Katello 2.4.2 and 2.3.1 security and bugfix releases

Hello all,

I'd like to announce two releases, Katello 2.4.2 and a minor update to
Katello 2.3.1.

The main purpose of these updates was a security vulnerability
CVE-2016-3072 (Bug #14381: CVE-2016-3072 Authenticated sql injection via sort_by and sort_attr parameters - Katello - Foreman).

Special thanks to Oliver Gruskovnjak for reporting it!

Other fixes as part of 2.4.2 include:

The release notes will be updated later today.

Upgrade instructions:
2.4: http://www.katello.org/docs/2.4/upgrade/index.html
2.3: http://www.katello.org/docs/2.3/upgrade/index.html

Thanks again to all our users and testers!

-Justin Sherrill