el7_4.1.x86_64", "php-common-5.4.16-43.el7_4.1.x86_64", "php-dba-5.4.16-43.el7_4.1.x86_64", "php-devel-5.4.16-43.el7_4.1.x86_64", "php-embedded-5.4.16-43.el7_4.1.x86_64", "php-enchant-5.4.16-43.el7_4.1.x86_64", "php-fpm-5.4.16-43.el7_4.1.x86_64", "php-gd-5.4.16-43.el7_4.1.x86_64", "php-intl-5.4.16-43.el7_4.1.x86_64", "php-ldap-5.4.16-43.el7_4.1.x86_64", "php-mbstring-5.4.16-43.el7_4.1.x86_64", "php-mysql-5.4.16-43.el7_4.1.x86_64", "php-mysqlnd-5.4.16-43.el7_4.1.x86_64", "php-odbc-5.4.16-43.el7_4.1.x86_64", "php-pdo-5.4.16-43.el7_4.1.x86_64", "php-pgsql-5.4.16-43.el7_4.1.x86_64", "php-process-5.4.16-43.el7_4.1.x86_64", "php-pspell-5.4.16-43.el7_4.1.x86_64", "php-recode-5.4.16-43.el7_4.1.x86_64", "php-snmp-5.4.16-43.el7_4.1.x86_64", "php-soap-5.4.16-43.el7_4.1.x86_64", "php-xml-5.4.16-43.el7_4.1.x86_64", "php-xmlrpc-5.4.16-43.el7_4.1.x86_64"], "errata_id": "RHSA-2018:0406", "severity": "Moderate", "title": "Moderate: php security update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted for the update to take effect.", "summary": "An update for php is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-7890.html", "cve_id": "CVE-2017-7890"}], "reboot_suggested": false, "type": "security", "id": "c3ca856c-c3da-4d47-8c5a-909fc29120ee", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function (CVE-2017-7890)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 38, "updated": "2018-03-06", "packages": ["kernel-3.10.0-693.21.1.el7.x86_64", "kernel-abi-whitelists-3.10.0-693.21.1.el7.noarch", "kernel-debug-3.10.0-693.21.1.el7.x86_64", "kernel-debug-devel-3.10.0-693.21.1.el7.x86_64", "kernel-devel-3.10.0-693.21.1.el7.x86_64", "kernel-doc-3.10.0-693.21.1.el7.noarch", "kernel-headers-3.10.0-693.21.1.el7.x86_64", "kernel-tools-3.10.0-693.21.1.el7.x86_64", "kernel-tools-libs-3.10.0-693.21.1.el7.x86_64", "kernel-tools-libs-devel-3.10.0-693.21.1.el7.x86_64", "perf-3.10.0-693.21.1.el7.x86_64", "python-perf-3.10.0-693.21.1.el7.x86_64"], "errata_id": "RHSA-2018:0395", "severity": "Important", "title": "Important: kernel security and bug fix update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "summary": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-12188.html", "cve_id": "CVE-2017-12188"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-7518.html", "cve_id": "CVE-2017-7518"}], "reboot_suggested": true, "type": "security", "id": "1e5bc03a-7dfe-4b8d-bb58-25b7cf82753b", "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes, some of which you can see below. Space precludes documenting\nall of these bug fixes in this advisory. To see the complete list of bug\nfixes, users are directed to the related Knowledge Article:\nhttps://access.redhat.com/articles/3368501.\n\nSecurity Fix(es):\n\n* Kernel: KVM: MMU potential stack buffer overrun during page walks (CVE-2017-12188, Important)\n\n* Kernel: KVM: debug exception via syscall emulation (CVE-2017-7518, Moderate)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 0, "updated": "2018-03-06", "packages": ["389-ds-base-1.3.6.1-28.el7_4.x86_64", "389-ds-base-devel-1.3.6.1-28.el7_4.x86_64", "389-ds-base-libs-1.3.6.1-28.el7_4.x86_64", "389-ds-base-snmp-1.3.6.1-28.el7_4.x86_64"], "errata_id": "RHSA-2018:0414", "severity": "Important", "title": "Important: 389-ds-base security and bug fix update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the 389 server service will be restarted automatically.", "summary": "An update for 389-ds-base is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-15135.html", "cve_id": "CVE-2017-15135"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-1054.html", "cve_id": "CVE-2018-1054"}], "reboot_suggested": false, "type": "security", "id": "1c8eb7ef-2585-49ac-a6b7-a803d7200cb3", "description": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054)\n\n* 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe CVE-2017-15135 issue was discovered by Martin Poole (Red Hat).\n\nBug Fix(es):\n\n* Previously, if an administrator configured an index for an attribute with a specific matching rule in the \"nsMatchingRule\" parameter, Directory Server did not use the retrieved indexer. As a consequence, Directory Server did not index the values of this attribute with the specified matching rules, and searches with extended filters were unindexed. With this update, Directory Server uses the retrieved indexer that processes the specified matching rule. As a result, searches using extended filters with a specified matching rule are now indexed. (BZ#1536343)"}, {"hosts_applicable_count": 