tl;dr: if you installed tfm-rubygem-safemode 1.3.2, either update your templates to not use "&:" in Ruby blocks, or downgrade to 1.3.1.
In case you've recently upgraded, the 1.3.2 version of Safemode (rubygem-safemode) was put on the 1.15 repos a few days ago. This version includes a security patch to make the jail more secure. (https://github.com/svenfuchs/safemode/pull/23/files) However - our templates supplied by default, contain some code incompatible with this change, namely line 53 here: https://github.com/theforeman/community-templates/blob/d2b82a88fdf8ccdf2dc278161df1e80f406de6ee/provisioning_templates/provision/kickstart_default.erb#L53 If you are using "&:", please start using other options such as .each, .map, etc... to ensure compatibility with 1.15.3, which will ship with 1.3.2 safemode and the security patch. I have removed safemode 1.3.2 from our 1.15 repos, so new installs or upgrades will not be affected. Shoutouts to afisher for warning about this on #theforeman IRC today. On 07/13, Daniel Lobato Garcia wrote: > Foreman 1.15.2 is now available with bug fixes for fifteen issues, > notably problems when the fix_db_cache setting was set, Foreman has > been unable to boot in some cases. > > Please see the release notes for the full list of changes: > https://theforeman.org/manuals/1.15/#Releasenotesfor1.15.2 > > It is likely that a 1.15.3 will follow suit in two weeks or less, to > harden the release. Please report any bugs using our tracker (see the > Bug reporting section of this email). > > Information > =========== > For installation or upgrade instructions, see: > > Installation quick start: > https://theforeman.org/manuals/1.15/quickstart_guide.html > > Upgrade instructions: > https://theforeman.org/manuals/1.15/index.html#3.6Upgrade > > Release notes: > https://theforeman.org/manuals/1.15/index.html#Releasenotesfor1.15 > > Do take note of the upgrade warnings and deprecations in this release: > https://theforeman.org/manuals/1.15/index.html#Upgradewarnings > > > Downloads > ========= > Packages may be found in the 1.15 directories on both deb.foreman.org > and yum.theforeman.org, and tarballs are on downloads.theforeman.org. > > The GPG key used for RPMs and tarballs has the following fingerprint: > 6610 7FC8 658F F702 E849 9AC4 17A3 FD24 9A8D AAD5 > (https://theforeman.org/security.html#GPGkeys) > > > Bug reporting > ============= > If you come across a bug, please file it and note the version of > Foreman > that you're using in the report. > > Foreman: http://projects.theforeman.org/projects/foreman/issues/new > Proxy: > http://projects.theforeman.org/projects/smart-proxy/issues/new > Installer: > http://projects.theforeman.org/projects/puppet-foreman/issues/new > > > Best, > > -- > Daniel Lobato Garcia > > @dLobatog > blog.daniellobato.me > daniellobato.me > > GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30 > Keybase: https://keybase.io/elobato -- Daniel Lobato Garcia @dLobatog blog.daniellobato.me daniellobato.me GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30 Keybase: https://keybase.io/elobato -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: PGP signature
