Foreman 3.11 Release Notes

Custom certificates will override server CA with default CA on foreman-proxy-content scenario - #37817

Disconnected upgrade fails to switch postgresql dnf module - #37874

Host Creation via GraphQL only as Admin - #37765

Invalid MAC address error message appears twice while editing interface - #37651

not all webpack assets are properly invalidated on change - #37775

FFI 1.17.0+ requires Rubygems 3.3.22+ for installation, breaking Ruby 2.7 source installs - #37607

Plugins are finalized before seeds are executed - #37503

Connection reset by peer - SSL_connect when access to content/product menu - #37713

intermittent host_js integeration test failure: test_0002_correctly override global params " Expected false to be truthy." - #37774

nic_managed factory can create an IP outside of its subnet - #37711

Template render error when host has .ics domain name - #37623

Help page should not link libera chat anymore after the migration to matrix - #37086

CVE-2024-7923: Authentication bypass in Pulpcore - #37787

CVE-2024-7012: Authentication bypass in Foreman - #37786

Create Katello push repositories as needed at container push time - #37455

CV promote fails with undefined method `get_status' for nil:NilClass when deleting a Host in the CV during Finalize phase of the Promote task - #37543

Slow smart proxy sync in 4.11 - #37356

Katello should be able to handle subscription-manager environments --set - #37618

RHEL Lifecycle Status tests failing because RHEL8 full support is now ended - #37533

Trace_status = reboot_needed not working after upgrade to 4.12 - #37354

Migrate sha1 repos only at the next edit time - #37609

Pulp never purge the completed tasks - #37521

Registry doesn't 404 for v2 clients trying to search - #37504

'Bind entitlements to an allocation' task fails with wrong number of arguments (given 1, expected 0) (ArgumentError) - #37571

Upgrade pulp-rpm to 3.26 - #37622

load js correctly in smart_proxies - #37539

Remove 'query-string' JS dependency - #37112

Report renderer tests fail depending on the libyaml version - #37613

HostCommon.crypt_passwords reencrypts Base64 based passwords for Grub, leading to errors - #37610

Change Linux password hashing default from sha256 to sha512 - #36650

Invalid value for Integer(): “#Resolv::DNS::Resource::IN::A:0x00007fnnnnnnnnn” - #37621

--content-view-filter-id only works for ID-type filters - #37394

API endpoint for activation_keys/:id/product_content should be TRUE by default - #37350

Change the default setting for "Limit to environment" on the activationkey and content host pages to true - #37214

Fix ACS randomly failing VCR tests - #37277

Allow pushing container images to Pulp without indexing - #37302

`podman login` against the container registry returns 500 intermittently - #37218

asterisk symbol is missing for required field - #37482

Content view publish failing with katello_repository_rpms_id_seq reached maximum value error - #37403

Content view repositories link points to broken link on composite view UI - #37269

Newly imported content views show as needs publish - #37254

Allow repairing content view versions - #37237

[RFE Block content view publishing during repository publication tasks] - #37139

Very slow content view list loading - #36976

Python content not getting published to versions - #36611

Container gateway needs to send ACCEPT headers from podman to Pulp - #37399

Allow granular repair functionality for capsules - #37258

SmartProxy Content Sync should offer Verify Content Checksum - #36803

Improve displayed filter rules info in hammer - #37181

Fetching Host's details does not scale wrt Hosts Collections - #37346

Add Setting to disable validation of host/lifecycle environment/content source coherence - #37400

Add bulk CV/LCE assignment to new All Hosts page - #37336

Add Katello column(s) to new host index page - #37309

katello:clean_backend_objects false alarms on systems with >1500 clients when PUTing customer facts - #37283

Error undefined method `repository_url' when trying to use composed images for system deployments - #37268

Link of Upgradable Content for Debian/Ubuntu is misaligned on Hosts page - #37267

