DATABASE RESOURCES PRICING ABOUT US

{"id": "FEB8AFDC-B3E5-11EA-9DF5-08002728F74C", "vendorId": null, "type": "freebsd", "bulletinFamily": "unix", "title": "Rails -- permission vulnerability", "description": "\n\nRuby on Rails blog:\n\nRails 6.0.3.2 has been released! This version of Rails contains an\n\t important security patch, and you should upgrade! The release contains\n\t only one patch that addresses CVE-2020-8185.\n\n\n", "published": "2020-06-17T00:00:00", "modified": "2020-06-17T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "href": "https://vuxml.freebsd.org/freebsd/feb8afdc-b3e5-11ea-9df5-08002728f74c.html", "reporter": "FreeBSD", "references": ["https://weblog.rubyonrails.org/2020/6/17/Rails-6-0-3-2-has-been-released/", "https://groups.google.com/forum/#!topic/rubyonrails-security/pAe9EV8gbM0", "https://github.com/rails/rails/blob/6-0-stable/actionpack/CHANGELOG.md"], "cvelist": ["CVE-2020-8185"], "immutableFields": [], "lastseen": "2022-01-19T15:51:31", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-8185"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-8185"]}, {"type": "fedora", "idList": ["FEDORA:04C8E30BDAB3", "FEDORA:1BE4F30C0EF2", "FEDORA:2DDE030C0EF7", "FEDORA:3313D30C0EF8", "FEDORA:4A6A3309B6F1", "FEDORA:61EBD30BDAB3", "FEDORA:6905030C0EF2", "FEDORA:7AD1030BB654", "FEDORA:8116230C0EF7", "FEDORA:92FD1309B6F1", "FEDORA:98F1A30C0EF8", "FEDORA:AF8C030C0EF2", "FEDORA:C779E30C0EFA", "FEDORA:E04FA30C0EFD"]}, {"type": "github", "idList": ["GHSA-C6QR-H5VQ-59JC"]}, {"type": "hackerone", "idList": ["H1:899069", "H1:904059"]}, {"type": "ibm", "idList": ["8C90E11DB242E8DC044F905A8987B587D4A711080CE57EFC871310507AC8BF90"]}, {"type": "nessus", "idList": ["FEDORA_2020-4DD34860A3.NASL", "FREEBSD_PKG_FEB8AFDCB3E511EA9DF508002728F74C.NASL", "OPENSUSE-2020-1993.NASL", "OPENSUSE-2020-2000.NASL", "REDHAT-RHSA-2021-1313.NASL", "SUSE_SU-2020-3036-1.NASL", "SUSE_SU-2020-3147-1.NASL", "SUSE_SU-2020-3160-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113715", "OPENVAS:1361412562310113716"]}, {"type": "osv", "idList": ["OSV:GHSA-C6QR-H5VQ-59JC"]}, {"type": "redhat", "idList": ["RHSA-2021:1313"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-8185"]}, {"type": "rubygems", "idList": ["RUBY:ACTIONPACK-2020-8185"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1993-1", "OPENSUSE-SU-2020:2000-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-8185"]}, {"type": "veracode", "idList": ["VERACODE:25761"]}]}, "score": {"value": 2.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2020-8185"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-8185"]}, {"type": "fedora", "idList": ["FEDORA:04C8E30BDAB3", "FEDORA:1BE4F30C0EF2", "FEDORA:2DDE030C0EF7", "FEDORA:3313D30C0EF8", "FEDORA:4A6A3309B6F1", "FEDORA:61EBD30BDAB3", "FEDORA:6905030C0EF2", "FEDORA:7AD1030BB654", "FEDORA:8116230C0EF7", "FEDORA:92FD1309B6F1", "FEDORA:98F1A30C0EF8", "FEDORA:AF8C030C0EF2", "FEDORA:C779E30C0EFA", "FEDORA:E04FA30C0EFD"]}, {"type": "github", "idList": ["GHSA-C6QR-H5VQ-59JC"]}, {"type": "hackerone", "idList": ["H1:899069", "H1:904059"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_FEB8AFDCB3E511EA9DF508002728F74C.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113715", "OPENVAS:1361412562310113716"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-8185"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:1993-1", "OPENSUSE-SU-2020:2000-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-8185"]}]}, "exploitation": null, "vulnersScore": 2.5}, "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "packageVersion": "6.0.3.2", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "rubygem-actionpack60"}], "_state": {"dependencies": 1660004461, "score": 1660008686}, "_internal": {"score_hash": "fe2e4a7a1161c66980ed24628bea9f70"}}

{"ubuntucve": [{"lastseen": "2022-08-04T13:27:57", "description": "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an\nuntrusted user to run any pending migrations on a Rails app running in\nproduction.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | In Oneiric-Saucy, rails package is just for transition; The rails package contains actual code from vivid onward\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-02T00:00:00", "type": "ubuntucve", "title": "CVE-2020-8185", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2020-07-02T00:00:00", "id": "UB:CVE-2020-8185", "href": "https://ubuntu.com/security/CVE-2020-8185", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-07-04T06:01:58", "description": "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-02T19:15:00", "type": "debiancve", "title": "CVE-2020-8185", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2020-07-02T19:15:00", "id": "DEBIANCVE:CVE-2020-8185", "href": "https://security-tracker.debian.org/tracker/CVE-2020-8185", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "veracode": [{"lastseen": "2022-07-27T10:52:04", "description": "actionpack is vulnerable to authorization bypass. An attacker is be able to execute any migrations that are pending for a Rails app running in production mode.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-25T05:10:50", "type": "veracode", "title": "Authorization Bypass", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2020-10-05T06:04:00", "id": "VERACODE:25761", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-25761/summary", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "hackerone": [{"lastseen": "2020-07-24T20:50:09", "bounty": 0.0, "description": "Untrusted users able to run pending migrations in production\n\nThere is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed\nan untrusted user to run any pending migrations on a Rails app running in\nproduction.\n\nThis vulnerability has been assigned the CVE identifier CVE-2020-XXXX.\n\nVersions Affected: 6.0.0 < rails < 6.0.3.2\nNot affected: Applications with `config.action_dispatch.show_exceptions = false` (this is not a default setting in production)\nFixed Versions: rails >= 6.0.3.2\n\n\nReleases\n--------\n\nThe new release (6.0.3.2) is available in the regular locations.\n\nWorkarounds\n-----------\n\nUntil such time as the patch can be applied, application developers should\ndisable the ActionDispatch middleware in their production environment via\na line such as this one in their config/environment/production.rb:\n\nconfig.middleware.delete ActionDispatch::ActionableExceptions\n\nPatches\n-------\n\nAs mentioned, we are releasing the following patch for the 6.0 release\nseries:\n\n* 0001-6.0.3.1-Only-allow-ActionableErrors-if-show_detailed_excepti.patch\n\n\nCredits\n-------\n\nThis issue was discovered independently by Rafael Fran\u00e7a and Benoit C\u00f4t\u00e9-Jodoin. \nThe patch above was provided by Rafael.\n\n## Impact\n\nUsing this issue, an attacker would be able to execute any migrations that \nare pending for a Rails app running in production mode. It is important to\nnote that an attacker is limited to running migrations the application \ndeveloper has already defined in their application and ones that have not\nalready ran.", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-06-15T22:43:10", "type": "hackerone", "title": "Ruby on Rails: Untrusted users able to run pending migrations in production", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2020-07-24T20:07:32", "id": "H1:899069", "href": "https://hackerone.com/reports/899069", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T05:45:38", "bounty": 1000.0, "description": "Hello,\nI was looking at the change log (https://github.com/rails/rails/commit/2121b9d20b60ed503aa041ef7b926d331ed79fc2) for CVE-2020-8185 and found another problem existed.\n\nhttps://github.com/rails/rails/blob/v6.0.3.1/actionpack/lib/action_dispatch/middleware/actionable_exceptions.rb#L21\n\n```ruby\n redirect_to request.params[:location]\nend\n\nprivate\n def actionable_request?(request)\n request.show_exceptions? && request.post? && request.path == endpoint\n end\n\n def redirect_to(location)\n body = \"<html><body>You are being <a href=\\\"#{ERB::Util.unwrapped_html_escape(location)}\\\">redirected</a>.</body></html>\"\n\n [302, {\n \"Content-Type\" => \"text/html; charset=#{Response.default_charset}\",\n \"Content-Length\" => body.bytesize.to_s,\n \"Location\" => location,\n }, [body]]\n end\n```\n\nThere was an open redirect issue because the request parameter `location` was not validated.\nIn 6.0.3.2, since the condition of `actionable_request?` has changed, this problem is less likely to occur.\n\n\n### PoC\n\n\n#### 1. Prepare server\n\nPrepare an attackable 6.0.3.1 version of Rails server\n\n```\n\u276f rails -v\nRails 6.0.3.1\n\n\u276f RAILS_ENV=production rails s\n...\n* Environment: production\n* Listening on tcp://0.0.0.0:3000\n```\n\n#### 2. Attack server \n\nPrepare the server for attack on another port.\n\n```html\n<form method=\"post\" action=\"http://localhost:3000/rails/actions?error=ActiveRecord::PendingMigrationError&action=Run%20pending%20migrations&location=https://www.hackerone.com/\">\n\t<button type=\"submit\">click!</button>\n</form>\n````\n\n```\npython3 -m http.server 8000\n```\n\n#### 3. Open browser\n\nOpen the `http://localhost:8000/attack.html` url in your browser and click the button.\nRedirect to `https://www.hackerone.com/` url.\n\n{F876518}\n\n## Impact\n\nIt will be fixed with 6.0.3.2 as with CVE-2020-8185(https://groups.google.com/g/rubyonrails-security/c/pAe9EV8gbM0), but I think it is necessary to announce it again because the range of influence is different.\n\nThis open redirect changes from POST method to Get Method, so it may be difficult to use for phishing.On the other hand, it may affect bypass of referrer check or SSRF.", "edition": 2, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-06-21T02:15:14", "type": "hackerone", "title": "Ruby on Rails: Open Redirect (6.0.0 < rails < 6.0.3.2)", "bulletinFamily": "bugbounty", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185", "CVE-2020-8264"], "modified": "2020-12-22T16:47:02", "id": "H1:904059", "href": "https://hackerone.com/reports/904059", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-07-21T20:10:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8185"], "description": "Ruby on Rails is prone to a denial of service (DoS) vulnerability.", "modified": "2020-07-14T00:00:00", "published": "2020-07-06T00:00:00", "id": "OPENVAS:1361412562310113715", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113715", "type": "openvas", "title": "Ruby on Rails < 6.0.3.2 DoS Vulnerability", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113715\");\n script_version(\"2020-07-14T14:24:25+0000\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:24:25 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-06 10:19:34 +0000 (Mon, 06 Jul 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2020-8185\");\n\n script_name(\"Ruby on Rails < 6.0.3.2 DoS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_rails_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"rails/detected\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Ruby on Rails is prone to a denial of service (DoS) vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An untrusted user may run any pending migration in production.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to\n render legitimate users unable to use the application.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails through version 6.0.3.1.\");\n\n script_tag(name:\"solution\", value:\"Update to version 6.0.3.2.\");\n\n script_xref(name:\"URL\", value:\"https://hackerone.com/reports/899069\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:rubyonrails:rails\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"6.0.3.2\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"6.0.3.2\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T20:10:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8185"], "description": "Ruby on Rails is prone to a denial of service (DoS) vulnerability.", "modified": "2020-07-14T00:00:00", "published": "2020-07-06T00:00:00", "id": "OPENVAS:1361412562310113716", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113716", "type": "openvas", "title": "Ruby on Rails < 6.0.3.2 DoS Vulnerability", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113716\");\n script_version(\"2020-07-14T14:24:25+0000\");\n script_tag(name:\"last_modification\", value:\"2020-07-14 14:24:25 +0000 (Tue, 14 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-06 10:19:34 +0000 (Mon, 06 Jul 2020)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2020-8185\");\n\n script_name(\"Ruby on Rails < 6.0.3.2 DoS Vulnerability\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_rails_consolidation.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"rails/detected\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Ruby on Rails is prone to a denial of service (DoS) vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An untrusted user may run any pending migration in production.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to\n render legitimate users unable to use the application.\");\n\n script_tag(name:\"affected\", value:\"Ruby on Rails through version 6.0.3.1.\");\n\n script_tag(name:\"solution\", value:\"Update to version 6.0.3.2.\");\n\n script_xref(name:\"URL\", value:\"https://hackerone.com/reports/899069\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:rubyonrails:rails\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( isnull( port = get_app_port( cpe: CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )\n exit( 0 );\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"6.0.3.2\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"6.0.3.2\", install_path: location );\n security_message( data: report, port: port );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:14:34", "description": "Ruby on Rails blog :\n\nRails 6.0.3.2 has been released! This version of Rails contains an important security patch, and you should upgrade! The release contains only one patch that addresses CVE-2020-8185.", "cvss3": {"score": 6.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-23T00:00:00", "type": "nessus", "title": "FreeBSD : Rails -- permission vulnerability (feb8afdc-b3e5-11ea-9df5-08002728f74c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-8185"], "modified": "2020-07-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rubygem-actionpack60", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_FEB8AFDCB3E511EA9DF508002728F74C.NASL", "href": "https://www.tenable.com/plugins/nessus/137738", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137738);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/10\");\n\n script_cve_id(\"CVE-2020-8185\");\n\n script_name(english:\"FreeBSD : Rails -- permission vulnerability (feb8afdc-b3e5-11ea-9df5-08002728f74c)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ruby on Rails blog :\n\nRails 6.0.3.2 has been released! This version of Rails contains an\nimportant security patch, and you should upgrade! The release contains\nonly one patch that addresses CVE-2020-8185.\"\n );\n # https://weblog.rubyonrails.org/2020/6/17/Rails-6-0-3-2-has-been-released/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?26ba3bcb\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/rails/rails/blob/6-0-stable/actionpack/CHANGELOG.md\"\n );\n # https://groups.google.com/forum/#!topic/rubyonrails-security/pAe9EV8gbM0\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a8a8b3fd\"\n );\n # https://vuxml.freebsd.org/freebsd/feb8afdc-b3e5-11ea-9df5-08002728f74c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6e3119e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8185\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-actionpack60\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-actionpack60<6.0.3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-11-01T11:45:27", "description": "Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529 #1852381\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-10-08T00:00:00", "type": "nessus", "title": "Fedora 33 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2020-4dd34860a3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer", "p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack", "p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord", "p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport", "p-cpe:/a:fedoraproject:fedora:1:rubygem-rails", "p-cpe:/a:fedoraproject:fedora:rubygem-actioncable", "p-cpe:/a:fedoraproject:fedora:rubygem-actionmailbox", "p-cpe:/a:fedoraproject:fedora:rubygem-actiontext", "p-cpe:/a:fedoraproject:fedora:rubygem-actionview", "p-cpe:/a:fedoraproject:fedora:rubygem-activejob", "p-cpe:/a:fedoraproject:fedora:rubygem-activemodel", "p-cpe:/a:fedoraproject:fedora:rubygem-activestorage", "p-cpe:/a:fedoraproject:fedora:rubygem-image_processing", "p-cpe:/a:fedoraproject:fedora:rubygem-railties", "cpe:/o:fedoraproject:fedora:33"], "id": "FEDORA_2020-4DD34860A3.NASL", "href": "https://www.tenable.com/plugins/nessus/141285", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-4dd34860a3.