0, "updated": "2018-03-06", "packages": ["autocorr-af-5.0.6.2-15.el7_4.noarch", "autocorr-bg-5.0.6.2-15.el7_4.noarch", "autocorr-ca-5.0.6.2-15.el7_4.noarch", "autocorr-cs-5.0.6.2-15.el7_4.noarch", "autocorr-da-5.0.6.2-15.el7_4.noarch", "autocorr-de-5.0.6.2-15.el7_4.noarch", "autocorr-en-5.0.6.2-15.el7_4.noarch", "autocorr-es-5.0.6.2-15.el7_4.noarch", "autocorr-fa-5.0.6.2-15.el7_4.noarch", "autocorr-fi-5.0.6.2-15.el7_4.noarch", "autocorr-fr-5.0.6.2-15.el7_4.noarch", "autocorr-ga-5.0.6.2-15.el7_4.noarch", "autocorr-hr-5.0.6.2-15.el7_4.noarch", "autocorr-hu-5.0.6.2-15.el7_4.noarch", "autocorr-is-5.0.6.2-15.el7_4.noarch", "autocorr-it-5.0.6.2-15.el7_4.noarch", "autocorr-ja-5.0.6.2-15.el7_4.noarch", "autocorr-ko-5.0.6.2-15.el7_4.noarch", "autocorr-lb-5.0.6.2-15.el7_4.noarch", "autocorr-lt-5.0.6.2-15.el7_4.noarch", "autocorr-mn-5.0.6.2-15.el7_4.noarch", "autocorr-nl-5.0.6.2-15.el7_4.noarch", "autocorr-pl-5.0.6.2-15.el7_4.noarch", "autocorr-pt-5.0.6.2-15.el7_4.noarch", "autocorr-ro-5.0.6.2-15.el7_4.noarch", "autocorr-ru-5.0.6.2-15.el7_4.noarch", "autocorr-sk-5.0.6.2-15.el7_4.noarch", "autocorr-sl-5.0.6.2-15.el7_4.noarch", "autocorr-sr-5.0.6.2-15.el7_4.noarch", "autocorr-sv-5.0.6.2-15.el7_4.noarch", "autocorr-tr-5.0.6.2-15.el7_4.noarch", "autocorr-vi-5.0.6.2-15.el7_4.noarch", "autocorr-zh-5.0.6.2-15.el7_4.noarch", "libreoffice-5.0.6.2-15.el7_4.x86_64", "libreoffice-base-5.0.6.2-15.el7_4.x86_64", "libreoffice-bsh-5.0.6.2-15.el7_4.x86_64", "libreoffice-calc-5.0.6.2-15.el7_4.x86_64", "libreoffice-core-5.0.6.2-15.el7_4.x86_64", "libreoffice-draw-5.0.6.2-15.el7_4.x86_64", "libreoffice-emailmerge-5.0.6.2-15.el7_4.x86_64", "libreoffice-filters-5.0.6.2-15.el7_4.x86_64", "libreoffice-gdb-debug-support-5.0.6.2-15.el7_4.x86_64", "libreoffice-glade-5.0.6.2-15.el7_4.x86_64", "libreoffice-graphicfilter-5.0.6.2-15.el7_4.x86_64", "libreoffice-impress-5.0.6.2-15.el7_4.x86_64", "libreofficekit-5.0.6.2-15.el7_4.i686", "libreofficekit-5.0.6.2-15.el7_4.x86_64", "libreofficekit-devel-5.0.6.2-15.el7_4.i686", "libreofficekit-devel-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-af-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ar-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-as-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-bg-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-bn-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-br-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ca-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-cs-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-cy-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-da-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-de-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-dz-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-el-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-en-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-es-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-et-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-eu-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-fa-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-fi-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-fr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ga-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-gl-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-gu-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-he-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-hi-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-hr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-hu-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-it-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ja-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-kk-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-kn-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ko-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-lt-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-lv-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-mai-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ml-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-mr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-nb-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-nl-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-nn-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-nr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-nso-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-or-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-pa-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-pl-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-pt-BR-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-pt-PT-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