Hostgroup not showing associated Kickstart Repository in edit - #37197

Remove the setting 'upload_profiles_without_dynflow' - #37195

undefined method `family' for nil:NilClass after cloning a rhel8 host - #37178

Managing a Hosts Repository Sets does not behave as expected - #37169

Update Checkin time for ESXi hypervisors from virt-who report - #37162

Postgresql logs contain PG::UniqueViolation: ERROR: duplicate key value violates unique constraint "katello_available_module_streams_name_stream_context" - #37137

Offer a hint in the UI about how to get 'Synced Content' available - #36992

When cloning a hostgroup the fields content source content view and lifecycle are empty - #35215

content export actions are failing in ruby 3 - #37381

cdn_ssl_version Setting enforces at most TLS1.0 version - #36979

Use with_enabled_email scope instead of handcrafting the query all over the place - #37192

Cannot create report "Host - All Installed Packages" for hosts running Debian/Ubuntu - #37198

SCA-Only: Remove Subscription-Entitlement notification - #37170

Repository synchronization progress does not get updated in real time on Satellite Web UI's "Content ---> Sync Status" page - RHEL8 Satellite 6.16 - #37442

Upgrade pulp-container bindings to 2.20 - #37414

Fix typo for container_repository_name in metadata_generate_needed? - #37408

Create a rake script that reindexes manifests with label information - #37407

Add Include Refs and Exclude Refs options for OSTree repository type - #37383

Container push can fail with a different JSON error - #37380

Index Pulp manifest annotations, labels, is_bootable, is_flatpak and expose them via API - #37379

Fix Katello (or maybe BATS) -- orphan cleanup tries deleting distributed repo versions - #37371

Product level Verify checksum action spawns unessasary checksum tasks for cloned repositories of the root repository - #37259

Registry Service Accounts token is not accepted in "Upstream Authentication Token" of a docker repo - #37238

Red Hat products that were never synced are reporting last synced time - #31318

Content Exporter role is missing the create_content_views permission - #37430

Org still holds stale cached manifest expiration date after manifest import/refresh - #37481

subscription-manager release --unset doesn't reset the client information on foreman - #37358

As a user I want to be warned before the manifest (upstream consumer identity certificate) will expire, and have a notification to refresh the manifest. - #37271

As a user, when I refresh my manifest the expiration date of the identity certificate will get renewed, so that I am never caught with an expired manifest. - #37266

Remove SCA-related API endpoints and params - #37226

Update tests to stop using https://fixtures.pulpproject.org/rpm-zchunk/ - #37187

Upgrade pulpcore to 3.49 - #37301

update ak results in hostgroup - #37476

Update TableWrapper to comply with changes in SelectAllCheckbox - #37378

refactor ak in hostgroups to react - #37370

Change content source screen is still confusing coming from host edit - #37313

Invalid PropType errors when selecting a content source on Change Content Source form - #37303

Duplicate repositories in content view versions warning is always active - #37240

Use dnf needs-restarting to collect tracer information - #36973

API 'build_pxe_default' is broken when a taxonomy is passed - #37439

Provide hardware versions for VMWare VSphere 8.0 and 8.0U2 - #37244

VMWare Guest OS list is outdated - #36023

Upgrade to PostgreSQL 13 on EL8 - #37208

Fix Style/GlobalStdStream cop - #37432

rake snapshots:generate is broken - #37422

Generate Rocky 8 & 9 snapshots for provisioning templates - #37337

drop bookworm/sid workaround now that bookworm is released - #37484

Creating a host without a comment and then editing it and submitting without any changes creates an update audit record for the nil->'' transition of comment - #37224

Hostgroup facets are not cloned when cloning hostgroup - #37179

Provide multiple repositories when you want to register a host - #37440

Domain is not removed in the details page when the DNS is not configured/enabled in the installer - #37231