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141285);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/12\");\n\n script_cve_id(\"CVE-2020-15169\", \"CVE-2020-5267\", \"CVE-2020-8185\");\n script_xref(name:\"FEDORA\", value:\"2020-4dd34860a3\");\n\n script_name(english:\"Fedora 33 : 1:rubygem-actionmailer / 1:rubygem-actionpack / etc (2020-4dd34860a3)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Upgrade to Ruby on Rails 6.0.3.3. Fixes CVEs: #1877568 #1831529\n#1852381\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-4dd34860a3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15169\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionmailer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-activesupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:rubygem-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actioncable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionmailbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actiontext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activejob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-activestorage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-image_processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-railties\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:33\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^33([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 33\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actionmailer-6.0.3.3-1.fc33\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actionpack-6.0.3.3-2.fc33\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-activerecord-6.0.3.3-1.fc33\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-activesupport-6.0.3.3-1.fc33\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-rails-6.0.3.3-1.fc33\", epoch:\"1\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actioncable-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actionmailbox-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actiontext-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-actionview-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-activejob-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-activemodel-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-activestorage-6.0.3.3-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-image_processing-1.11.0-1.fc33\")) flag++;\nif (rpm_check(release:\"FC33\", reference:\"rubygem-railties-6.0.3.3-1.fc33\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:rubygem-actionmailer / 1:rubygem-actionpack / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-02-19T00:46:55", "description": "This update for rmt-server fixes the following issues :\n\nUpdate to version 2.6.5: Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one.\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf.\n\nInstead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name.\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the local cache instead of downloading. However, if the local file timestamp accidentally changed to a date newer than the one on the repository server, RMT would have an outdated file, which caused some errors. Now, RMT makes HEAD requests to the repositories servers and inspect the 'Last-Modified' header to decide whether to download a file or copy it from cache, by comparing the equalness of timestamps.\n\nFixed an issue where relative paths supplied to `rmt-cli import repos` caused the command to fail.\n\nFriendlier IDs for custom repositories: In an effort to simplify the handling of SCC and custom repositories, RMT now has friendly IDs. For SCC repositories, it's the same SCC ID as before. For custom repositories, it can either be user provided or RMT generated (MD5 of the provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom repositories.\n\n - Custom repository IDs can be the same across RMT instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than before. RMT still supports that old ID, but it's recommended to start using the new ID to ensure future compatibility.\n\nUpdated rails and puma dependencies for security fixes.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3036-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-12-17T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rmt-server", "p-cpe:/a:novell:suse_linux:rmt-server-config", "p-cpe:/a:novell:suse_linux:rmt-server-debuginfo", "p-cpe:/a:novell:suse_linux:rmt-server-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3036-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143751", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3036-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143751);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/17\");\n\n script_cve_id(\"CVE-2019-16770\", \"CVE-2019-5418\", \"CVE-2019-5419\", \"CVE-2019-5420\", \"CVE-2020-11076\", \"CVE-2020-11077\", \"CVE-2020-15169\", \"CVE-2020-5247\", \"CVE-2020-5249\", \"CVE-2020-5267\", \"CVE-2020-8164\", \"CVE-2020-8165\", \"CVE-2020-8166\", \"CVE-2020-8167\", \"CVE-2020-8184\", \"CVE-2020-8185\");\n\n script_name(english:\"SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3036-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rmt-server fixes the following issues :\n\nUpdate to version 2.6.5: Solved potential bug of SCC repository URLs\nchanging over time. RMT now self heals by removing the previous\ninvalid repository and creating the correct one.\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to\nconfigure the minimum and maximum threads count as well the number of\nweb server workers to be booted through /etc/rmt.conf.\n\nInstead of using an MD5 of URLs for custom repository friendly_ids,\nRMT now builds an ID from the name.\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET\nrequests with the header 'If-Modified-Since' to a repository server\nand if the response had a 304 (Not Modified), it would copy a file\nfrom the local cache instead of downloading. However, if the local\nfile timestamp accidentally changed to a date newer than the one on\nthe repository server, RMT would have an outdated file, which caused\nsome errors. Now, RMT makes HEAD requests to the repositories servers\nand inspect the 'Last-Modified' header to decide whether to download a\nfile or copy it from cache, by comparing the equalness of timestamps.\n\nFixed an issue where relative paths supplied to `rmt-cli import repos`\ncaused the command to fail.\n\nFriendlier IDs for custom repositories: In an effort to simplify the\nhandling of SCC and custom repositories, RMT now has friendly IDs. For\nSCC repositories, it's the same SCC ID as before. For custom\nrepositories, it can either be user provided or RMT generated (MD5 of\nthe provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom\n repositories.\n\n - Custom repository IDs can be the same across RMT\n instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than\n before. RMT still supports that old ID, but it's\n recommended to start using the new ID to ensure future\n compatibility.\n\nUpdated rails and puma dependencies for security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1168554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5419/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5420/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11076/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11077/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15169/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5247/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5249/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8167/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8184/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8185/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203036-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08477350\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP2-2020-3036=1\n\nSUSE Linux Enterprise Module for Public Cloud 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2020-3036=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Rails File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rmt-server-2.6.5-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rmt-server-config-2.6.5-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rmt-server-debuginfo-2.6.5-3.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rmt-server-debugsource-2.6.5-3.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rmt-server\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:48:32", "description": "This update for rmt-server fixes the following issues :\n\n - Version 2.6.5\n\n - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one.\n\n - Version 2.6.4\n\n - Add web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf.\n\n - Version 2.6.3\n\n - Instead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name.\n\n - Version 2.6.2\n\n - Fix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the local cache instead of downloading. However, if the local file timestamp accidentally changed to a date newer than the one on the repository server, RMT would have an outdated file, which caused some errors. Now, RMT makes HEAD requests to the repositories servers and inspect the 'Last-Modified' header to decide whether to download a file or copy it from cache, by comparing the equalness of timestamps.\n\n\n\n - Version 2.6.1\n\n - Fixed an issue where relative paths supplied to `rmt-cli import repos` caused the command to fail.\n\n - Version 2.6.0\n\n - Friendlier IDs for custom repositories: In an effort to simplify the handling of SCC and custom repositories, RMT now has friendly IDs. For SCC repositories, it's the same SCC ID as before. For custom repositories, it can either be user provided or RMT generated (MD5 of the provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom repositories.\n\n - Custom repository IDs can be the same across RMT instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than before. RMT still supports that old ID, but it's recommended to start using the new ID to ensure future compatibility.\n\n - Version 2.5.20\n\n - Updated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\n - Version 2.5.19\n\n - RMT now has the ability to remove local systems with the command `rmt-cli systems remove`.\n\n - Version 2.5.18\n\n - Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1 whenever an error occurs during mirroring\n\n - Improved message logging for `rtm-cli mirror`. Instead of logging an error when it occurs, the command summarize all errors at the end of execution. Now log messages have colors to better identify failure/success.\n\n - Version 2.5.17\n\n - RMT no longer provides the installer updates repository to systems via its zypper service. This repository is used during the installation process, as it provides an up-to-date installation experience, but it has no use on an already installed system.\n\n - Version 2.5.16\n\n - Updated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\n - Version 2.5.15\n\n - RMT now checks if repositories are fully mirrored during the activation process. Previously, RMT only checked if the repositories were enabled to be mirrored, but not that they were actually mirrored. In this case, RMTs were not able to provide the repository data which systems assumed it had.\n\n - Version 2.5.14\n\n - Enable 'Installer-Updates' repositories by default\n\n - Fixed deprecation warning when thor encountered an error. Also, instead of returning 0 for thor errors, rmt-cli will return 1 instead.\n\n - Version 2.5.13\n\n - Added `rmt-cli repos clean` command to remove locally mirrored files of repositories which are not marked to be mirrored.\n\n - Previously, RMT didn't track deduplicated files in its database. Now, to accommodate `rmt-cli repos clean`, RMT will track all mirrored files.\n\n - Move the nginx reload to the configuration package which contain nginx config files, don't reload nginx unconditionally from main package.\n\n - Version 2.5.12\n\n - Update rack to version 2.2.3 (CVE-2020-8184:\n bsc#1173351)\n\n - Update Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\n - Version 2.5.11\n\n - rmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available subscriptions\n\n - Added a manual instance verification script\n\n - Version 2.5.10\n\n - Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of warnings with Ruby 2.7, mainly due to 'capturing the given block with Proc.new', which is deprecated;\n\n - Improve RPM spec to consider only the distribution default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\n - Move nginx/vhosts.d directory to correct sub-package.\n They are needed together with nginx, not rmt-server.\n\n - Fix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on another host\n\n - Fix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\n - Version 2.5.9\n\n - rmt-server-pubcloud: enforce strict authentication\n\n - Version 2.5.8\n\n - Use repomd_parser gem to remove repository metadata parsing code.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rmt-server (openSUSE-2020-2000)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-12-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rmt-server", "p-cpe:/a:novell:opensuse:rmt-server-config", "p-cpe:/a:novell:opensuse:rmt-server-debuginfo", "p-cpe:/a:novell:opensuse:rmt-server-debugsource", "p-cpe:/a:novell:opensuse:rmt-server-pubcloud", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-2000.NASL", "href": "https://www.tenable.com/plugins/nessus/143225", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-2000.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143225);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/17\");\n\n script_cve_id(\"CVE-2019-16770\", \"CVE-2019-5418\", \"CVE-2019-5419\", \"CVE-2019-5420\", \"CVE-2020-11076\", \"CVE-2020-11077\", \"CVE-2020-15169\", \"CVE-2020-5247\", \"CVE-2020-5249\", \"CVE-2020-5267\", \"CVE-2020-8164\", \"CVE-2020-8165\", \"CVE-2020-8166\", \"CVE-2020-8167\", \"CVE-2020-8184\", \"CVE-2020-8185\");\n\n script_name(english:\"openSUSE Security Update : rmt-server (openSUSE-2020-2000)\");\n script_summary(english:\"Check for the openSUSE-2020-2000 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rmt-server fixes the following issues :\n\n - Version 2.6.5\n\n - Solved potential bug of SCC repository URLs changing\n over time. RMT now self heals by removing the previous\n invalid repository and creating the correct one.\n\n - Version 2.6.4\n\n - Add web server settings to /etc/rmt.conf: Now it's\n possible to configure the minimum and maximum threads\n count as well the number of web server workers to be\n booted through /etc/rmt.conf.\n\n - Version 2.6.3\n\n - Instead of using an MD5 of URLs for custom repository\n friendly_ids, RMT now builds an ID from the name.\n\n - Version 2.6.2\n\n - Fix RMT file caching based on timestamps: Previously,\n RMT sent GET requests with the header\n 'If-Modified-Since' to a repository server and if the\n response had a 304 (Not Modified), it would copy a file\n from the local cache instead of downloading. However, if\n the local file timestamp accidentally changed to a date\n newer than the one on the repository server, RMT would\n have an outdated file, which caused some errors. Now,\n RMT makes HEAD requests to the repositories servers and\n inspect the 'Last-Modified' header to decide whether to\n download a file or copy it from cache, by comparing the\n equalness of timestamps.\n\n\n\n - Version 2.6.1\n\n - Fixed an issue where relative paths supplied to `rmt-cli\n import repos` caused the command to fail.\n\n - Version 2.6.0\n\n - Friendlier IDs for custom repositories: In an effort to\n simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the\n same SCC ID as before. For custom repositories, it can\n either be user provided or RMT generated (MD5 of the\n provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom\n repositories.