ro-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ru-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-si-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-sk-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-sl-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-sr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ss-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-st-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-sv-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ta-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-te-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-th-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-tn-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-tr-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ts-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-uk-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-ve-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-xh-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-zh-Hans-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-zh-Hant-5.0.6.2-15.el7_4.x86_64", "libreoffice-langpack-zu-5.0.6.2-15.el7_4.x86_64", "libreoffice-librelogo-5.0.6.2-15.el7_4.x86_64", "libreoffice-math-5.0.6.2-15.el7_4.x86_64", "libreoffice-nlpsolver-5.0.6.2-15.el7_4.x86_64", "libreoffice-officebean-5.0.6.2-15.el7_4.x86_64", "libreoffice-ogltrans-5.0.6.2-15.el7_4.x86_64", "libreoffice-opensymbol-fonts-5.0.6.2-15.el7_4.noarch", "libreoffice-pdfimport-5.0.6.2-15.el7_4.x86_64", "libreoffice-postgresql-5.0.6.2-15.el7_4.x86_64", "libreoffice-pyuno-5.0.6.2-15.el7_4.x86_64", "libreoffice-rhino-5.0.6.2-15.el7_4.x86_64", "libreoffice-sdk-5.0.6.2-15.el7_4.x86_64", "libreoffice-sdk-doc-5.0.6.2-15.el7_4.x86_64", "libreoffice-ure-5.0.6.2-15.el7_4.x86_64", "libreoffice-wiki-publisher-5.0.6.2-15.el7_4.x86_64", "libreoffice-writer-5.0.6.2-15.el7_4.x86_64", "libreoffice-xsltfilter-5.0.6.2-15.el7_4.x86_64"], "errata_id": "RHSA-2018:0418", "severity": "Moderate", "title": "Moderate: libreoffice security update", "hosts_available_count": 0, "issued": "2018-03-06", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of LibreOffice applications must be restarted for this update to take effect.", "summary": "An update for libreoffice is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-6871.html", "cve_id": "CVE-2018-6871"}], "reboot_suggested": false, "type": "security", "id": "1a5351ac-cc56-4402-bf25-193b7a56ad0e", "description": "LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.\n\nSecurity Fix(es):\n\n* libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (CVE-2018-6871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 8, "updated": "2018-02-28", "packages": ["ruby-2.0.0.648-33.el7_4.x86_64", "ruby-devel-2.0.0.648-33.el7_4.x86_64", "ruby-doc-2.0.0.648-33.el7_4.noarch", "rubygem-bigdecimal-1.2.0-33.el7_4.x86_64", "rubygem-io-console-0.4.2-33.el7_4.x86_64", "rubygem-json-1.7.7-33.el7_4.x86_64", "rubygem-minitest-4.3.2-33.el7_4.noarch", "rubygem-psych-2.0.0-33.el7_4.x86_64", "rubygem-rake-0.9.6-33.el7_4.noarch", "rubygem-rdoc-4.0.0-33.el7_4.noarch", "rubygems-2.0.14.1-33.el7_4.noarch", "rubygems-devel-2.0.14.1-33.el7_4.noarch", "ruby-irb-2.0.0.648-33.el7_4.noarch", "ruby-libs-2.0.0.648-33.el7_4.i686", "ruby-libs-2.0.0.648-33.el7_4.x86_64", "ruby-tcltk-2.0.0.648-33.el7_4.x86_64"], "errata_id": "RHSA-2018:0378", "severity": "Important", "title": "Important: ruby security update", "hosts_available_count": 0, "issued": "2018-02-28", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for ruby is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2017-0898.html", "cve_id": "CVE-2017-0898"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0899.html", "cve_id": "CVE-2017-0899"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0900.html", "cve_id": "CVE-2017-0900"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0901.html", "cve_id": "CVE-2017-0901"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0902.html", "cve_id": "CVE-2017-0902"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-0903.html", "cve_id": "CVE-2017-0903"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-10784.html", "cve_id": "CVE-2017-10784"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-14033.html", "cve_id": "CVE-2017-14033"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-14064.html", "cve_id": "CVE-2017-14064"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-17405.html", "cve_id": "CVE-2017-17405"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2017-17790.html", "cve_id": "CVE-2017-17790"}], "reboot_suggested": false, "type": "security", "id": "ea43a29a-2028-4b49-8244-bfeba12400d6", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.