Bug 849224
Summary: | The thin server on sam installations will listen on all ip addresses, should listen on localhost only. | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Eric Sammons <esammons> |
Component: | Installation | Assignee: | Katello Bug Bin <katello-bugs> |
Status: | CLOSED ERRATA | QA Contact: | Og Maciel <omaciel> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 6.0.0 | CC: | dmacpher, lzap, mmccune, omaciel |
Target Milestone: | Unspecified | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
The thin web server for System Engine listened to all IP addresses, which opened System Engine to vulnerabilities. This fix configures the thin web server to listen only to localhost.
|
Story Points: | --- |
Clone Of: | 843625 | Environment: | |
Last Closed: | 2012-12-04 19:53:37 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 843625 | ||
Bug Blocks: |
Description
Eric Sammons
2012-08-17 18:12:03 UTC
Correcting component to katello-configure. Taking. # ps -ef|grep thin root 9750 18414 0 16:47 pts/3 00:00:00 grep thin katello 18107 1 1 16:22 ? 00:00:23 thin server (127.0.0.1:5000) katello 18111 1 1 16:22 ? 00:00:21 thin server (127.0.0.1:5001) Verified using: * candlepin-0.7.8-1.el6cf.noarch * candlepin-selinux-0.7.8-1.el6cf.noarch * candlepin-tomcat6-0.7.8-1.el6cf.noarch * katello-1.1.12-7.el6cf.noarch * katello-all-1.1.12-7.el6cf.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.1.8-1.el6cf.noarch * katello-cli-1.1.8-4.el6cf.noarch * katello-cli-common-1.1.8-4.el6cf.noarch * katello-common-1.1.12-7.el6cf.noarch * katello-configure-1.1.9-3.el6cf.noarch * katello-glue-candlepin-1.1.12-7.el6cf.noarch * katello-glue-pulp-1.1.12-7.el6cf.noarch * katello-qpid-broker-key-pair-1.0-1.noarch * katello-qpid-client-key-pair-1.0-1.noarch * katello-selinux-1.1.1-1.el6cf.noarch * pulp-1.1.12-1.el6cf.noarch * pulp-common-1.1.12-1.el6cf.noarch * pulp-selinux-server-1.1.12-1.el6cf.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-1543.html |