Foreman 1.2.3 security fix release

Showing 1-1 of 1 messages
Foreman 1.2.3 security fix release Dominic Cleal 10/7/13 5:14 AM
Foreman 1.2.3 has been released to fix a security issue.  We recommend
users update as soon as possible.  The security issue resolved was:

1. SQL injection in host and host group overrides/matcher associations
   CVE identifier: CVE-2013-4386
   Issue tracker:

Authenticated access to Foreman is required to exploit it.

Two packaging bugs were fixed, see the release notes for full details:

This release only contains an update to Foreman itself, not the smart
proxy or other projects.

==== Packages ====
From 1.2.x, simply upgrade packages from our repositories to version

Package repos are available here:

Tarballs available here:

==== Reporting issues ====
If you have any issues, please follow the usual support process and file
bugs in redmine.

Support information:

Dominic Cleal
Red Hat Engineering