RedHat: RHSA-2022-8532:01 Important: Satellite 6.9.10 Async Securit...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Satellite 6.9.10 Async Security Update
Advisory ID:       RHSA-2022:8532-01
Product:           Red Hat Satellite 6
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8532
Issue date:        2022-11-17
CVE Names:         CVE-2022-24790 
=====================================================================

1. Summary:

Updated Satellite 6.9 packages that fix several bugs are now available for
Red Hat Satellite.

2. Relevant releases/architectures:

Red Hat Satellite 6.9 - noarch, x86_64
Red Hat Satellite Capsule 6.9 - noarch

3. Description:

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.

Security Fix(es):
* tfm-rubygem-puma: http request smuggling vulnerabilities (CVE-2022-24790)

This update fixes the following bugs:
* 2038995: When executing the content migration (pre-upgrade process),
there is a PG query created by pulp that will be sitting forever
* 2074099: The errata migration continues to fail with
"pymongo.errors.DocumentTooLarge: BSON document too large" error even after
upgrading to Satellite 6.9.8
* 2081560: ForeignKeyViolation Error with docker_meta_tags
* 2091438: Use of content.count() in app/models/repository.py seems to hit
an error
* 2093829: 'foreman-maintain content migration-stats' command stucks and
consume all memory
* 2098221: Pulp 3 migration stats timing is too low for very large
deployments
* 2141348: It appears that the egg is downloaded every time

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.9/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts

5. Bugs fixed (https://bugzilla.redhat.com/):

2038995 - When executing the content migration (pre-upgrade process), there is a PG query created by pulp that will be sitting forever
2071616 - CVE-2022-24790 puma-5.6.4: http request smuggling vulnerabilities
2074099 - The errata migration continues to fail with "pymongo.errors.DocumentTooLarge: BSON document too large" error even after upgrading to Satellite 6.9.8
2081560 - ForeignKeyViolation Error with docker_meta_tags
2091438 - Use of content.count() in app/models/repository.py seems to hit an error
2093829 - 'foreman-maintain content migration-stats' command stucks and consume all memory
2098221 - Pulp 3 migration stats timing is too low for very large deployments
2141348 - It appears that the egg is downloaded every time

6. Package List:

Red Hat Satellite Capsule 6.9:

Source:
satellite-6.9.10-1.el7sat.src.rpm

noarch:
satellite-capsule-6.9.10-1.el7sat.noarch.rpm
satellite-common-6.9.10-1.el7sat.noarch.rpm
satellite-debug-tools-6.9.10-1.el7sat.noarch.rpm

Red Hat Satellite 6.9:

Source:
python-pulp_2to3_migration-0.11.13-1.el7pc.src.rpm
satellite-6.9.10-1.el7sat.src.rpm
tfm-rubygem-foreman_rh_cloud-3.0.33-1.el7sat.src.rpm
tfm-rubygem-katello-3.18.1.55-1.el7sat.src.rpm
tfm-rubygem-puma-4.3.12-1.el7sat.src.rpm

noarch:
python3-pulp-2to3-migration-0.11.13-1.el7pc.noarch.rpm
satellite-6.9.10-1.el7sat.noarch.rpm
satellite-cli-6.9.10-1.el7sat.noarch.rpm
satellite-common-6.9.10-1.el7sat.noarch.rpm
satellite-debug-tools-6.9.10-1.el7sat.noarch.rpm
tfm-rubygem-foreman_rh_cloud-3.0.33-1.el7sat.noarch.rpm
tfm-rubygem-katello-3.18.1.55-1.el7sat.noarch.rpm

x86_64:
tfm-rubygem-puma-4.3.12-1.el7sat.x86_64.rpm
tfm-rubygem-puma-debuginfo-4.3.12-1.el7sat.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-24790
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY3aDpNzjgjWX9erEAQh5qw//XyXQueL3qCJaA4h5P39/r0YSv2oUudA5
qaP2jY631WKiXnBzRJ5oCV90Jp29gLP24KZizSgrvAojMwbQaX2nyZHY/SUdw+bs
9KrPdRCS/nV4zii3n18QZ/XmNQKFh/opjiZf4MupNvH6cA4+4ejVzrX3q2+0JfER
FDpT1rOQnQnnxB+2hCjtMlbbbY+wRwYLzRhcjKGGTl1S7RgorTPk0aFo+0yXcw8n
/AQ7F1wxviEPwkMX1dEMXN7ZSFT1AaU9j9oSrJfSLToW5gj6/4+AEoQ7QSVUNSms
pbtJLU80wi/NNgrRLFKPZw7ejOpwd2TIztN2ZVLprvozrg7JOE62vHa9tgzha01J
UI8LwuUGtwGQb5ko1OATuodNolHryiCLZJKR1yU4FfuL5Xsva5HSkt9LhgTNa2FP
ZL09nuXve0VpeEVHJ98g6CHCtJFl+R7p1Kqj42d8ppe57fc0Qqm0bFZrBQfby/sy
fdOtnOit3L88D/Tzhd33T3xanUkWHBOc0INPcYPE3i8Qpc3OQ9skGpRmqDITAWle
7aiBFtP8bw+ga7Svd4wjJ+tZUyLkNEgNXgu8e0ixFXCpLPymhcLtk0fDLROdkKP1
YgENTiOXwf15SA9h/KK+gTXVn1GfHaxfTsUSqxncglRowXmN8boJiF4tjkK4n29F
NNhbVvxrXcM=
=8/Hz
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-8532:01 Important: Satellite 6.9.10 Async Security Update

