Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 486
Alerts This Week
Warning Icon 1 486

RHSA-2018:2927-01 Important: Red Hat Satellite 6.4 Security Fixes

red hat
Calendar Grey October 16, 2018
Dist Redhat Esm H88
Oracle Cloud Infrastructure 3.1 release now out, featuring critical performance enhancements and stability adjustments for Ubuntu 20.04 users.
An update is now available for Red Hat Satellite 6.4 for RHEL 7

Solution

For detailed instructions how to apply this update, refer to:

https://docs.redhat.com/en/documentation/red_hat_satellite/6.4/html/upgrading_and_updating_red_hat_satellite/index

Summary

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* hornetq: XXE/SSRF in XPath selector (CVE-2015-3208)
* bouncycastle: Information disclosure in GCMBlockCipher (CVE-2015-6644)
* bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data (CVE-2016-1000338)
* bouncycastle: Information leak in AESFastEngine class (CVE-2016-1000339)
* bouncycastle: Information exposure in DSA signature generation via timing attack (CVE-2016-1000341)
* bouncycastle: ECDSA improper validation of ASN.1 encoding of signature (CVE-2016-1000342)
* bouncycastle: DHIES implementation allowed the use of ECB mode (CVE-2016-1000344)
* bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack (CVE-2016-1000345)
* bouncycastle: Other party DH public keys are not fully validated (CVE-2016-1000346)
* bouncycastle: ECIES implementation allowed the use of ECB mode (CVE-2016-1000352)
* logback: Serialization vulnerability in SocketServer and ServerSocketReceiver (CVE-2017-5929)
* python-django: Open redirect and possible XSS attack via user-supplied numeric redirect URLs (CVE-2017-7233)
* hibernate-validator: Privilege escalation when running under the security manager (CVE-2017-7536)
* puppet: Environment leakage in puppet-agent (CVE-2017-10690)
* Satellite 6: XSS in discovery rule filter autocomplete functionality (CVE-2017-12175)
* foreman: Stored XSS in fact name or value (CVE-2017-15100)
* pulp: sensitive credentials revealed through the API (CVE-2018-1090)
* foreman: SQL injection due to improper handling of the widget id parameter (CVE-2018-1096)
* foreman: Ovirt admin password exposed by foreman API (CVE-2018-1097)
* django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc' (CVE-2018-7536)
* django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html' (CVE-2018-7537)
* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)
* bouncycastle: Carry propagation bug in math.raw.Nat??? class (CVE-2016-1000340)
* bouncycastle: DSA key pair generator generates a weak private key by default (CVE-2016-1000343)
* puppet: Unpacking of tarballs in tar/mini.rb can create files with insecure permissions (CVE-2017-10689)
* bouncycastle: BKS-V1 keystore files vulnerable to trivial hash collisions (CVE-2018-5382)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; and the Django project for reporting CVE-2017-7233, CVE-2018-7536, and CVE-2018-7537. The CVE-2017-7536 issue was discovered by Gunnar Morling (Red Hat); and the CVE-2018-1096 issue was discovered by Martin Povolny (Red Hat). Red Hat would also like to thank David Jorm (IIX Product Security) for reporting CVE-2015-3208.
Additional Changes:
This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

References

https://access.redhat.com/security/cve/CVE-2015-3208 https://access.redhat.com/security/cve/CVE-2015-6644 https://access.redhat.com/security/cve/CVE-2016-1000338 https://access.redhat.com/security/cve/CVE-2016-1000339 https://access.redhat.com/security/cve/CVE-2016-1000340 https://access.redhat.com/security/cve/CVE-2016-1000341 https://access.redhat.com/security/cve/CVE-2016-1000342 https://access.redhat.com/security/cve/CVE-2016-1000343 https://access.redhat.com/security/cve/CVE-2016-1000344 https://access.redhat.com/security/cve/CVE-2016-1000345 https://access.redhat.com/security/cve/CVE-2016-1000346 https://access.redhat.com/security/cve/CVE-2016-1000352 https://access.redhat.com/security/cve/CVE-2017-5929 https://access.redhat.com/security/cve/CVE-2017-7233 https://access.redhat.com/security/cve/CVE-2017-7536 https://access.redhat.com/security/cve/CVE-2017-10689 https://access.redhat.com/security/cve/CVE-2017-10690 https://access.redhat.com/security/cve/CVE-2017-12175 https://access.redhat.com/security/cve/CVE-2017-15095 https://access.redhat.com/security/cve/CVE-2017-15100 https://access.redhat.com/security/cve/CVE-2018-1090 https://access.redhat.com/security/cve/CVE-2018-1096 https://access.redhat.com/security/cve/CVE-2018-1097 Read the Full Advisory

