Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 429
Alerts This Week
Warning Icon 1 429

RedHat: RHSA-2019-1223-01 Important: Security Update for Satellite Tools

red hat
Calendar Grey May 14, 2019
Dist Redhat Esm H88
Discover the important security update for Red Hat Satellite Tools 6.5, addressing CVE-2019-3845 vulnerabilities. Act now!
An update is now available for Satellite Tools 6.5

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.
This update provides the Satellite 6.5 Tools repositories. For the full list of new features provided by Satellite 6.5, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.5 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6.
All users who require Satellite version 6.5 are advised to install these new packages.
Security Fix(es):
* qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

https://access.redhat.com/security/cve/CVE-2019-3845 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en/documentation/red_hat_satellite/6.5/html/release_notes/index

Package List

Satellite Tools 6.5 (v. 5.9.AUS Server):
Source: gofer-2.11.9-1.el5.src.rpm katello-host-tools-3.5.0-2.el5.src.rpm pulp-2.18.1.1-1.el5.src.rpm pulp-rpm-2.18.1.5-1.el5.src.rpm puppet-agent-5.5.12-1.el5.src.rpm python-hashlib-20081119-7.el5sat.src.rpm python-isodate-0.5.0-4.pulp.el5.src.rpm python-uuid-1.30-4.el5.src.rpm qpid-proton-0.9-16.el5.src.rpm
i386: puppet-agent-5.5.12-1.el5.i386.rpm python-hashlib-20081119-7.el5sat.i386.rpm python-hashlib-debuginfo-20081119-7.el5sat.i386.rpm python-qpid-proton-0.9-16.el5.i386.rpm qpid-proton-c-0.9-16.el5.i386.rpm qpid-proton-debuginfo-0.9-16.el5.i386.rpm
noarch: gofer-2.11.9-1.el5.noarch.rpm katello-agent-3.5.0-2.el5.noarch.rpm katello-host-tools-3.5.0-2.el5.noarch.rpm katello-host-tools-fact-plugin-3.5.0-2.el5.noarch.rpm pulp-rpm-handlers-2.18.1.5-1.el5.noarch.rpm python-gofer-2.11.9-1.el5.noarch.rpm python-gofer-proton-2.11.9-1.el5.noarch.rpm python-isodate-0.5.0-4.pulp.el5.noarch.rpm python-pulp-agent-lib-2.18.1.1-1.el5.noarch.rpm python-pulp-common-2.18.1.1-1.el5.noarch.rpm python-pulp-rpm-common-2.18.1.5-1.el5.noarch.rpm python-uuid-1.30-4.el5.noarch.rpm
s390x: python-hashlib-20081119-7.el5sat.s390x.rpm python-hashlib-debuginfo-20081119-7.el5sat.s390x.rpm python-qpid-proton-0.9-16.el5.s390x.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2019:1223-01
Product: Red Hat Satellite Tools
Issue date: 2019-05-14

Topic

An update is now available for Satellite Tools 6.5.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Relevant Releases Architectures

Satellite Tools 6.5 (v. 5.9.AUS Server) - i386, noarch, s390x, x86_64

Satellite Tools 6.5 (v. 5.9.ELS Server) - i386, noarch, s390x, x86_64

Satellite Tools 6.5 (v. 6 Client) - i386, noarch, x86_64

Satellite Tools 6.5 (v. 6 ComputeNode) - noarch, x86_64

Satellite Tools 6.5 (v. 6 Server) - i386, noarch, ppc64, s390x, x86_64

Satellite Tools 6.5 (v. 6 Workstation) - i386, noarch, x86_64

Satellite Tools 6.5 (v. 6.4.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 6.5.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 6.6.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 7 Client) - noarch, x86_64

Satellite Tools 6.5 (v. 7 ComputeNode) - noarch, x86_64

Satellite Tools 6.5 (v. 7 Server) - noarch, ppc64, ppc64le, s390x, x86_64

Satellite Tools 6.5 (v. 7 Workstation) - noarch, x86_64

Satellite Tools 6.5 (v. 7.2.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 7.2.E4S Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.2.TUS Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.3.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 7.3.E4S Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.3.TUS Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.4.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 7.4.E4S Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.4.EUS ComputeNode) - noarch, x86_64

Satellite Tools 6.5 (v. 7.4.EUS Server) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64

Satellite Tools 6.5 (v. 7.4.TUS Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.5.EUS ComputeNode) - noarch, x86_64

Satellite Tools 6.5 (v. 7.5.EUS Server) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64

Satellite Tools 6.5 (v. 7.6.AUS Server) - noarch, x86_64

Satellite Tools 6.5 (v. 7.6.E4S Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 7.6.EUS Compute Node) - noarch, x86_64

Satellite Tools 6.5 (v. 7.6.EUS Server) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64

Satellite Tools 6.5 (v. 7.6.TUS Server) - noarch, ppc64le, x86_64

Satellite Tools 6.5 (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1684275 - CVE-2019-3845 qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.