\n\nSecurity Fix(es):\n\n* It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into downloading files with specially crafted names using the Net::FTP module. (CVE-2017-17405)\n\n* A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter. (CVE-2017-0898)\n\n* It was found that rubygems did not sanitize gem names during installation of a given gem. A specially crafted gem could use this flaw to install files outside of the regular directory. (CVE-2017-0901)\n\n* A vulnerability was found where rubygems did not sanitize DNS responses when requesting the hostname of the rubygems server for a domain, via a _rubygems._tcp DNS SRV query. An attacker with the ability to manipulate DNS responses could direct the gem command towards a different domain. (CVE-2017-0902)\n\n* A vulnerability was found where the rubygems module was vulnerable to an unsafe YAML deserialization when inspecting a gem. Applications inspecting gem files without installing them can be tricked to execute arbitrary code in the context of the ruby interpreter. (CVE-2017-0903)\n\n* It was found that WEBrick did not sanitize all its log messages. If logs were printed in a terminal, an attacker could interact with the terminal via the use of escape sequences. (CVE-2017-10784)\n\n* It was found that the decode method of the OpenSSL::ASN1 module was vulnerable to buffer underrun. An attacker could pass a specially crafted string to the application in order to crash the ruby interpreter, causing a denial of service. (CVE-2017-14033)\n\n* A vulnerability was found where rubygems did not properly sanitize gems' specification text. A specially crafted gem could interact with the terminal via the use of escape sequences. (CVE-2017-0899)\n\n* It was found that rubygems could use an excessive amount of CPU while parsing a sufficiently long gem summary. A specially crafted gem from a gem repository could freeze gem commands attempting to parse its summary. (CVE-2017-0900)\n\n* A buffer overflow vulnerability was found in the JSON extension of ruby. An attacker with the ability to pass a specially crafted JSON input to the extension could use this flaw to expose the interpreter's heap memory. (CVE-2017-14064)\n\n* The \"lazy_initialize\" function in lib/resolv.rb did not properly process certain filenames. A remote attacker could possibly exploit this flaw to inject and execute arbitrary commands. (CVE-2017-17790)"}, {"hosts_applicable_count": 0, "updated": "2018-02-28", "packages": ["quagga-0.99.22.4-5.el7_4.i686", "quagga-0.99.22.4-5.el7_4.x86_64", "quagga-contrib-0.99.22.4-5.el7_4.x86_64", "quagga-devel-0.99.22.4-5.el7_4.i686", "quagga-devel-0.99.22.4-5.el7_4.x86_64"], "errata_id": "RHSA-2018:0377", "severity": "Important", "title": "Important: quagga security update", "hosts_available_count": 0, "issued": "2018-02-28", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the bgpd daemon must be restarted for the update to take effect.", "summary": "An update for quagga is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5379.html", "cve_id": "CVE-2018-5379"}], "reboot_suggested": false, "type": "security", "id": "30d0118a-ea21-40e1-8911-292195a42e6a", "description": "The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. Quagga supports the BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng protocols, and is intended to be used as a Route Server and Route Reflector.\n\nSecurity Fix(es):\n\n* quagga: Double free vulnerability in bgpd when processing certain forms of UPDATE message allowing to crash or potentially execute arbitrary code (CVE-2018-5379)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank the Quagga project for reporting this issue."}, {"hosts_applicable_count": 0, "updated": "2018-02-26", "packages": ["gcab-0.7-4.el7_4.x86_64", "libgcab1-0.7-4.el7_4.i686", "libgcab1-0.7-4.el7_4.x86_64", "libgcab1-devel-0.7-4.el7_4.i686", "libgcab1-devel-0.7-4.el7_4.x86_64"], "errata_id": "RHSA-2018:0350", "severity": "Important", "title": "Important: gcab security update", "hosts_available_count": 0, "issued": "2018-02-26", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "summary": "An update for gcab is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-5345.html", "cve_id": "CVE-2018-5345"}], "reboot_suggested": false, "type": "security", "id": "5a1b2029-61e2-40b8-82e9-4868f87e91e5", "description": "The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet (.cab) files.