Red Hat Satellite 6.9 RHSA-2021-1313-01 Moderate: System Management Issues
red hat
April 21, 2021
An update is now available for Red Hat Satellite 6.9 for RHEL 7
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Summary
Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
Security Fix(es):
* foreman: Managing repositories with their id via hammer does not respect
the role filters (CVE-2017-2662)
* python-psutil: Double free because of refcount mishandling
(CVE-2019-18874)
* candlepin: netty: compression/decompression codecs don't enforce limits
on buffer allocation sizes (CVE-2020-11612)
* foreman: world-readable OMAPI secret through the ISC DHCP server
(CVE-2020-14335)
* candlepin: resteasy-client: potential sensitive information leakage in
JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)
* python-django: potential SQL injection via "tolerance" parameter in GIS
functions and aggregates on Oracle (CVE-2020-9402)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
* Usability enhancements to Red Hat's Simple Content Access mode and
Satellite
* Usability improvements to enabling Remote Execution on your hosts.
* Notifications in the UI to warn users when subscriptions are expiring.
* Usability enhancements to enable Insights integration with Satellite.
* Performance improvements to various aspects of the user interface and
API.
* Added support for OpenID Connect for authentication.
* Usability improvements to the Satellite Installer.
* Updated Ruby web server to the modern Puma application server which
replaces Passenger.
The items above are not a complete list of changes. This update also fixes
several bugs and adds various enhancements. Documentation for these changes
is available from the Release Notes document linked to in the References
section.
References
https://access.redhat.com/security/cve/CVE-2017-2662 https://access.redhat.com/security/cve/CVE-2019-18874 https://access.redhat.com/security/cve/CVE-2020-9402 https://access.redhat.com/security/cve/CVE-2020-11612 https://access.redhat.com/security/cve/CVE-2020-14335 https://access.redhat.com/security/cve/CVE-2020-25633 https://access.redhat.com/security/updates/classification#moderate
Package List
Red Hat Satellite Capsule 6.9:
Source:
ansible-collection-redhat-satellite-2.0.1-1.el7sat.src.rpm
ansible-runner-1.4.6-1.el7ar.src.rpm
ansiblerole-foreman_scap_client-0.1.0-1.el7sat.src.rpm
ansiblerole-insights-client-1.7.1-1.el7sat.src.rpm
ansiblerole-satellite-receptor-installer-0.6.13-1.el7sat.src.rpm
createrepo_c-0.17.1-1.el7pc.src.rpm
foreman-2.3.1.20-1.el7sat.src.rpm
foreman-bootloaders-redhat-202005201200-1.el7sat.src.rpm
foreman-discovery-image-3.7.4-2.el7sat.src.rpm
foreman-discovery-image-service-1.0.0-4.el7sat.src.rpm
foreman-installer-2.3.1.10-1.el7sat.src.rpm
foreman-proxy-2.3.1-1.el7sat.src.rpm
foreman-selinux-2.3.1-1.el7sat.src.rpm
future-0.16.0-11.el7sat.src.rpm
gofer-2.12.5-7.el7sat.src.rpm
hfsplus-tools-332.14-12.el7.src.rpm
katello-3.18.1-3.el7sat.src.rpm
katello-certs-tools-2.7.3-1.el7sat.src.rpm
katello-client-bootstrap-1.7.5-1.el7sat.src.rpm
katello-selinux-3.5.1-1.el7sat.src.rpm
kobo-0.5.1-1.el7sat.src.rpm
libmodulemd-1.7.0-1.pulp.el7sat.src.rpm
libsolv-0.7.12-2.el7pc.src.rpm
libwebsockets-2.4.2-2.el7.src.rpm
livecd-tools-20.4-1.6.el7sat.src.rpm
mod_xsendfile-0.12-11.el7sat.src.rpm
ostree-2017.1-2.atomic.el7.src.rpm
pulp-2.21.5-2.el7sat.src.rpm
pulp-docker-3.2.9-1.el7sat.src.rpm
pulp-katello-1.0.3-1.el7sat.src.rpm
Read the Full Advisory
PREVIOUS
NEXT
Advisory ID: RHSA-2021:1313-01
Product: Red Hat Satellite 6
Advisory URL: https://access.redhat.com/errata/RHSA-2021:1313
Issue date: 2021-04-21
Topic
An update is now available for Red Hat Satellite 6.9 for RHEL 7.
Relevant Releases Architectures
Red Hat Satellite 6.9 - noarch, x86_64
Red Hat Satellite Capsule 6.9 - noarch, x86_64
Bugs Fixed
1434106 - CVE-2017-2662 foreman: Managing repositories with their id via hammer does not respect the role filters1439842 - Content View version delete fails with error "PLP0000: Pulp exception occurred: PulpExecutionException"
1459807 - Apply Errata to a Content Host via incremental C.V. has to wait till Capsule sync of the C.V. finishes
1470083 - Discovery settings 'Hostname_facts' should not be allowed to set empty
1526564 - [RFE] [sat-e-492] [SAT-506] allow adding arch and releasever to custom repos
1531536 - when I delete hosts where remote job was running, that finished remote job will start showing >100% result
1627812 - [RFE] There should be an API for getting the Satellite version and release
1654576 - "--order" and "--by" options of "hammer task list" doesn't work as expected.
1659506 - 'katello-certs-check' should display a warning messages if server.crt contains CN=shortname
1662478 - "openstack" in location/organization name is expanded into "RHEL OpenStack Platform"
1667647 - getting host details takes several times more for non-admin user
1677180 - [RFE] Provide the ability to use su as the effective method with password
1686641 - Unable to import job templates that have been exported from Satellite.
1686691 - [RFE] HTTP Proxy should provide "http_proxy" and "https_proxy" two options, not only "http_proxy" as default.
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!