Bug 1469267 - need updated rubygem-rake
need updated rubygem-rake
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Packaging (Show other bugs)
All Linux
medium Severity medium (vote)
: Unspecified
: --
Assigned To: Adam Price
Katello QA List
: PrioBumpField, PrioBumpGSS, Triaged
Depends On:
  Show dependency treegraph
Reported: 2017-07-10 15:00 EDT by Nithin Thomas
Modified: 2018-06-15 18:37 EDT (History)
12 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
hotfix RPM for RHEL 7 (91.16 KB, application/x-rpm)
2018-01-31 12:47 EST, Mike McCune
no flags Details

  None (edit)
Description Nithin Thomas 2017-07-10 15:00:56 EDT
package installed from rhel-7-server-satellite-capsule-6.2-rpms:


But the following errata are available from rhel-7-server-optional-rpms:

# yum list-sec --enablerepo=rhel-7-server-optional-rpms | grep rubygem-rake

RHSA-2014:1912 Moderate/Sec.  rubygem-rake-0.9.6-22.el7_0.noarch
RHBA-2015:0594 bugfix         rubygem-rake-0.9.6-24.el7.noarch
RHBA-2015:1158 bugfix         rubygem-rake-0.9.6-25.el7_1.noarch
RHEA-2016:2422 enhancement    rubygem-rake-0.9.6-29.el7.noarch

we are currently shipping rubygem-rake- which is outdated and vulnerable to the above CVE.

We need to get an updated version of this rubygem into Satellite 6.2
Comment 12 Mike McCune 2018-01-31 12:46:40 EST

For users who need to update rubygem-rake to remove warnings around RHSA-2014:1912 you can utilize the attached hotfix package in this bug.


1) download rubygem-rake-0.9.6-30.el7.noarch.rpm from this bug and copy to Satellite server

2) yum upgrade ./rubygem-rake-0.9.6-30.el7.noarch.rpm

3) katello-service restart
Comment 13 Mike McCune 2018-01-31 12:47 EST
Created attachment 1389116 [details]
hotfix RPM for RHEL 7
Comment 16 Mike McCune 2018-03-08 10:05:09 EST
The above hotfix in comment #12 can be applied to Satellite 6.3+ as well.
Comment 18 Mike McCune 2018-04-27 13:48:54 EDT
yes, feel free to get the updated rubygem-rake-0.9.6-33 from 


Note You need to log in before you can comment on or make changes to this bug.