[SECURITY] Fedora EPEL 6 Update: cobbler-2.6.3-1.el6
updates at fedoraproject.org
updates at fedoraproject.org
Thu Aug 7 11:47:57 UTC 2014
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-1961
2014-07-20 17:22:04
--------------------------------------------------------------------------------
Name : cobbler
Product : Fedora EPEL 6
Version : 2.6.3
Release : 1.el6
URL : http://www.cobblerd.org/
Summary : Boot server configurator
Description :
Cobbler is a network install server. Cobbler supports PXE, ISO
virtualized installs, and re-installing existing Linux machines.
The last two modes use a helper tool, 'koan', that integrates with
cobbler. There is also a web interface 'cobbler-web'. Cobbler's
advanced features include importing distributions from DVDs and rsync
mirrors, kickstart templating, integrated yum mirroring, and built-in
DHCP/DNS Management. Cobbler has a XMLRPC API for integration with
other applications.
--------------------------------------------------------------------------------
Update Information:
Update to 2.6.3 for CVE-2014-3225
Update to 2.6.2:
- Add EL7 (RHEL/CentOS) to distro signatures
- Add CloudLinux6 support to distro signatures
- Minor update to CSS; make better use of screen (tables)
- pre_install_network_config: only use slaves with a valid MAC address
- Remove colon from VLAN regex pattern
- Improve exception logging in BootCLI (Issue 148)
- Item.set_name optimizations
- Minor improvement to LDAP configuration (Issue 217)
- Add a distro_signature for Ubuntu 14.04
- Improve performance of the "cobbler sync" operation
- Add support for a wget repo breed
- Improve support for running inside chroot() and/or containers
- Added missing docs to the RPM packages
- Fixed typos in default kickstart files
- Initial support for Nexenta 4: distro import and manual PXE booting
- Added support for ESXi 6
- Added a config setting (always_write_dhcp_entries) to always write DHCP entries regardless of netboot setting
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1095844 - CVE-2014-3225 cobbler: local file inclusion over remote installs
https://bugzilla.redhat.com/show_bug.cgi?id=1095844
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update cobbler' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the epel-package-announce
mailing list