Foreman 1.14.0-RC2 is now available for testing - a small update to the
earlier release candidate with additional fixes that were shipped in the
parallel 1.13.3 release.
Please help by testing and getting it release-ready, and look out for
new release candidates approximately every two weeks with the latest bug
Installation quick start:
This is also a good time to improve translations for existing locales to
ensure full coverage. Help out at
Changes in this release
···======================= This release contains many varied changes, including:
- Email configuration has moved into the settings UI/API
- IPv6 address assignment or generation for hosts on compute resources
- Orgs/locations can be assigned to LDAP users on creation
- Session support in the API via cookies
- Smart Proxy’s MS DHCP provider now uses a native API
- Smart Proxy’s Puppet importer uses a new Puppet Server API
Testing of these particular changes is quite important for the release,
but many other features and bug fixes can be found listed in the release
notes by category.
Please have a look through for anything that you might rely on and give
it a test:
Two lower priority security issues have also been fixed in this release:
- CVE-2016-7077: information disclosure from association lists shown
- CVE-2016-8634: organizations/locations wizard may run stored XSS in name
Lastly, do take note of the upgrade warnings and deprecations in this
Packages may be found in the 1.14 directories on both deb.foreman.org
and yum.theforeman.org, and tarballs are on downloads.theforeman.org.
The GPG key used for RPMs and tarballs has the following fingerprint:
AF74 2A91 BF76 6333 E9FF 5EAA BFE5 1511 F06D 8950
(Foreman :: Security)
If you come across a bug in your testing, please file it and note the
version of Foreman that you’re using in the report.