Foreman 1.5.2 released

We've released Foreman 1.5.2 with lots of bug fixes, one security issue
fixed and small enhancements.

The security issue was:
Stored cross site scripting (XSS) in operating system names
CVE identifier: CVE-2014-3531
Redmine issue: Bug #6580: CVE-2014-3531 - XSS in operating system name / description - Foreman
Affects all known Foreman versions

Notable changes include:

  • Proxy errors with DHCP reservations fixed
  • Access to power/console buttons for non-admin users fixed
  • Puppet directory environments are now searched for modules

Please take a moment to browse the full release notes in our maunal:

==== Upgrading ====
Fully supported with package upgrades from both 1.4 and 1.5.

Packages are in / under the "1.5"
directories or components.

Please read the instructions here:

Remember that since the security incident in July 2014, our packages are
signed with a different GPG key to previous releases. Read the
following announcement for the commands you need to update them:!topic/foreman-announce/BiIT784Mb7Q

ยทยทยท -- Dominic Cleal Red Hat Engineering