Package List

Red Hat Satellite Capsule 6.4:
Source: SOAPpy-0.11.6-17.el7.src.rpm ansiblerole-insights-client-1.5-1.el7sat.src.rpm createrepo_c-0.7.4-1.el7sat.src.rpm foreman-1.18.0.37-1.el7sat.src.rpm foreman-bootloaders-redhat-201801241201-3.el7sat.src.rpm foreman-installer-1.18.0.2-1.el7sat.src.rpm foreman-proxy-1.18.0.1-1.el7sat.src.rpm foreman-selinux-1.18.0.1-1.el7sat.src.rpm gofer-2.12.1-1.el7sat.src.rpm hfsplus-tools-332.14-12.el7.src.rpm katello-3.7.0-8.el7sat.src.rpm katello-certs-tools-2.4.0-2.el7sat.src.rpm katello-client-bootstrap-1.6.0-1.el7sat.src.rpm katello-installer-base-3.7.0.10-1.el7sat.src.rpm katello-selinux-3.0.3-2.el7sat.src.rpm kobo-0.5.1-1.el7sat.src.rpm libstemmer-0-2.585svn.el7sat.src.rpm libwebsockets-2.1.0-3.el7.src.rpm livecd-tools-20.4-1.6.el7sat.src.rpm mod_xsendfile-0.12-10.el7sat.src.rpm mongodb-2.6.11-2.el7sat.src.rpm ostree-2017.1-2.atomic.el7.src.rpm pulp-2.16.4.1-1.el7sat.src.rpm pulp-docker-3.1.4.1-1.el7sat.src.rpm pulp-katello-1.0.2-5.el7sat.src.rpm pulp-ostree-1.3.0-1.el7sat.src.rpm pulp-puppet-2.16.4-3.el7sat.src.rpm pulp-rpm-2.16.4.1-5.el7sat.src.rpm puppet-agent-5.5.0-2.el7sat.src.rpm puppet-agent-oauth-0.5.1-3.el7sat.src.rpm puppet-foreman_scap_client-0.3.16-3.el7sat.src.rpm puppetlabs-stdlib-4.2.1-1.20140510git08b00d9.el7sat.src.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2018:2927-01
Product: Red Hat Satellite 6
Issue date: 2018-10-16

Topic

An update is now available for Red Hat Satellite 6.4 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Satellite 6.4 - noarch, x86_64

Red Hat Satellite Capsule 6.4 - noarch, x86_64

Bugs Fixed

1052713 - [RFE] Need additional supported database deployment options for Satellite 6 installation: such as External Postgres (and Managed Postgres?)

1060745 - [RFE] Protection from Brute Force Password Attacks

1155817 - [RFE] Improve auditing and externalize audit logs

1177766 - [RFE] Republish composite content views on republished component content view

1197650 - [RFE] Default User role that can also save bookmarks

1225252 - CVE-2015-3208 hornetq: XXE/SSRF in XPath selector

1260733 - [RFE] Include a "Description/Comment" field to identify networks in large environments

1265533 - [RFE] katello-certs-check to distinguish between Satellite and Capsule

1291730 - [RFE] Separate Smart variables and Smart parameters in Host/HostGroup -> Parameters tab.

1295741 - [RFE] Update mongodb to 3.X

1312098 - [RFE] Satellite 6 should ship with larger default configurations to support large client installs

1328707 - [RFE] make it possible to run katello-remove unattended

1349150 - [RFE] Comment field for host groups

1356517 - [RFE] Rebase fog-aws gem to add Govcloud region

1357256 - [RFE] Allow special characters in user name on Satellite 6.x

1372468 - [RFE] Please add a link from the Infrastructure->Subnets page for each subnet to a report which shows all hosts using this subnet

1372731 - [RFE] Hammer should provide commands for showing host's ENC YAML

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.