\n\nSecurity Fix(es):\n\n* gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution (CVE-2018-5345)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 110, "updated": "2018-02-26", "packages": ["java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-accessibility-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-headless-1.7.0.171-2.6.13.0.el7_4.x86_64", "java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el6_9.noarch", "java-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el7_4.noarch", "java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el6_9.x86_64", "java-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el7_4.x86_64"], "errata_id": "RHSA-2018:0349", "severity": "Important", "title": "Important: java-1.7.0-openjdk security update", "hosts_available_count": 110, "issued": "2018-02-26", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of OpenJDK Java must be restarted for this update to take effect.", "summary": "An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-2579.html", "cve_id": "CVE-2018-2579"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2588.html", "cve_id": "CVE-2018-2588"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2599.html", "cve_id": "CVE-2018-2599"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2602.html", "cve_id": "CVE-2018-2602"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2603.html", "cve_id": "CVE-2018-2603"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2618.html", "cve_id": "CVE-2018-2618"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2629.html", "cve_id": "CVE-2018-2629"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2633.html", "cve_id": "CVE-2018-2633"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2634.html", "cve_id": "CVE-2018-2634"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2637.html", "cve_id": "CVE-2018-2637"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2641.html", "cve_id": "CVE-2018-2641"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2663.html", "cve_id": "CVE-2018-2663"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2677.html", "cve_id": "CVE-2018-2677"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2678.html", "cve_id": "CVE-2018-2678"}], "reboot_suggested": false, "type": "security", "id": "42eef472-c9ab-4c7c-9ca0-f6666b334ce0", "description": "The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit.\n\nSecurity Fix(es):\n\n* A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641)\n\n* It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633)\n\n* The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634)\n\n* It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637)\n\n* It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588)\n\n* It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599)\n\n* It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602)\n\n* It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603)\n\n* It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618)\n\n* It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629)\n\n* It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)\n\n* It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)"}], "error": null, "per_page": 200, "total": 1720, "subtotal": 11, "page": 1}
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0549 (Security - Critical) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0527 (Security - Critical) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0483 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0406 (Security - Moderate) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0395 (Security - Important) errata. Reboot suggested: Yes.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0414 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0418 (Security - Moderate) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0378 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0377 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0350 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Found RHSA-2018:0349 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,147 INFO: Searching for erratas in repository Red Hat Enterprise Linux 7 Server - Supplementary RPMs x86_64 7Server
