Foreman 1.10.0 released

Foreman 1.10.0 (final) is now released, with enhancements to the host
management and creation user interfaces and to the smart proxy with
the introduction of DNS plugins.

Thank you to the mass of people who put the release together. We've
had over a hundred individuals contribute code to the release and lots
of excellent testing of the release candidates.

Read on for more about the contents of the release, or skip towards
the button for upgrade and installation information.

Headline features

··· ================= A new button to rebuild DNS, DHCP and TFTP configs has been added to the UI and API, which will help in cases where records have been lost due to server rebuilds or other issues.

More detailed host statuses are available, with an extensible
mechanism for plugins to be able to add to the green/yellow/red status
shown on the host list and dashboard.

Lots of host and host group cloning enhancements and fixes are present
in this release, so virtual machine details, Puppet class associations
and more are copied correctly, among other improvements.

Creating hosts with host groups, but changing and unsetting certain
inherited attributes has become easier with new “inherit” buttons.
Similarly, passwords already saved can be removed now.

The smart proxy DNS module has been overhauled, and is now extensible.
New PowerDNS and Route 53 plugins are available already!

Parameter management has seen a few improvements, particularly in the
Puppet class edit form. The host and host group parameters tabs have
improved tooltips and layout fixes to improve readability.

More information and videos available at:
http://theforeman.org/manuals/1.10/index.html#Headlinefeatures

A full list of the changes in Foreman 1.10 is in our release notes:
http://theforeman.org/manuals/1.10/index.html#Releasenotesfor1.10

Security fixes

Two minor security issues (CVEs) are fixed in this release.

CVE-2015-7518: parameter information popup allows stored XSS
Affects all modern Foreman versions

CVE-2015-5282: parameter hide checkbox allows stored XSS during change
Affects Foreman 1.7.0 or higher

More information is available at Foreman :: Security
about both vulnerabilities.

Upgrading or installing

When upgrading, follow these instructions and please take note of any
known issues, we’ll update the manual if they arise.
http://theforeman.org/manuals/1.10/index.html#3.6Upgrade

If you’re installing a new test instance, follow the quickstart:
http://theforeman.org/manuals/1.10/index.html#2.Quickstart

Packages may be found in the 1.10 directories on both deb.foreman.org
and yum.theforeman.org, and tarballs are on downloads.theforeman.org.
Foreman 1.10 adds Debian packages for armhf (v7).

The GPG key used for RPMs and tarballs has the following fingerprint:
9EFD 673A 649D 77F5 C615 44AC C1B2 621D BE67 E9DA
(Foreman :: Security)

Bug reporting

If you come across a bug, please file it and note the version of
Foreman that you’re using in the report.

Foreman: Foreman
Proxy: Foreman
Installer:
Foreman


Dominic Cleal
dominic@cleal.org