Foreman 1.7.4 security and bug fix release

Foreman 1.7.4 has been released with a security fix and some bug &
regression fixes.

The security issue was:
CVE-2015-1816: SSL certificate not verified on LDAP connections

When making an SSL connection to an LDAP authentication source in
Foreman, the remote server certificate is accepted without any
verification against known certificate authorities.

Affects Foreman 1.3.0 and higher

More information available at Foreman :: Security

The notable bug fix for this release is in the ENC support for YAML and
JSON smart class parameters, which stopped working properly in 1.7.3.

Full release notes for all of the bug fixes are on the website here:
http://theforeman.org/manuals/1.7/index.html#Releasenotesfor1.7.4
http://projects.theforeman.org/rb/release/36

==== Upgrading ====
Fully supported with package upgrades from both 1.6 and 1.7.

When upgrading, follow these instructions and please take note of the
known issues and warnings (especially Ubuntu 12.04 users):
http://theforeman.org/manuals/1.7/index.html#3.6Upgrade
http://theforeman.org/manuals/1.7/index.html#Deprecationwarnings

If you're installing a new test instance, follow the quickstart:
http://theforeman.org/manuals/1.7/index.html#2.Quickstart

Packages may be found in the 1.7 directories on both deb.foreman.org and
yum.theforeman.org, and tarballs are on downloads.theforeman.org.

The GPG key used for RPMs and tarballs has the following fingerprint:
730A 9338 F93E E729 2EAC 2052 4C25 8BD4 2D76 2E88
(Foreman :: Security)

Bug reporting

I forgot to note that users affected by this security issue should be
sure to add their LDAP server's SSL certificate to their server's trust
store when upgrading Foreman as it will now be verified.

Please See
http://theforeman.org/manuals/1.7/index.html#4.1.1LDAPAuthentication
instructions, or follow the link in the release notes.