2018-03-19 14:08:29,147 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:29,148 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 4, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:29,241 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [{"hosts_applicable_count": 0, "updated": "2018-03-07", "packages": ["java-1.7.1-ibm-1.7.1.4.20-1jpp.1.el7.i686", "java-1.7.1-ibm-1.7.1.4.20-1jpp.1.el7.x86_64", "java-1.7.1-ibm-demo-1.7.1.4.20-1jpp.1.el7.x86_64", "java-1.7.1-ibm-devel-1.7.1.4.20-1jpp.1.el7.i686", "java-1.7.1-ibm-devel-1.7.1.4.20-1jpp.1.el7.x86_64", "java-1.7.1-ibm-jdbc-1.7.1.4.20-1jpp.1.el7.x86_64", "java-1.7.1-ibm-plugin-1.7.1.4.20-1jpp.1.el7.x86_64", "java-1.7.1-ibm-src-1.7.1.4.20-1jpp.1.el7.x86_64"], "errata_id": "RHSA-2018:0458", "severity": "Important", "title": "Important: java-1.7.1-ibm security update", "hosts_available_count": 0, "issued": "2018-03-07", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "summary": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-2579.html", "cve_id": "CVE-2018-2579"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2582.html", "cve_id": "CVE-2018-2582"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2588.html", "cve_id": "CVE-2018-2588"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2599.html", "cve_id": "CVE-2018-2599"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2602.html", "cve_id": "CVE-2018-2602"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2603.html", "cve_id": "CVE-2018-2603"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2618.html", "cve_id": "CVE-2018-2618"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2633.html", "cve_id": "CVE-2018-2633"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2634.html", "cve_id": "CVE-2018-2634"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2637.html", "cve_id": "CVE-2018-2637"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2641.html", "cve_id": "CVE-2018-2641"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2657.html", "cve_id": "CVE-2018-2657"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2663.html", "cve_id": "CVE-2018-2663"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2677.html", "cve_id": "CVE-2018-2677"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2678.html", "cve_id": "CVE-2018-2678"}], "reboot_suggested": false, "type": "security", "id": "570089b4-d907-4dd1-bbb6-ce0812ffff5b", "description": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section."}, {"hosts_applicable_count": 0, "updated": "2018-02-26", "packages": ["java-1.8.0-ibm-1.8.0.5.10-1jpp.1.el7.i686", "java-1.8.0-ibm-1.8.0.5.10-1jpp.1.el7.x86_64", "java-1.8.0-ibm-demo-1.8.0.5.10-1jpp.1.el7.x86_64", "java-1.8.0-ibm-devel-1.8.0.5.10-1jpp.1.el7.i686", "java-1.8.0-ibm-devel-1.8.0.5.10-1jpp.1.el7.x86_64", "java-1.8.0-ibm-jdbc-1.8.0.5.10-1jpp.1.el7.x86_64", "java-1.8.0-ibm-plugin-1.8.0.5.10-1jpp.1.el7.x86_64", "java-1.8.0-ibm-src-1.8.0.5.10-1jpp.1.el7.x86_64"], "errata_id": "RHSA-2018:0351", "severity": "Critical", "title": "Critical: java-1.8.0-ibm security update", "hosts_available_count": 0, "issued": "2018-02-26", "solution": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.", "summary": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "cves": [{"href": "https://www.redhat.com/security/data/cve/CVE-2018-2579.html", "cve_id": "CVE-2018-2579"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2582.html", "cve_id": "CVE-2018-2582"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2588.html", "cve_id": "CVE-2018-2588"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2599.html", "cve_id": "CVE-2018-2599"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2602.html", "cve_id": "CVE-2018-2602"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2603.html", "cve_id": "CVE-2018-2603"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2618.html", "cve_id": "CVE-2018-2618"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2633.html", "cve_id": "CVE-2018-2633"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2634.html", "cve_id": "CVE-2018-2634"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2637.html", "cve_id": "CVE-2018-2637"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2638.html", "cve_id": "CVE-2018-2638"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2639.html", "cve_id": "CVE-2018-2639"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2641.html", "cve_id": "CVE-2018-2641"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2663.html", "cve_id": "CVE-2018-2663"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2677.html", "cve_id": "CVE-2018-2677"}, {"href": "https://www.redhat.com/security/data/cve/CVE-2018-2678.html", "cve_id": "CVE-2018-2678"}], "reboot_suggested": false, "type": "security", "id": "4a742ed4-9b11-4e21-98f9-00dc35e3a8ae", "description": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page listed in the References section. (CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)"}], "error": null, "per_page": 200, "total": 40, "subtotal": 2, "page": 1}
2018-03-19 14:08:29,241 INFO: Found RHSA-2018:0458 (Security - Important) errata. Reboot suggested: No.