Provide registration before & after snippets - #37189

Use subscription-manager for Debian-based hosts - #33664

Incorrect translation in registration command validation - #37490

Update fast_gettext to ~> 2.1 - #36574

Edit comment from host details - #37443

Implement customizable columns to display on the new All Hosts page - #37293

New hosts index - Change content source link has no href - #37248

results.map should appear directly in HostsIndex index.js - #37247

use host_details_ui in React context - #37489

Prevent XSS issue for katello angular pages - #37437

Webpack - Prevent react duplicates in core - #37391

Drop unused typeToIcon function - #37387

Drop toggleRowGroup and filter_permissions functions - #37386

Drop check_all_roles and uncheck_all_roles event handlers - #37385

always use cached manifest json to find webpack chunks, not only for JS - #37353

Webpack assets not compressed after Webpack 5 migration - #37344

@redhat-cloud-services/frontend-components-utilities@4.0.8 breaks compatibility with NodeJS 14 - #37312

remove unused typeAheadSelect - #37280

_victoryCore.Helpers.isFunction is not a function - #37255

Webpack - Prevent foreman core duplicates in plugins - #37252

Add main action button to PermissionDenied component - #37236

Generic table on TableIndexPage always shows actions kebab, even if empty - #37233

Allow rdoc 6.4 on Ruby 3.1 - #35463

Iterate on hashes when both key and value are used - #37287

Facets with hostgroup inherit override host-specific facet values - #37043

A lot of dynflow deprecation warning because of sidekiq config.options usage - #37444

Remove timed_cache_store.rb - #37436

Drop Host - Vulnerabilities report - #37515

Execution interface is not resepected in in Ansible Inventory report template - #37374

Getting "undefined method '#id' for NilClass::Jail (NilClass)" error when generating Ansible inventory report - #37215

Remove Subscription-Entitlement report - #37167

default_$taxonomy setting descriptions only mention Puppet instead of all facts - #37488

foreman_bootdisk templates not seeded - #37421

Add current time macro - #37282

Use PostgreSQL 13 in tests - #37241

Don't use the Kickstart rhsm for RHEL 9 - #37461

Foreman and Anaconda are not in sync when deploying RHEL9: both keyfiles/snippets and ifcfg-xxx files are generated - #37367

kickstart_kernel_options deprecation warning - ks param on rhel8 - #37343

Ubuntu 22.04.3 needs adaption user-data template - #37011

Add Clevis/Tang disk encryption template - #36885

Debian boot_file_sources uses transform_vars but preseed_path does not - #36830

Enable connectefi scsi for grub2 by default - #36691

kickstart's RHSM line only works on RHEL hosts - #36525

Unable to modify "manage column" in path "hosts -> all hosts" while using custom roles - #37463

Allow pagelets on User and Usergroups edit page - #37002

Provide a scope for email-notification-eligible users - #36891

Use nightly for links to manual in Foreman develop - #37434

Add more control over SelectAllCheckbox - #37307

Drop upload functionality from foreman-debug - #37406

During upgrade to Katello 4.11 issues are seen with Candlepin keystore when using FIPS - #37384

Support PostgreSQL database for smart_proxy_container_gateway - #37325

REMOTE_USER is unset by Apache for Pulpcore Registry when it shouldn't be - #37308

Retire foreman-hooks from installer - #37296

Support for Avatars broken by ProxyPass - #37211

Use rubocop cmdline parameters according to version 0.80.1 - #37393

Exclude all subdirectories for vendor in .rubocop.yaml - #37392

Puppet server ciphers updated in 2.0 but old ciphers can remain in answers - #37306

Default PostgreSQL password encryption to SCRAM - #37297

Add gitlab CI config - #37261

Upgrade to PostgreSQL 13 on EL8 - #37177

Make katello-certs-check verify if the CA bundle has any certificates with trust rules - #37063

Patch puma to fix chunked upload issue - #37419

Drop keycloak-httpd-client-install from EL9 - #37334

Katello::Errors::Pulp3Error: module 'createrepo_c' has no attribute 'SHA1' - #37332

Use PostgreSQL 13 module in Foreman's modular metadata on EL8 - #37210

Creating a DHCP host can cause an IPv6 address to be looked up - #37355

Free IPs service is not started for MS DHCP - #37450

Smart Proxy TFTP fetching writes out broken files on HTTP errors - #37147

Tests fail inside docker container - #37413