Updated Satellite 6.9 packages that fix several bugs are now available for Red Hat Satellite

Summary

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Security Fix(es): * tfm-rubygem-puma: http request smuggling vulnerabilities (CVE-2022-24790)
This update fixes the following bugs: * 2038995: When executing the content migration (pre-upgrade process), there is a PG query created by pulp that will be sitting forever * 2074099: The errata migration continues to fail with "pymongo.errors.DocumentTooLarge: BSON document too large" error even after upgrading to Satellite 6.9.8 * 2081560: ForeignKeyViolation Error with docker_meta_tags * 2091438: Use of content.count() in app/models/repository.py seems to hit an error * 2093829: 'foreman-maintain content migration-stats' command stucks and consume all memory * 2098221: Pulp 3 migration stats timing is too low for very large deployments * 2141348: It appears that the egg is downloaded every time
Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released erratarelevant to your system have been applied.For detailed instructions how to apply this update, refer to:https://access.redhat.com/documentation/en-us/red_hat_satellite/6.9/html/upgrading_and_updating_red_hat_satellite/updating_satellite_server_capsule_server_and_content_hosts

References

https://access.redhat.com/security/cve/CVE-2022-24790 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Satellite Capsule 6.9:
Source: satellite-6.9.10-1.el7sat.src.rpm
noarch: satellite-capsule-6.9.10-1.el7sat.noarch.rpm satellite-common-6.9.10-1.el7sat.noarch.rpm satellite-debug-tools-6.9.10-1.el7sat.noarch.rpm
Red Hat Satellite 6.9:
Source: python-pulp_2to3_migration-0.11.13-1.el7pc.src.rpm satellite-6.9.10-1.el7sat.src.rpm tfm-rubygem-foreman_rh_cloud-3.0.33-1.el7sat.src.rpm tfm-rubygem-katello-3.18.1.55-1.el7sat.src.rpm tfm-rubygem-puma-4.3.12-1.el7sat.src.rpm
noarch: python3-pulp-2to3-migration-0.11.13-1.el7pc.noarch.rpm satellite-6.9.10-1.el7sat.noarch.rpm satellite-cli-6.9.10-1.el7sat.noarch.rpm satellite-common-6.9.10-1.el7sat.noarch.rpm satellite-debug-tools-6.9.10-1.el7sat.noarch.rpm tfm-rubygem-foreman_rh_cloud-3.0.33-1.el7sat.noarch.rpm tfm-rubygem-katello-3.18.1.55-1.el7sat.noarch.rpm
x86_64: tfm-rubygem-puma-4.3.12-1.el7sat.x86_64.rpm tfm-rubygem-puma-debuginfo-4.3.12-1.el7sat.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2022:8532-01
Product: Red Hat Satellite 6
Advisory URL: https://access.redhat.com/errata/RHSA-2022:8532
Issued Date: : 2022-11-17
CVE Names: CVE-2022-24790

Topic

Updated Satellite 6.9 packages that fix several bugs are now available forRed Hat Satellite.

Relevant Releases Architectures

Red Hat Satellite 6.9 - noarch, x86_64

Red Hat Satellite Capsule 6.9 - noarch

Bugs Fixed

2038995 - When executing the content migration (pre-upgrade process), there is a PG query created by pulp that will be sitting forever

2071616 - CVE-2022-24790 puma-5.6.4: http request smuggling vulnerabilities

2074099 - The errata migration continues to fail with "pymongo.errors.DocumentTooLarge: BSON document too large" error even after upgrading to Satellite 6.9.8

2081560 - ForeignKeyViolation Error with docker_meta_tags

2091438 - Use of content.count() in app/models/repository.py seems to hit an error

2093829 - 'foreman-maintain content migration-stats' command stucks and consume all memory

2098221 - Pulp 3 migration stats timing is too low for very large deployments

2141348 - It appears that the egg is downloaded every time

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.