2018-03-19 14:08:29,241 INFO: Found RHSA-2018:0351 (Security - Critical) errata. Reboot suggested: No.
2018-03-19 14:08:29,241 INFO: Searching for erratas in repository Red Hat Software Collections RPMs for Red Hat Enterprise Linux 7 Server x86_64 7Server
2018-03-19 14:08:29,241 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:29,241 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 30, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:29,319 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [], "error": null, "per_page": 200, "total": 438, "subtotal": 0, "page": 1}
2018-03-19 14:08:29,319 INFO: Searching for erratas in repository Red Hat Satellite Tools 6.2 for RHEL 7 Server RPMs x86_64
2018-03-19 14:08:29,319 DEBUG: Request: GET https://sattxsawh10.MYORG.com/katello/api/v2/errata
2018-03-19 14:08:29,319 DEBUG: Request data: {"search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "repository_id": 5, "paged": false, "errata_restrict_applicable": false, "errata_restrict_installable": false}
2018-03-19 14:08:29,390 DEBUG: Request result: {"sort": {"by": null, "order": null}, "search": "(type = security) and (severity = None or severity = Low or severity = Moderate or severity = Important or severity = Critical) and updated > '2018/02/25'", "results": [], "error": null, "per_page": 200, "total": 16, "subtotal": 0, "page": 1}
2018-03-19 14:08:29,391 DEBUG: Skipping content-view RHEL7_CV (version 1.0): Not in Library.
2018-03-19 14:08:29,391 DEBUG: Skipping content-view RHEL7_CV (version 2.0): Not in Library.
2018-03-19 14:08:29,391 INFO: Selected content-view RHEL7_CV (version 3.0) as baseline to include 14 erratas.
2018-03-19 14:08:29,391 DEBUG: Skipping content-view RHEL7_CV (version 3.1): Not in Library.
2018-03-19 14:08:29,391 DEBUG: Skipping content-view RHEL7_CV (version 1.1): Not in Library.
2018-03-19 14:08:29,391 INFO: Publishing incremental content-view version.
2018-03-19 14:08:29,391 DEBUG: Request: POST https://sattxsawh10.MYORG.com/katello/api/v2/content_view_versions/incremental_update
2018-03-19 14:08:29,391 DEBUG: Request data: "{\"resolve_dependencies\": 1, \"add_content\": {\"errata_ids\": [\"RHSA-2018:0351\", \"RHSA-2018:0549\", \"RHSA-2018:0418\", \"RHSA-2018:0378\", \"RHSA-2018:0458\", \"RHSA-2018:0349\", \"RHSA-2018:0483\", \"RHSA-2018:0377\", \"RHSA-2018:0505\", \"RHSA-2018:0350\", \"RHSA-2018:0395\", \"RHSA-2018:0406\", \"RHSA-2018:0414\", \"RHSA-2018:0527\"]}, \"content_view_version_environments\": [{\"content_view_version_id\": 98, \"environment_ids\": [1]}], \"propagate_all_composites\": 1}"
2018-03-19 14:08:29,529 DEBUG: Request result: {"displayMessage": "Content View Version 98 not in all specified environments Library", "errors": ["Content View Version 98 not in all specified environments Library"]}
Traceback (most recent call last):
  File "./errata2cv.py", line 262, in <module>
    main()
  File "./errata2cv.py", line 212, in main
    while(incremental_update["pending"] != False):
KeyError: 'pending'
dburrell505 commented 6 years ago

That was the results of the old script. The newly updated script works perfectly.

Thanks!