\n\n - Custom repository IDs can be the same across RMT\n instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than\n before. RMT still supports that old ID, but it's\n recommended to start using the new ID to ensure future\n compatibility.\n\n - Version 2.5.20\n\n - Updated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\n - Version 2.5.19\n\n - RMT now has the ability to remove local systems with the\n command `rmt-cli systems remove`.\n\n - Version 2.5.18\n\n - Fixed exit code for `rmt-cli mirror` and its\n subcommands. Now it exits with 1 whenever an error\n occurs during mirroring\n\n - Improved message logging for `rtm-cli mirror`. Instead\n of logging an error when it occurs, the command\n summarize all errors at the end of execution. Now log\n messages have colors to better identify failure/success.\n\n - Version 2.5.17\n\n - RMT no longer provides the installer updates repository\n to systems via its zypper service. This repository is\n used during the installation process, as it provides an\n up-to-date installation experience, but it has no use on\n an already installed system.\n\n - Version 2.5.16\n\n - Updated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249,\n CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418,\n CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\n - Version 2.5.15\n\n - RMT now checks if repositories are fully mirrored during\n the activation process. Previously, RMT only checked if\n the repositories were enabled to be mirrored, but not\n that they were actually mirrored. In this case, RMTs\n were not able to provide the repository data which\n systems assumed it had.\n\n - Version 2.5.14\n\n - Enable 'Installer-Updates' repositories by default\n\n - Fixed deprecation warning when thor encountered an\n error. Also, instead of returning 0 for thor errors,\n rmt-cli will return 1 instead.\n\n - Version 2.5.13\n\n - Added `rmt-cli repos clean` command to remove locally\n mirrored files of repositories which are not marked to\n be mirrored.\n\n - Previously, RMT didn't track deduplicated files in its\n database. Now, to accommodate `rmt-cli repos clean`, RMT\n will track all mirrored files.\n\n - Move the nginx reload to the configuration package which\n contain nginx config files, don't reload nginx\n unconditionally from main package.\n\n - Version 2.5.12\n\n - Update rack to version 2.2.3 (CVE-2020-8184:\n bsc#1173351)\n\n - Update Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\n - Version 2.5.11\n\n - rmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available\n subscriptions\n\n - Added a manual instance verification script\n\n - Version 2.5.10\n\n - Support rmt-server to run with Ruby 2.7\n (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix\n incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order\n to also bump gem 'ethon' version, which caused a\n 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source\n code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1\n generates a lot of warnings with Ruby 2.7, mainly due to\n 'capturing the given block with Proc.new', which is\n deprecated;\n\n - Improve RPM spec to consider only the distribution\n default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding\n 'bundler.\n\n - Move nginx/vhosts.d directory to correct sub-package.\n They are needed together with nginx, not rmt-server.\n\n - Fix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on\n another host\n\n - Fix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\n - Version 2.5.9\n\n - rmt-server-pubcloud: enforce strict authentication\n\n - Version 2.5.8\n\n - Use repomd_parser gem to remove repository metadata\n parsing code.\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173351\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected rmt-server packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Rails File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-pubcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rmt-server-2.6.5-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rmt-server-config-2.6.5-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rmt-server-debuginfo-2.6.5-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rmt-server-debugsource-2.6.5-lp151.2.18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rmt-server-pubcloud-2.6.5-lp151.2.18.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rmt-server / rmt-server-config / rmt-server-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:47:05", "description": "This update for rmt-server fixes the following issues :\n\nUpdate to version 2.6.5 :\n\n - Solved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one.\n\n - Add web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf.\n\n - Instead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name.\n\n - Fix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the local cache instead of downloading. However, if the local file timestamp accidentally changed to a date newer than the one on the repository server, RMT would have an outdated file, which caused some errors. Now, RMT makes HEAD requests to the repositories servers and inspect the 'Last-Modified' header to decide whether to download a file or copy it from cache, by comparing the equalness of timestamps.\n\n - Fixed an issue where relative paths supplied to `rmt-cli import repos` caused the command to fail.\n\n - Friendlier IDs for custom repositories: In an effort to simplify the handling of SCC and custom repositories, RMT now has friendly IDs. For SCC repositories, it's the same SCC ID as before. For custom repositories, it can either be user provided or RMT generated (MD5 of the provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom repositories.\n\n - Custom repository IDs can be the same across RMT instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than before. RMT still supports that old ID, but it's recommended to start using the new ID to ensure future compatibility.\n\n - Updated rails and puma dependencies for security fixes.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-23T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rmt-server (openSUSE-2020-1993)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-12-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:rmt-server", "p-cpe:/a:novell:opensuse:rmt-server-config", "p-cpe:/a:novell:opensuse:rmt-server-debuginfo", "p-cpe:/a:novell:opensuse:rmt-server-debugsource", "p-cpe:/a:novell:opensuse:rmt-server-pubcloud", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-1993.NASL", "href": "https://www.tenable.com/plugins/nessus/143190", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1993.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143190);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/17\");\n\n script_cve_id(\"CVE-2019-16770\", \"CVE-2019-5418\", \"CVE-2019-5419\", \"CVE-2019-5420\", \"CVE-2020-11076\", \"CVE-2020-11077\", \"CVE-2020-15169\", \"CVE-2020-5247\", \"CVE-2020-5249\", \"CVE-2020-5267\", \"CVE-2020-8164\", \"CVE-2020-8165\", \"CVE-2020-8166\", \"CVE-2020-8167\", \"CVE-2020-8184\", \"CVE-2020-8185\");\n\n script_name(english:\"openSUSE Security Update : rmt-server (openSUSE-2020-1993)\");\n script_summary(english:\"Check for the openSUSE-2020-1993 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rmt-server fixes the following issues :\n\nUpdate to version 2.6.5 :\n\n - Solved potential bug of SCC repository URLs changing\n over time. RMT now self heals by removing the previous\n invalid repository and creating the correct one.\n\n - Add web server settings to /etc/rmt.conf: Now it's\n possible to configure the minimum and maximum threads\n count as well the number of web server workers to be\n booted through /etc/rmt.conf.\n\n - Instead of using an MD5 of URLs for custom repository\n friendly_ids, RMT now builds an ID from the name.\n\n - Fix RMT file caching based on timestamps: Previously,\n RMT sent GET requests with the header\n 'If-Modified-Since' to a repository server and if the\n response had a 304 (Not Modified), it would copy a file\n from the local cache instead of downloading. However, if\n the local file timestamp accidentally changed to a date\n newer than the one on the repository server, RMT would\n have an outdated file, which caused some errors. Now,\n RMT makes HEAD requests to the repositories servers and\n inspect the 'Last-Modified' header to decide whether to\n download a file or copy it from cache, by comparing the\n equalness of timestamps.\n\n - Fixed an issue where relative paths supplied to `rmt-cli\n import repos` caused the command to fail.\n\n - Friendlier IDs for custom repositories: In an effort to\n simplify the handling of SCC and custom repositories,\n RMT now has friendly IDs. For SCC repositories, it's the\n same SCC ID as before. For custom repositories, it can\n either be user provided or RMT generated (MD5 of the\n provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom\n repositories.\n\n - Custom repository IDs can be the same across RMT\n instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than\n before. RMT still supports that old ID, but it's\n recommended to start using the new ID to ensure future\n compatibility.\n\n - Updated rails and puma dependencies for security fixes.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1168554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1172186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173351\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected rmt-server packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Rails File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rmt-server-pubcloud\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rmt-server-2.6.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rmt-server-config-2.6.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rmt-server-debuginfo-2.6.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rmt-server-debugsource-2.6.5-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rmt-server-pubcloud-2.6.5-lp152.2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rmt-server / rmt-server-config / rmt-server-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:46:32", "description": "This update for rmt-server fixes the following issues :\n\nVersion 2.6.5\n\nSolved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one.\n\nVersion 2.6.4\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf.\n\nVersion 2.6.3\n\nInstead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name.\n\nVersion 2.6.2\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the local cache instead of downloading. However, if the local file timestamp accidentally changed to a date newer than the one on the repository server, RMT would have an outdated file, which caused some errors. Now, RMT makes HEAD requests to the repositories servers and inspect the 'Last-Modified' header to decide whether to download a file or copy it from cache, by comparing the equalness of timestamps.\n\nVersion 2.6.1\n\nFixed an issue where relative paths supplied to `rmt-cli import repos` caused the command to fail.\n\nVersion 2.6.0\n\nFriendlier IDs for custom repositories: In an effort to simplify the handling of SCC and custom repositories, RMT now has friendly IDs. For SCC repositories, it's the same SCC ID as before. For custom repositories, it can either be user provided or RMT generated (MD5 of the provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom repositories.\n\n - Custom repository IDs can be the same across RMT instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than before. RMT still supports that old ID, but it's recommended to start using the new ID to ensure future compatibility.\n\nVersion 2.5.20\n\nUpdated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\nVersion 2.5.19\n\nRMT now has the ability to remove local systems with the command `rmt-cli systems remove`.\n\nVersion 2.5.18\n\nFixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1 whenever an error occurrs during mirroring\n\nImproved message logging for `rtm-cli mirror`. Instead of logging an error when it occurs, the command summarize all errors at the end of execution. Now log messages have colors to better identify failure/success.\n\nVersion 2.5.17\n\nRMT no longer provides the installer updates repository to systems via its zypper service. This repository is used during the installation process, as it provides an up-to-date installation experience, but it has no use on an already installed system.\n\nVersion 2.5.16\n\nUpdated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\nVersion 2.5.15\n\nRMT now checks if repositories are fully mirrored during the activation process. Previously, RMT only checked if the repositories were enabled to be mirrored, but not that they were actually mirrored.\nIn this case, RMTs were not able to provide the repository data which systems assumed it had.\n\nVersion 2.5.14\n\nEnable 'Installer-Updates' repositories by default\n\nFixed deprecation warning when thor encountered an error. Also, instead of returning 0 for thor errors, rmt-cli will return 1 instead.\n\nVersion 2.5.13\n\nAdded `rmt-cli repos clean` command to remove locally mirrored files of repositories which are not marked to be mirrored.\n\nPreviously, RMT didn't track deduplicated files in its database. Now, to accommodate `rmt-cli repos clean`, RMT will track all mirrored files.\n\nMove the nginx reload to the configuration package which contain nginx config files, don't reload nginx unconditionally from main package.\n\nVersion 2.5.12\n\nUpdate rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n\nUpdate Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\nVersion 2.5.11\n\nrmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available subscriptions\n\n - Added a manual instance verification script\n\nVersion 2.5.10\n\nSupport rmt-server to run with Ruby 2.7 (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of warnings with Ruby 2.7, mainly due to 'capturing the given block with Proc.new', which is deprecated;\n\n - Improve RPM spec to consider only the distribution default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\nMove nginx/vhosts.d directory to correct sub-package. They are needed together with nginx, not rmt-server.\n\nFix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on another host\n\nFix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\nVersion 2.5.9\n\nrmt-server-pubcloud: enforce strict authentication\n\nVersion 2.5.8\n\nUse repomd_parser gem to remove repository metadata parsing code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3147-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-12-17T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rmt-server", "p-cpe:/a:novell:suse_linux:rmt-server-config", "p-cpe:/a:novell:suse_linux:rmt-server-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3147-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143622", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3147-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143622);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/17\");\n\n script_cve_id(\"CVE-2019-16770\", \"CVE-2019-5418\", \"CVE-2019-5419\", \"CVE-2019-5420\", \"CVE-2020-11076\", \"CVE-2020-11077\", \"CVE-2020-15169\", \"CVE-2020-5247\", \"CVE-2020-5249\", \"CVE-2020-5267\", \"CVE-2020-8164\", \"CVE-2020-8165\", \"CVE-2020-8166\", \"CVE-2020-8167\", \"CVE-2020-8184\", \"CVE-2020-8185\");\n\n script_name(english:\"SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3147-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rmt-server fixes the following issues :\n\nVersion 2.6.5\n\nSolved potential bug of SCC repository URLs changing over time. RMT\nnow self heals by removing the previous invalid repository and\ncreating the correct one.\n\nVersion 2.6.4\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to\nconfigure the minimum and maximum threads count as well the number of\nweb server workers to be booted through /etc/rmt.conf.\n\nVersion 2.6.3\n\nInstead of using an MD5 of URLs for custom repository friendly_ids,\nRMT now builds an ID from the name.\n\nVersion 2.6.2\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET\nrequests with the header 'If-Modified-Since' to a repository server\nand if the response had a 304 (Not Modified), it would copy a file\nfrom the local cache instead of downloading. However, if the local\nfile timestamp accidentally changed to a date newer than the one on\nthe repository server, RMT would have an outdated file, which caused\nsome errors. Now, RMT makes HEAD requests to the repositories servers\nand inspect the 'Last-Modified' header to decide whether to download a\nfile or copy it from cache, by comparing the equalness of timestamps.