[Pulp-list] Pulp 2.8.2 has been released!
Sean Myers
sean.myers at redhat.com
Wed Apr 6 21:26:35 UTC 2016
Pulp 2.8.2 has been published to the stable repositories:
https://repos.fedorapeople.org/repos/pulp/pulp/stable/2.8/
Changes
=======
Pulp 2.8.2 addresses a security vulnerability that was found after the
announcement of the 2.8.1 release candidate. More information about this
vulnerability, including upgrade instructions, can be found at
the following address:
http://www.openwall.com/lists/oss-security/2016/04/06/3
Satellite users are unaffected by this vulnerability:
https://access.redhat.com/security/cve/cve-2016-3095
(It's currently in the reserved state, but should be opened up shortly.)
From the access.redhat.com CVE page:
"This issue did not affect the versions of pulp as shipped with Red Hat
Satellite 6.x and Red Hat Update Infrastructure 2.x as they did not include
support for pulp-gen-ca-certificate."
Notes
=====
This was discovered after the 2.8.1 release candidate was published, so
the fastest way for us to get this out the door was a rapid-fire hotfix
release. This is a unique situation; two releases of the same pulp minor
version in two days is exceptional and should not become the norm.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20160406/e42289e6/attachment.sig>
More information about the Pulp-list
mailing list