tl;dr: if you installed tfm-rubygem-safemode 1.3.2, either update your templates to not use "&:" in Ruby blocks, or downgrade to 1.3.1.
In case you've recently upgraded, the 1.3.2 version of Safemode (rubygem-safemode) was put on the 1.15 repos a few days ago. This version includes a security patch to make the jail more secure. (https://github.com/svenfuchs/safemode/pull/23/files) However - our templates supplied by default, contain some code incompatible with this change, namely line 53 here: https://github.com/theforeman/community-templates/blob/d2b82a88fdf8ccdf2dc278161df1e80f406de6ee/provisioning_templates/provision/kickstart_default.erb#L53 If you are using "&:", please start using other options such as .each, .map, etc... to ensure compatibility with 1.15.3, which will ship with 1.3.2 safemode and the security patch. I have removed safemode 1.3.2 from our 1.15 repos, so new installs or upgrades will not be affected. Shoutouts to afisher for warning about this on #theforeman IRC today. On 07/13, Daniel Lobato Garcia wrote: > Foreman 1.15.2 is now available with bug fixes for fifteen issues, > notably problems when the fix_db_cache setting was set, Foreman has > been unable to boot in some cases. > > Please see the release notes for the full list of changes: > https://theforeman.org/manuals/1.15/#Releasenotesfor1.15.2 > > It is likely that a 1.15.3 will follow suit in two weeks or less, to > harden the release. Please report any bugs using our tracker (see the > Bug reporting section of this email). > > Information > =========== > For installation or upgrade instructions, see: > > Installation quick start: > https://theforeman.org/manuals/1.15/quickstart_guide.html > > Upgrade instructions: > https://theforeman.org/manuals/1.15/index.html#3.6Upgrade > > Release notes: > https://theforeman.org/manuals/1.15/index.html#Releasenotesfor1.15 > > Do take note of the upgrade warnings and deprecations in this release: > https://theforeman.org/manuals/1.15/index.html#Upgradewarnings > > > Downloads > ========= > Packages may be found in the 1.15 directories on both deb.foreman.org > and yum.theforeman.org, and tarballs are on downloads.theforeman.org. > > The GPG key used for RPMs and tarballs has the following fingerprint: > 6610 7FC8 658F F702 E849 9AC4 17A3 FD24 9A8D AAD5 > (https://theforeman.org/security.html#GPGkeys) > > > Bug reporting > ============= > If you come across a bug, please file it and note the version of > Foreman > that you're using in the report. > > Foreman: http://projects.theforeman.org/projects/foreman/issues/new > Proxy: > http://projects.theforeman.org/projects/smart-proxy/issues/new > Installer: > http://projects.theforeman.org/projects/puppet-foreman/issues/new > > > Best, > > -- > Daniel Lobato Garcia > > @dLobatog > blog.daniellobato.me > daniellobato.me > > GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30 > Keybase: https://keybase.io/elobato -- Daniel Lobato Garcia @dLobatog blog.daniellobato.me daniellobato.me GPG: http://keys.gnupg.net/pks/lookup?op=get&search=0x7A92D6DD38D6DE30 Keybase: https://keybase.io/elobato -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscr...@googlegroups.com. To post to this group, send email to foreman-users@googlegroups.com. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
signature.asc
Description: PGP signature