\n\nVersion 2.6.1\n\nFixed an issue where relative paths supplied to `rmt-cli import repos`\ncaused the command to fail.\n\nVersion 2.6.0\n\nFriendlier IDs for custom repositories: In an effort to simplify the\nhandling of SCC and custom repositories, RMT now has friendly IDs. For\nSCC repositories, it's the same SCC ID as before. For custom\nrepositories, it can either be user provided or RMT generated (MD5 of\nthe provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom\n repositories.\n\n - Custom repository IDs can be the same across RMT\n instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than\n before. RMT still supports that old ID, but it's\n recommended to start using the new ID to ensure future\n compatibility.\n\nVersion 2.5.20\n\nUpdated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\nVersion 2.5.19\n\nRMT now has the ability to remove local systems with the command\n`rmt-cli systems remove`.\n\nVersion 2.5.18\n\nFixed exit code for `rmt-cli mirror` and its subcommands. Now it exits\nwith 1 whenever an error occurrs during mirroring\n\nImproved message logging for `rtm-cli mirror`. Instead of logging an\nerror when it occurs, the command summarize all errors at the end of\nexecution. Now log messages have colors to better identify\nfailure/success.\n\nVersion 2.5.17\n\nRMT no longer provides the installer updates repository to systems via\nits zypper service. This repository is used during the installation\nprocess, as it provides an up-to-date installation experience, but it\nhas no use on an already installed system.\n\nVersion 2.5.16\n\nUpdated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249,\n CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418,\n CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\nVersion 2.5.15\n\nRMT now checks if repositories are fully mirrored during the\nactivation process. Previously, RMT only checked if the repositories\nwere enabled to be mirrored, but not that they were actually mirrored.\nIn this case, RMTs were not able to provide the repository data which\nsystems assumed it had.\n\nVersion 2.5.14\n\nEnable 'Installer-Updates' repositories by default\n\nFixed deprecation warning when thor encountered an error. Also,\ninstead of returning 0 for thor errors, rmt-cli will return 1 instead.\n\nVersion 2.5.13\n\nAdded `rmt-cli repos clean` command to remove locally mirrored files\nof repositories which are not marked to be mirrored.\n\nPreviously, RMT didn't track deduplicated files in its database. Now,\nto accommodate `rmt-cli repos clean`, RMT will track all mirrored\nfiles.\n\nMove the nginx reload to the configuration package which contain nginx\nconfig files, don't reload nginx unconditionally from main package.\n\nVersion 2.5.12\n\nUpdate rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n\nUpdate Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\nVersion 2.5.11\n\nrmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available\n subscriptions\n\n - Added a manual instance verification script\n\nVersion 2.5.10\n\nSupport rmt-server to run with Ruby 2.7 (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix\n incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order\n to also bump gem 'ethon' version, which caused a\n 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source\n code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1\n generates a lot of warnings with Ruby 2.7, mainly due to\n 'capturing the given block with Proc.new', which is\n deprecated;\n\n - Improve RPM spec to consider only the distribution\n default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding\n 'bundler.\n\nMove nginx/vhosts.d directory to correct sub-package. They are needed\ntogether with nginx, not rmt-server.\n\nFix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on\n another host\n\nFix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\nVersion 2.5.9\n\nrmt-server-pubcloud: enforce strict authentication\n\nVersion 2.5.8\n\nUse repomd_parser gem to remove repository metadata parsing code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5419/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5420/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11076/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11077/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15169/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5247/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5249/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8167/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8184/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8185/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203147-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f3122c55\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-3147=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-3147=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3147=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-3147=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Rails File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"s390x\") audit(AUDIT_ARCH_NOT, \"s390x\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rmt-server-2.6.5-3.34.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rmt-server-config-2.6.5-3.34.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"rmt-server-debuginfo-2.6.5-3.34.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rmt-server\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T00:49:37", "description": "This update for rmt-server fixes the following issues :\n\nVersion 2.6.5\n\nSolved potential bug of SCC repository URLs changing over time. RMT now self heals by removing the previous invalid repository and creating the correct one.\n\nVersion 2.6.4\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to configure the minimum and maximum threads count as well the number of web server workers to be booted through /etc/rmt.conf.\n\nVersion 2.6.3\n\nInstead of using an MD5 of URLs for custom repository friendly_ids, RMT now builds an ID from the name.\n\nVersion 2.6.2\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET requests with the header 'If-Modified-Since' to a repository server and if the response had a 304 (Not Modified), it would copy a file from the local cache instead of downloading. However, if the local file timestamp accidentally changed to a date newer than the one on the repository server, RMT would have an outdated file, which caused some errors. Now, RMT makes HEAD requests to the repositories servers and inspect the 'Last-Modified' header to decide whether to download a file or copy it from cache, by comparing the equalness of timestamps.\n\nVersion 2.6.1\n\nFixed an issue where relative paths supplied to `rmt-cli import repos` caused the command to fail.\n\nVersion 2.6.0\n\nFriendlier IDs for custom repositories: In an effort to simplify the handling of SCC and custom repositories, RMT now has friendly IDs. For SCC repositories, it's the same SCC ID as before. For custom repositories, it can either be user provided or RMT generated (MD5 of the provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom repositories.\n\n - Custom repository IDs can be the same across RMT instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than before. RMT still supports that old ID, but it's recommended to start using the new ID to ensure future compatibility.\n\nVersion 2.5.20\n\nUpdated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\nVersion 2.5.19\n\nRMT now has the ability to remove local systems with the command `rmt-cli systems remove`.\n\nVersion 2.5.18\n\nFixed exit code for `rmt-cli mirror` and its subcommands. Now it exits with 1 whenever an error occurs during mirroring\n\nImproved message logging for `rtm-cli mirror`. Instead of logging an error when it occurs, the command summarize all errors at the end of execution. Now log messages have colors to better identify failure/success.\n\nVersion 2.5.17\n\nRMT no longer provides the installer updates repository to systems via its zypper service. This repository is used during the installation process, as it provides an up-to-date installation experience, but it has no use on an already installed system.\n\nVersion 2.5.16\n\nUpdated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\nVersion 2.5.15\n\nRMT now checks if repositories are fully mirrored during the activation process. Previously, RMT only checked if the repositories were enabled to be mirrored, but not that they were actually mirrored.\nIn this case, RMTs were not able to provide the repository data which systems assumed it had.\n\nVersion 2.5.14\n\nEnable 'Installer-Updates' repositories by default\n\nFixed deprecation warning when thor encountered an error. Also, instead of returning 0 for thor errors, rmt-cli will return 1 instead.\n\nVersion 2.5.13\n\nAdded `rmt-cli repos clean` command to remove locally mirrored files of repositories which are not marked to be mirrored.\n\nPreviously, RMT didn't track deduplicated files in its database. Now, to accommodate `rmt-cli repos clean`, RMT will track all mirrored files.\n\nMove the nginx reload to the configuration package which contain nginx config files, don't reload nginx unconditionally from main package.\n\nVersion 2.5.12\n\nUpdate rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n\nUpdate Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\nVersion 2.5.11\n\nrmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available subscriptions\n\n - Added a manual instance verification script\n\nVersion 2.5.10\n\nSupport rmt-server to run with Ruby 2.7 (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump gem 'ethon' version, which caused a 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1 generates a lot of warnings with Ruby 2.7, mainly due to 'capturing the given block with Proc.new', which is deprecated;\n\n - Improve RPM spec to consider only the distribution default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\nMove nginx/vhosts.d directory to correct sub-package. They are needed together with nginx, not rmt-server.\n\nFix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on another host\n\nFix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\nVersion 2.5.9\n\nrmt-server-pubcloud: enforce strict authentication\n\nVersion 2.5.8\n\nUse repomd_parser gem to remove repository metadata parsing code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3160-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-12-17T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:rmt-server", "p-cpe:/a:novell:suse_linux:rmt-server-config", "p-cpe:/a:novell:suse_linux:rmt-server-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3160-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143623", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3160-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143623);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/17\");\n\n script_cve_id(\"CVE-2019-16770\", \"CVE-2019-5418\", \"CVE-2019-5419\", \"CVE-2019-5420\", \"CVE-2020-11076\", \"CVE-2020-11077\", \"CVE-2020-15169\", \"CVE-2020-5247\", \"CVE-2020-5249\", \"CVE-2020-5267\", \"CVE-2020-8164\", \"CVE-2020-8165\", \"CVE-2020-8166\", \"CVE-2020-8167\", \"CVE-2020-8184\", \"CVE-2020-8185\");\n\n script_name(english:\"SUSE SLES15 Security Update : rmt-server (SUSE-SU-2020:3160-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rmt-server fixes the following issues :\n\nVersion 2.6.5\n\nSolved potential bug of SCC repository URLs changing over time. RMT\nnow self heals by removing the previous invalid repository and\ncreating the correct one.\n\nVersion 2.6.4\n\nAdd web server settings to /etc/rmt.conf: Now it's possible to\nconfigure the minimum and maximum threads count as well the number of\nweb server workers to be booted through /etc/rmt.conf.\n\nVersion 2.6.3\n\nInstead of using an MD5 of URLs for custom repository friendly_ids,\nRMT now builds an ID from the name.\n\nVersion 2.6.2\n\nFix RMT file caching based on timestamps: Previously, RMT sent GET\nrequests with the header 'If-Modified-Since' to a repository server\nand if the response had a 304 (Not Modified), it would copy a file\nfrom the local cache instead of downloading. However, if the local\nfile timestamp accidentally changed to a date newer than the one on\nthe repository server, RMT would have an outdated file, which caused\nsome errors. Now, RMT makes HEAD requests to the repositories servers\nand inspect the 'Last-Modified' header to decide whether to download a\nfile or copy it from cache, by comparing the equalness of timestamps.\n\nVersion 2.6.1\n\nFixed an issue where relative paths supplied to `rmt-cli import repos`\ncaused the command to fail.\n\nVersion 2.6.0\n\nFriendlier IDs for custom repositories: In an effort to simplify the\nhandling of SCC and custom repositories, RMT now has friendly IDs. For\nSCC repositories, it's the same SCC ID as before. For custom\nrepositories, it can either be user provided or RMT generated (MD5 of\nthe provided URL). Benefits :\n\n - `rmt-cli mirror repositories` now works for custom\n repositories.\n\n - Custom repository IDs can be the same across RMT\n instances.\n\n - No more confusing 'SCC ID' vs 'ID' in `rmt-cli` output.\n Deprecation Warnings :\n\n - RMT now uses a different ID for custom repositories than\n before. RMT still supports that old ID, but it's\n recommended to start using the new ID to ensure future\n compatibility.\n\nVersion 2.5.20\n\nUpdated rails from 6.0.3.2 to 6.0.3.3 :\n\n - actionview (CVE-2020-15169)\n\nVersion 2.5.19\n\nRMT now has the ability to remove local systems with the command\n`rmt-cli systems remove`.\n\nVersion 2.5.18\n\nFixed exit code for `rmt-cli mirror` and its subcommands. Now it exits\nwith 1 whenever an error occurs during mirroring\n\nImproved message logging for `rtm-cli mirror`. Instead of logging an\nerror when it occurs, the command summarize all errors at the end of\nexecution. Now log messages have colors to better identify\nfailure/success.\n\nVersion 2.5.17\n\nRMT no longer provides the installer updates repository to systems via\nits zypper service. This repository is used during the installation\nprocess, as it provides an up-to-date installation experience, but it\nhas no use on an already installed system.\n\nVersion 2.5.16\n\nUpdated RMT's rails and puma dependencies.\n\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249,\n CVE-2020-5247 CVE-2019-16770)\n\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418,\n CVE-2019-5419)\n\n - activesupport (CVE-2020-8165)\n\n - railties (CVE-2019-5420)\n\nVersion 2.5.15\n\nRMT now checks if repositories are fully mirrored during the\nactivation process. Previously, RMT only checked if the repositories\nwere enabled to be mirrored, but not that they were actually mirrored.\nIn this case, RMTs were not able to provide the repository data which\nsystems assumed it had.\n\nVersion 2.5.14\n\nEnable 'Installer-Updates' repositories by default\n\nFixed deprecation warning when thor encountered an error. Also,\ninstead of returning 0 for thor errors, rmt-cli will return 1 instead.\n\nVersion 2.5.13\n\nAdded `rmt-cli repos clean` command to remove locally mirrored files\nof repositories which are not marked to be mirrored.\n\nPreviously, RMT didn't track deduplicated files in its database. Now,\nto accommodate `rmt-cli repos clean`, RMT will track all mirrored\nfiles.\n\nMove the nginx reload to the configuration package which contain nginx\nconfig files, don't reload nginx unconditionally from main package.\n\nVersion 2.5.12\n\nUpdate rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n\nUpdate Rails to version 5.2.4.3 :\n\n - actionpack (CVE-2020-8164: bsc#1172177)\n\n - actionpack (CVE-2020-8166: bsc#1172182)\n\n - activesupport (CVE-2020-8165: bsc#1172186)\n\n - actionview (CVE-2020-8167: bsc#1172184)\n\nVersion 2.5.11\n\nrmt-server-pubcloud :\n\n - SLES11 EOL\n\n - Extension activation verification based on the available\n subscriptions\n\n - Added a manual instance verification script\n\nVersion 2.5.10\n\nSupport rmt-server to run with Ruby 2.7 (Factory/Tumbleweed) :\n\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix\n incompatibility Ruby 2.7 OpenStruct class;\n\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order\n to also bump gem 'ethon' version, which caused a\n 'rb_safe_level' warning on Ruby 2.7;\n\n - Fix 'last arg as keyword arg' Ruby 2.7 warning on source\n code;\n\n - Disable 'deprecated' warnings from Ruby 2.7; Rails 5.1\n generates a lot of warnings with Ruby 2.7, mainly due to\n 'capturing the given block with Proc.new', which is\n deprecated;\n\n - Improve RPM spec to consider only the distribution\n default Ruby version configured in OBS;\n\n - Improve RPM spec to remove Ruby 2.7 warnings regarding\n 'bundler.