Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1126961 - Satellite 6 does not provide a way to search content based on CVE/MITRE/OVAL data
Summary: Satellite 6 does not provide a way to search content based on CVE/MITRE/OVAL ...
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Content Management
Version: Unspecified
Hardware: Unspecified
OS: Unspecified
Target Milestone: Unspecified
Assignee: Justin Sherrill
QA Contact: jcallaha
Depends On: 1124992
TreeView+ depends on / blocked
Reported: 2014-08-05 18:24 UTC by Rich Jerrido
Modified: 2017-02-23 21:08 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2015-08-12 05:13:32 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1592 0 normal SHIPPED_LIVE Important: Red Hat Satellite 6.1.1 on RHEL 6 2015-08-12 09:04:35 UTC

Description Rich Jerrido 2014-08-05 18:24:39 UTC
Description of problem:

Satellite 6 doesn't provide a means to search for a erratum based upon a CVE identifier, such as CVE-2014-3145. 

Searching by this very easily gave the ability to determine:
* What Red Hat Security Advisory (RHSA) does this map back to 
* and (most importantly) What systems are affected by the vulnerability

This capability is used very heavily by existing Satellite 5 customers & not having this capability will be seen as a fairly large regression.

Comment 1 RHEL Program Management 2014-08-05 18:34:01 UTC
Since this issue was entered in Red Hat Bugzilla, the release flag has been
set to ? to ensure that it is properly evaluated for this release.

Comment 3 Tom McKay 2014-08-05 18:45:29 UTC

*** This bug has been marked as a duplicate of bug 1124992 ***

Comment 4 Tom McKay 2014-08-05 20:01:47 UTC
Adding 1124992 as a "depends on" but it's really just related.

Comment 5 Stephen Benjamin 2014-12-02 14:01:54 UTC
Errata can now be searched by CVE, e.g. "cve = CVE-2014-1111"

Fixed upstream in katello|2ef156aad07963f3f19553010d40b67cde7e1866

Comment 8 jcallaha 2015-04-02 17:44:44 UTC
Verified by QE on version Satellite-6.1.0-RHEL-7-20150331.1

Comment 9 Bryan Kearney 2015-08-11 13:32:02 UTC
This bug is slated to be released with Satellite 6.1.

Comment 10 errata-xmlrpc 2015-08-12 05:13:32 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.