\n\nMove nginx/vhosts.d directory to correct sub-package. They are needed\ntogether with nginx, not rmt-server.\n\nFix dependencies especially for containerized usage :\n\n - mariadb and nginx are not hard requires, could run on\n another host\n\nFix generic dependencies :\n\n - systemd ordering was missing\n\n - shadow is required for pre-install\n\nVersion 2.5.9\n\nrmt-server-pubcloud: enforce strict authentication\n\nVersion 2.5.8\n\nUse repomd_parser gem to remove repository metadata parsing code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172177\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1172186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-16770/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5418/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5419/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-5420/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11076/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-11077/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-15169/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5247/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5249/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-5267/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8164/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8165/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8167/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8184/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8185/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203160-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5e6b911\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Server Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Server-Applications-15-SP1-2020-3160=1\n\nSUSE Linux Enterprise Module for Public Cloud 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2020-3160=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"Rails File Disclosure\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Ruby On Rails DoubleTap Development Mode secret_key_base Vulnerability');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-config\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rmt-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rmt-server-2.6.5-3.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rmt-server-config-2.6.5-3.18.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rmt-server-debuginfo-2.6.5-3.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rmt-server\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-15T14:50:38", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1313 advisory.\n\n - rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection responses (CVE-2015-1820)\n\n - rubygem-rest-client: unsanitized application logging (CVE-2015-3448)\n\n - foreman: Managing repositories with their id via hammer does not respect the role filters (CVE-2017-2662)\n\n - rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119)\n\n - rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)\n\n - python-psutil: double free because of refcount mishandling (CVE-2019-18874)\n\n - netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n - foreman: world-readable OMAPI secret through the ISC DHCP server (CVE-2020-14335)\n\n - rubygem-activeview: Cross-site scripting in translation helpers (CVE-2020-15169)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)\n\n - rubygem-activestorage: circumvention of file size limits in ActiveStorage (CVE-2020-8162)\n\n - rubygem-actionpack: possible strong parameters bypass (CVE-2020-8164)\n\n - rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and RedisCacheStore (CVE-2020-8165)\n\n - rubygem-actionpack: ability to forge per-form CSRF tokens given a global CSRF token (CVE-2020-8166)\n\n - rubygem-actionview: CSRF vulnerability in rails-ujs (CVE-2020-8167)\n\n - rubygem-rails: untrusted users able to run pending migrations in production (CVE-2020-8185)\n\n - django: potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle (CVE-2020-9402)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-04-21T00:00:00", "type": "nessus", "title": "RHEL 7 : Satellite 6.9 Release (Moderate) (RHSA-2021:1313)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1820", "CVE-2015-3448", "CVE-2017-2662", "CVE-2018-1000119", "CVE-2019-16782", "CVE-2019-18874", "CVE-2020-11612", "CVE-2020-14335", "CVE-2020-15169", "CVE-2020-25633", "CVE-2020-8162", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8185", "CVE-2020-9402"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:ansible-collection-redhat-satellite", "p-cpe:/a:redhat:enterprise_linux:ansible-runner", "p-cpe:/a:redhat:enterprise_linux:ansiblerole-foreman_scap_client", "p-cpe:/a:redhat:enterprise_linux:ansiblerole-insights-client", "p-cpe:/a:redhat:enterprise_linux:ansiblerole-satellite-receptor-installer", "p-cpe:/a:redhat:enterprise_linux:candlepin", "p-cpe:/a:redhat:enterprise_linux:candlepin-selinux", "p-cpe:/a:redhat:enterprise_linux:crane-selinux", "p-cpe:/a:redhat:enterprise_linux:createrepo_c", "p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs", "p-cpe:/a:redhat:enterprise_linux:foreman", "p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat", "p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot", "p-cpe:/a:redhat:enterprise_linux:foreman-cli", "p-cpe:/a:redhat:enterprise_linux:foreman-debug", "p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image", "p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image-service", "p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image-service-tui", "p-cpe:/a:redhat:enterprise_linux:foreman-dynflow-sidekiq", "p-cpe:/a:redhat:enterprise_linux:foreman-ec2", "p-cpe:/a:redhat:enterprise_linux:foreman-gce", "p-cpe:/a:redhat:enterprise_linux:foreman-installer", "p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello", "p-cpe:/a:redhat:enterprise_linux:foreman-journald", "p-cpe:/a:redhat:enterprise_linux:foreman-libvirt", "p-cpe:/a:redhat:enterprise_linux:foreman-openstack", "p-cpe:/a:redhat:enterprise_linux:foreman-ovirt", "p-cpe:/a:redhat:enterprise_linux:foreman-postgresql", "p-cpe:/a:redhat:enterprise_linux:foreman-proxy", "p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content", "p-cpe:/a:redhat:enterprise_linux:foreman-proxy-journald", "p-cpe:/a:redhat:enterprise_linux:foreman-proxy-selinux", "p-cpe:/a:redhat:enterprise_linux:foreman-selinux", "p-cpe:/a:redhat:enterprise_linux:foreman-service", "p-cpe:/a:redhat:enterprise_linux:foreman-telemetry", "p-cpe:/a:redhat:enterprise_linux:foreman-vmware", "p-cpe:/a:redhat:enterprise_linux:hfsplus-tools", "p-cpe:/a:redhat:enterprise_linux:katello", "p-cpe:/a:redhat:enterprise_linux:katello-certs-tools", "p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap", "p-cpe:/a:redhat:enterprise_linux:katello-common", "p-cpe:/a:redhat:enterprise_linux:katello-debug", "p-cpe:/a:redhat:enterprise_linux:katello-selinux", "p-cpe:/a:redhat:enterprise_linux:keycloak-httpd-client-install", "p-cpe:/a:redhat:enterprise_linux:kobo", "p-cpe:/a:redhat:enterprise_linux:libcomps", "p-cpe:/a:redhat:enterprise_linux:libmodulemd", "p-cpe:/a:redhat:enterprise_linux:libmodulemd2", "p-cpe:/a:redhat:enterprise_linux:libsolv", "p-cpe:/a:redhat:enterprise_linux:libwebsockets", "p-cpe:/a:redhat:enterprise_linux:livecd-tools", "p-cpe:/a:redhat:enterprise_linux:mod_passenger", "p-cpe:/a:redhat:enterprise_linux:mod_xsendfile", "p-cpe:/a:redhat:enterprise_linux:ostree", "p-cpe:/a:redhat:enterprise_linux:pcp-mmvstatsd", "p-cpe:/a:redhat:enterprise_linux:pulp-admin-client", "p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions", "p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins", "p-cpe:/a:redhat:enterprise_linux:pulp-katello", "p-cpe:/a:redhat:enterprise_linux:pulp-maintenance", "p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child", "p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common", "p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent", "p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions", "p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins", "p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions", "p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins", "p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools", "p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions", "p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins", "p-cpe:/a:redhat:enterprise_linux:pulp-selinux", "p-cpe:/a:redhat:enterprise_linux:pulp-server", "p-cpe:/a:redhat:enterprise_linux:pulpcore-selinux", "p-cpe:/a:redhat:enterprise_linux:puppet-agent", "p-cpe:/a:redhat:enterprise_linux:puppet-agent-oauth", "p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client", "p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib", "p-cpe:/a:redhat:enterprise_linux:puppetserver", "p-cpe:/a:redhat:enterprise_linux:pycairo", "p-cpe:/a:redhat:enterprise_linux:python-blinker", "p-cpe:/a:redhat:enterprise_linux:python-bson", "p-cpe:/a:redhat:enterprise_linux:python-gnupg", "p-cpe:/a:redhat:enterprise_linux:python-gofer", "p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid", "p-cpe:/a:redhat:enterprise_linux:python-imgcreate", "p-cpe:/a:redhat:enterprise_linux:python-kid", "p-cpe:/a:redhat:enterprise_linux:python-mongoengine", "p-cpe:/a:redhat:enterprise_linux:python-nectar", "p-cpe:/a:redhat:enterprise_linux:python-oauth2", "p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib", "p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings", "p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib", "p-cpe:/a:redhat:enterprise_linux:python-pulp-common", "p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common", "p-cpe:/a:redhat:enterprise_linux:python-pulp-integrity", "p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation", "p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common", "p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common", "p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth", "p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common", "p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer", "p-cpe:/a:redhat:enterprise_linux:python-pymongo", "p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs", "p-cpe:/a:redhat:enterprise_linux:python-qpid", "p-cpe:/a:redhat:enterprise_linux:python-qpid-proton", "p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf", "p-cpe:/a:redhat:enterprise_linux:python-saslwrapper", "p-cpe:/a:redhat:enterprise_linux:python-semantic_version", "p-cpe:/a:redhat:enterprise_linux:python-simplejson", "p-cpe:/a:redhat:enterprise_linux:python-zope-interface", "p-cpe:/a:redhat:enterprise_linux:python2-amqp", "p-cpe:/a:redhat:enterprise_linux:python2-ansible-runner", "p-cpe:/a:redhat:enterprise_linux:python2-anyjson", "p-cpe:/a:redhat:enterprise_linux:python2-billiard", "p-cpe:/a:redhat:enterprise_linux:python2-celery", "p-cpe:/a:redhat:enterprise_linux:python2-click", "p-cpe:/a:redhat:enterprise_linux:python2-crane", "p-cpe:/a:redhat:enterprise_linux:python2-daemon", "p-cpe:/a:redhat:enterprise_linux:python2-django", "p-cpe:/a:redhat:enterprise_linux:python2-flask", "p-cpe:/a:redhat:enterprise_linux:python2-future", "p-cpe:/a:redhat:enterprise_linux:python2-gobject", "p-cpe:/a:redhat:enterprise_linux:python2-gobject-base", "p-cpe:/a:redhat:enterprise_linux:python2-isodate", "p-cpe:/a:redhat:enterprise_linux:python2-itsdangerous", "p-cpe:/a:redhat:enterprise_linux:python2-jinja2", "p-cpe:/a:redhat:enterprise_linux:python2-jmespath", "p-cpe:/a:redhat:enterprise_linux:python2-keycloak-httpd-client-install", "p-cpe:/a:redhat:enterprise_linux:python2-kombu", "p-cpe:/a:redhat:enterprise_linux:python2-lockfile", "p-cpe:/a:redhat:enterprise_linux:python2-markupsafe", "p-cpe:/a:redhat:enterprise_linux:python2-okaara", "p-cpe:/a:redhat:enterprise_linux:python2-pexpect", "p-cpe:/a:redhat:enterprise_linux:python2-psutil", "p-cpe:/a:redhat:enterprise_linux:python2-ptyprocess", "p-cpe:/a:redhat:enterprise_linux:python2-pycurl", "p-cpe:/a:redhat:enterprise_linux:python2-solv", "p-cpe:/a:redhat:enterprise_linux:python2-twisted", "p-cpe:/a:redhat:enterprise_linux:python2-vine", "p-cpe:/a:redhat:enterprise_linux:python2-werkzeug", "p-cpe:/a:redhat:enterprise_linux:python3-aiodns", "p-cpe:/a:redhat:enterprise_linux:python3-aiofiles", "p-cpe:/a:redhat:enterprise_linux:python3-aiohttp", "p-cpe:/a:redhat:enterprise_linux:python3-async-timeout", "p-cpe:/a:redhat:enterprise_linux:python3-attrs", "p-cpe:/a:redhat:enterprise_linux:python3-backoff", "p-cpe:/a:redhat:enterprise_linux:python3-cairo", "p-cpe:/a:redhat:enterprise_linux:python3-certifi", "p-cpe:/a:redhat:enterprise_linux:python3-cffi", "p-cpe:/a:redhat:enterprise_linux:python3-chardet", "p-cpe:/a:redhat:enterprise_linux:python3-click", "p-cpe:/a:redhat:enterprise_linux:python3-createrepo_c", "p-cpe:/a:redhat:enterprise_linux:python3-cryptography", "p-cpe:/a:redhat:enterprise_linux:python3-dateutil", "p-cpe:/a:redhat:enterprise_linux:python3-defusedxml", "p-cpe:/a:redhat:enterprise_linux:python3-diff-match-patch", "p-cpe:/a:redhat:enterprise_linux:python3-django", "p-cpe:/a:redhat:enterprise_linux:python3-django-currentuser", "p-cpe:/a:redhat:enterprise_linux:python3-django-filter", "p-cpe:/a:redhat:enterprise_linux:python3-django-guardian", "p-cpe:/a:redhat:enterprise_linux:python3-django-import-export", "p-cpe:/a:redhat:enterprise_linux:python3-django-lifecycle", "p-cpe:/a:redhat:enterprise_linux:python3-django-prometheus", "p-cpe:/a:redhat:enterprise_linux:python3-django-readonly-field", "p-cpe:/a:redhat:enterprise_linux:python3-djangorestframework", "p-cpe:/a:redhat:enterprise_linux:python3-djangorestframework-queryfields", "p-cpe:/a:redhat:enterprise_linux:python3-drf-access-policy", "p-cpe:/a:redhat:enterprise_linux:python3-drf-nested-routers", "p-cpe:/a:redhat:enterprise_linux:python3-drf-spectacular", "p-cpe:/a:redhat:enterprise_linux:python3-dynaconf", "p-cpe:/a:redhat:enterprise_linux:python3-ecdsa", "p-cpe:/a:redhat:enterprise_linux:python3-et-xmlfile", "p-cpe:/a:redhat:enterprise_linux:python3-future", "p-cpe:/a:redhat:enterprise_linux:python3-gnupg", "p-cpe:/a:redhat:enterprise_linux:python3-gobject", "p-cpe:/a:redhat:enterprise_linux:python3-gobject-base", "p-cpe:/a:redhat:enterprise_linux:python3-gunicorn", "p-cpe:/a:redhat:enterprise_linux:python3-idna", "p-cpe:/a:redhat:enterprise_linux:python3-idna-ssl", "p-cpe:/a:redhat:enterprise_linux:python3-importlib-metadata", "p-cpe:/a:redhat:enterprise_linux:python3-inflection", "p-cpe:/a:redhat:enterprise_linux:python3-iniparse", "p-cpe:/a:redhat:enterprise_linux:python3-jdcal", "p-cpe:/a:redhat:enterprise_linux:python3-jinja2", "p-cpe:/a:redhat:enterprise_linux:python3-jsonschema", "p-cpe:/a:redhat:enterprise_linux:python3-libcomps", "p-cpe:/a:redhat:enterprise_linux:python3-markuppy", "p-cpe:/a:redhat:enterprise_linux:python3-markupsafe", "p-cpe:/a:redhat:enterprise_linux:python3-mongoengine", "p-cpe:/a:redhat:enterprise_linux:python3-multidict", "p-cpe:/a:redhat:enterprise_linux:python3-odfpy", "p-cpe:/a:redhat:enterprise_linux:python3-openpyxl", "p-cpe:/a:redhat:enterprise_linux:python3-productmd", "p-cpe:/a:redhat:enterprise_linux:python3-prometheus-client", "p-cpe:/a:redhat:enterprise_linux:python3-psycopg2", "p-cpe:/a:redhat:enterprise_linux:python3-pulp-2to3-migration", "p-cpe:/a:redhat:enterprise_linux:python3-pulp-certguard", "p-cpe:/a:redhat:enterprise_linux:python3-pulp-container", "p-cpe:/a:redhat:enterprise_linux:python3-pulp-file", "p-cpe:/a:redhat:enterprise_linux:python3-pulp-rpm", "p-cpe:/a:redhat:enterprise_linux:python3-pulpcore", "p-cpe:/a:redhat:enterprise_linux:python3-pyOpenSSL", "p-cpe:/a:redhat:enterprise_linux:python3-pycares", "p-cpe:/a:redhat:enterprise_linux:python3-pycparser", "p-cpe:/a:redhat:enterprise_linux:python3-pycryptodomex", "p-cpe:/a:redhat:enterprise_linux:python3-pygtrie", "p-cpe:/a:redhat:enterprise_linux:python3-pyjwkest", "p-cpe:/a:redhat:enterprise_linux:python3-pyjwt", "p-cpe:/a:redhat:enterprise_linux:python3-pymongo", "p-cpe:/a:redhat:enterprise_linux:python3-pyrsistent", "p-cpe:/a:redhat:enterprise_linux:python3-pytz", "p-cpe:/a:redhat:enterprise_linux:python3-pyyaml", "p-cpe:/a:redhat:enterprise_linux:python3-receptor-satellite", "p-cpe:/a:redhat:enterprise_linux:python3-redis", "p-cpe:/a:redhat:enterprise_linux:python3-requests", "p-cpe:/a:redhat:enterprise_linux:python3-rpm", "p-cpe:/a:redhat:enterprise_linux:python3-rq", "p-cpe:/a:redhat:enterprise_linux:python3-semantic-version", "p-cpe:/a:redhat:enterprise_linux:python3-six", "p-cpe:/a:redhat:enterprise_linux:python3-solv", "p-cpe:/a:redhat:enterprise_linux:python3-sqlparse", "p-cpe:/a:redhat:enterprise_linux:python3-subscription-manager-rhsm", "p-cpe:/a:redhat:enterprise_linux:python3-tablib", "p-cpe:/a:redhat:enterprise_linux:python3-typing", "p-cpe:/a:redhat:enterprise_linux:python3-typing-extensions", "p-cpe:/a:redhat:enterprise_linux:python3-uritemplate", "p-cpe:/a:redhat:enterprise_linux:python3-url-normalize", "p-cpe:/a:redhat:enterprise_linux:python3-urllib3", "p-cpe:/a:redhat:enterprise_linux:python3-urlman", "p-cpe:/a:redhat:enterprise_linux:python3-whitenoise", "p-cpe:/a:redhat:enterprise_linux:python3-xlrd", "p-cpe:/a:redhat:enterprise_linux:python3-xlwt", "p-cpe:/a:redhat:enterprise_linux:python3-yarl", "p-cpe:/a:redhat:enterprise_linux:python3-zipp", "p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client", "p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel", "p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server", "p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore", "p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router", "p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools", "p-cpe:/a:redhat:enterprise_linux:qpid-proton-c", "p-cpe:/a:redhat:enterprise_linux:qpid-qmf", "p-cpe:/a:redhat:enterprise_linux:qpid-tools", "p-cpe:/a:redhat:enterprise_linux:receptor", "p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet", "p-cpe:/a:redhat:enterprise_linux:repoview", "p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-evr", "p-cpe:/a:redhat:enterprise_linux:rhel8-kickstart-setup", "p-cpe:/a:redhat:enterprise_linux:rubygem-facter", "p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext", "p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client", "p-cpe:/a:redhat:enterprise_linux:rubygem-highline", "p-cpe:/a:redhat:enterprise_linux:rubygem-oauth", "p-cpe:/a:redhat:enterprise_linux:rubygem-passenger", "p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native", "p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs", "p-cpe:/a:redhat:enterprise_linux:rubygem-rack", "p-cpe:/a:redhat:enterprise_linux:rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:saslwrapper", "p-cpe:/a:redhat:enterprise_linux:satellite", "p-cpe:/a:redhat:enterprise_linux:satellite-capsule", "p-cpe:/a:redhat:enterprise_linux:satellite-cli", "p-cpe:/a:redhat:enterprise_linux:satellite-common", "p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools", "p-cpe:/a:redhat:enterprise_linux:satellite-installer", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actioncable", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionmailbox", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionmailer", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionpack", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actiontext", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionview", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activejob", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activemodel", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-import", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-session_store", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activestorage", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activesupport", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-addressable", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-algebrick", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-amazing_print", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ancestry", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-anemone", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-angular-rails-templates", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ansi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-bindings", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-dsl", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-params", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-audited", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_compute", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_network", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_resources", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_storage", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_subscriptions", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bcrypt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-builder", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bundler_ext", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-clamp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-script", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-script-source", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby-edge", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-connection_pool", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-crass", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-css_parser", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-daemons", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deacon", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative-option", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deep_cloneable", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deface", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-diffy", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-domain_name", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-dynflow", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-erubi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-excon", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-execjs", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-facter", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday-cookie_jar", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday_middleware", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fast_gettext", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-aws", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-core", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-google", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-json", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-kubevirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-libvirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-openstack", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-ovirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-vsphere", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xml", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible_core", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_azure_rm", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_kubevirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_leapp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution-cockpit", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_rh_cloud", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-formatador", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-friendly_id", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fx", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-get_process_mem", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext_i18n_rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-git", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gitlab-sidekiq-fetcher", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-globalid", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-api-client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-cloud-env", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-googleauth", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql-batch", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gssapi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_ansible", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_azure_rm", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_kubevirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_leapp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_templates", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hashie", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-highline", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-cookie", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-form_data", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http_parser.rb", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-httpclient", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-i18n", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-infoblox", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ipaddress", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jgrep", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-logger", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jwt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo_parsers", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo_wizards", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kubeclient", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ldap_fluff", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-little-plugger", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-locale", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging-journald", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-loofah", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mail", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-marcel", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-memoist", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-method_source", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mime-types", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mime-types-data", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mimemagic", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mini_mime", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mini_portile2", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ms_rest", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ms_rest_azure", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multi_json", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multipart-post", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mustermann", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ldap", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ping", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-scp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh-krb", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-netrc", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-newt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-nio4r", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-nokogiri", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-oauth", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-openscap", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-optimist", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-os", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-parse-cron", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native-libs", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-polyglot", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-powerbar", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-prometheus-client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-promise.rb", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-public_suffix", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_2to3_migration_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_ansible_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_certguard_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_container_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_deb_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_file_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_rpm_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulpcore_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-puma", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-puma-plugin-systemd", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-quantile", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rabl", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-cors", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-jsonp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-protection", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-test", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-dom-testing", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-html-sanitizer", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-i18n", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-railties", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rainbow", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rb-inotify", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbovirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbvmomi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-record_tag_helper", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-recursive-open-struct", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redfish_client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access_lib", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redis", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-representable", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-responders", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rest-client", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-retriable", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rkerberos", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-robotex", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rsec", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby2ruby", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby_parser", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rubyipmi", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-runcible", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-safemode", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-scoped_search", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sd_notify", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-secure_headers", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sequel", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-server_sent_events", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sexp_processor", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sidekiq", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-signet", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sinatra", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_ansible", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dhcp_infoblox", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dhcp_remote_isc", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_discovery", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_discovery_image", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dns_infoblox", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_openscap", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_pulp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_remote_execution_ssh", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sprockets", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sprockets-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sqlite3", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sshkey", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-statsd-instrument", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-stomp", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-text", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-thor", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-thread_safe", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-tilt", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-timeliness", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-tzinfo", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-uber", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-display_width", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-validates_lengths_from_database", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-webpack-rails", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-websocket-driver", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-websocket-extensions", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-will_paginate", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-xmlrpc", "p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-zeitwerk", "p-cpe:/a:redhat:enterprise_linux:tfm-runtime"], "id": "REDHAT-RHSA-2021-1313.NASL", "href": "https://www.tenable.com/plugins/nessus/148903", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:1313. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148903);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\n \"CVE-2017-2662\",\n \"CVE-2019-18874\",\n \"CVE-2020-9402\",\n \"CVE-2020-11612\",\n \"CVE-2020-14335\",\n \"CVE-2020-25633\"\n );\n script_xref(name:\"RHSA\", value:\"2021:1313\");\n\n script_name(english:\"RHEL 7 : Satellite 6.9 Release (Moderate) (RHSA-2021:1313)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:1313 advisory.\n\n - rubygem-rest-client: session fixation vulnerability Set-Cookie headers present in an HTTP 30x redirection\n responses (CVE-2015-1820)\n\n - rubygem-rest-client: unsanitized application logging (CVE-2015-3448)\n\n - foreman: Managing repositories with their id via hammer does not respect the role filters (CVE-2017-2662)\n\n - rack-protection: Timing attack in authenticity_token.rb (CVE-2018-1000119)\n\n - rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)\n\n - python-psutil: double free because of refcount mishandling (CVE-2019-18874)\n\n - netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n\n - foreman: world-readable OMAPI secret through the ISC DHCP server (CVE-2020-14335)\n\n - rubygem-activeview: Cross-site scripting in translation helpers (CVE-2020-15169)\n\n - resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's\n WebApplicationException handling (CVE-2020-25633)\n\n - rubygem-activestorage: circumvention of file size limits in ActiveStorage (CVE-2020-8162)\n\n - rubygem-actionpack: possible strong parameters bypass (CVE-2020-8164)\n\n - rubygem-activesupport: potentially unintended unmarshalling of user-provided objects in MemCacheStore and\n RedisCacheStore (CVE-2020-8165)\n\n - rubygem-actionpack: ability to forge per-form CSRF tokens given a global CSRF token (CVE-2020-8166)\n\n - rubygem-actionview: CSRF vulnerability in rails-ujs (CVE-2020-8167)\n\n - rubygem-rails: untrusted users able to run pending migrations in production (CVE-2020-8185)\n\n - django: potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle\n (CVE-2020-9402)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/79.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/89.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/119.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/200.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/201.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/209.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/250.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/352.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/385.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/532.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/862.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-1820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2015-3448\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2017-2662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-1000119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-16782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-18874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8162\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8164\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8165\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8185\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14335\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-25633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:1313\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1205291\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1240982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1434106\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1534027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1772014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1789100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1810088\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1842634\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1843005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1843072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1843084\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1843152\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1852380\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1858302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1877566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879042\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-9402\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 79, 89, 119, 200, 201, 209, 250, 352, 385, 400, 416, 532, 862);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-collection-redhat-satellite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansible-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansiblerole-foreman_scap_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansiblerole-insights-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ansiblerole-satellite-receptor-installer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:candlepin-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crane-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:createrepo_c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-bootloaders-redhat-tftpboot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image-service-tui\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-dynflow-sidekiq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-gce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-installer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-installer-katello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-journald\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-openstack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-ovirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-proxy-content\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-proxy-journald\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-proxy-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-service\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-telemetry\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:foreman-vmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hfsplus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-certs-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-client-bootstrap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:katello-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:keycloak-httpd-client-install\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kobo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libcomps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libmodulemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libmodulemd2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsolv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libwebsockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:livecd-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_passenger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:mod_xsendfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ostree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pcp-mmvstatsd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-admin-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-docker-admin-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-katello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-maintenance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-ostree-admin-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-ostree-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pulpcore-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:puppet-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:puppet-agent-oauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:puppetserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pycairo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-blinker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-gofer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-imgcreate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-kid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-mongoengine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-nectar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-oauth2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-integrity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-oid_validation\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-ostree-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-repoauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pulp-streamer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-qpid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-qpid-proton\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-saslwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-semantic_version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-simplejson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-zope-interface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-amqp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-ansible-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-anyjson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-billiard\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-celery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-click\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-crane\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-django\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-flask\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-future\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-isodate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-itsdangerous\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-jmespath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-keycloak-httpd-client-install\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-kombu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-lockfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-okaara\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pexpect\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-psutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-ptyprocess\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-pycurl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-solv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-vine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python2-werkzeug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-aiodns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-aiofiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-aiohttp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-async-timeout\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-attrs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-backoff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-cairo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-certifi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-cffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-chardet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-click\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-createrepo_c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-cryptography\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-dateutil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-defusedxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-diff-match-patch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-currentuser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-filter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-guardian\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-import-export\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-lifecycle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-prometheus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-django-readonly-field\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-djangorestframework\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-djangorestframework-queryfields\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-drf-access-policy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-drf-nested-routers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-drf-spectacular\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-dynaconf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-ecdsa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-et-xmlfile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-future\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-gunicorn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-idna\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-idna-ssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-importlib-metadata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-inflection\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-iniparse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-jdcal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-jinja2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-jsonschema\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libcomps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-markuppy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-markupsafe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-mongoengine\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-multidict\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-odfpy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-openpyxl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-productmd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-prometheus-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-psycopg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulp-2to3-migration\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulp-certguard\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulp-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulp-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulp-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pulpcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyOpenSSL\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pycares\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pycparser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pycryptodomex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pygtrie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyjwkest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyjwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pymongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyrsistent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pytz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-pyyaml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-receptor-satellite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-requests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-rpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-rq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-semantic-version\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-six\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-solv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-sqlparse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-subscription-manager-rhsm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-tablib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-typing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-typing-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-uritemplate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-url-normalize\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-urllib3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-urlman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-whitenoise\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-xlrd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-xlwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-yarl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-zipp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-proton-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-qmf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:qpid-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:receptor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-access-insights-puppet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:repoview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rh-postgresql12-postgresql-evr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhel8-kickstart-setup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-facter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-highline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-oauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-passenger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:saslwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite-capsule\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite-cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite-debug-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:satellite-installer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actioncable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionmailbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionmailer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actiontext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-actionview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activejob\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activemodel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-import\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activerecord-session_store\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activestorage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-activesupport\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-addressable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-algebrick\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-amazing_print\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ancestry\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-anemone\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-angular-rails-templates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ansi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-bindings\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-dsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-params\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-apipie-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-audited\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_compute\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_network\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_resources\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_storage\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-azure_mgmt_subscriptions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-builder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-bundler_ext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-clamp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-script\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-coffee-script-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-concurrent-ruby-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-connection_pool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-crass\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-css_parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deacon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-declarative-option\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deep_cloneable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-deface\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-diffy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-domain_name\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-dynflow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-erubi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-excon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-execjs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-facter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday-cookie_jar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-faraday_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fast_gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ffi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-google\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-kubevirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-openstack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-ovirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-vsphere\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fog-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman-tasks-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_ansible_core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_azure_rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_bootdisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_discovery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_hooks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_kubevirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_leapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_openscap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution-cockpit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_remote_execution_core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_rh_cloud\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_templates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_theme_satellite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-foreman_virt_who_configure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-formatador\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-friendly_id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-fx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-get_process_mem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gettext_i18n_rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-git\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gitlab-sidekiq-fetcher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-globalid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-api-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-google-cloud-env\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-googleauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-graphql-batch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-gssapi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_admin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_ansible\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_azure_rm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_bootdisk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_discovery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_kubevirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_leapp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_openscap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_remote_execution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_tasks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_templates\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_foreman_virt_who_configure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hammer_cli_katello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-hashie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-highline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-cookie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http-form_data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-http_parser.rb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-httpclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-infoblox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ipaddress\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jgrep\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-journald-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-jwt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo_parsers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kafo_wizards\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-katello\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-kubeclient\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ldap_fluff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-little-plugger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-logging-journald\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-loofah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-marcel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-memoist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-method_source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mime-types\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mime-types-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mimemagic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mini_mime\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mini_portile2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ms_rest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ms_rest_azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multi_json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-multipart-post\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-mustermann\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ping\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-scp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-net-ssh-krb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-netrc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-newt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-nio4r\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-nokogiri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-oauth\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-openscap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-optimist\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-os\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt-engine-sdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ovirt_provision_plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-parse-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-passenger-native-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-polyglot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-powerbar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-prometheus-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-promise.rb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-public_suffix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_2to3_migration_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_ansible_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_certguard_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_container_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_deb_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_file_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulp_rpm_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-pulpcore_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-puma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-puma-plugin-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-quantile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rabl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-cors\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-jsonp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-protection\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rack-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-dom-testing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-html-sanitizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rails-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-railties\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rainbow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rb-inotify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbovirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rbvmomi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-record_tag_helper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-recursive-open-struct\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redfish_client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redhat_access_lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-representable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-responders\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rest-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-retriable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rkerberos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-roadie-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-robotex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rsec\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby-libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby2ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-ruby_parser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-rubyipmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-runcible\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-safemode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-scoped_search\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sd_notify\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-secure_headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sequel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-server_sent_events\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sexp_processor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sidekiq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-signet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sinatra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_ansible\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dhcp_infoblox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dhcp_remote_isc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_discovery\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_discovery_image\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dns_infoblox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_dynflow_core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_openscap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_pulp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-smart_proxy_remote_execution_ssh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sprockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sprockets-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sqlite3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-sshkey\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-statsd-instrument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-stomp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-text\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-thor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-thread_safe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-tilt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-timeliness\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-tzinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-uber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unf_ext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-unicode-display_width\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-validates_lengths_from_database\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-webpack-rails\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-websocket-driver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-websocket-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-will_paginate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-rubygem-zeitwerk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tfm-runtime\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'satellite_6_9_el7': [\n 'rhel-7-server-satellite-6.9-debug-rpms',\n 'rhel-7-server-satellite-6.9-rpms',\n 'rhel-7-server-satellite-6.9-source-rpms'\n ],\n 'satellite_capsule_6_9_el7': [\n 'rhel-7-server-satellite-capsule-6.9-debug-rpms',\n 'rhel-7-server-satellite-capsule-6.9-rpms',\n 'rhel-7-server-satellite-capsule-6.9-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'ansible-collection-redhat-satellite-2.0.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'ansible-runner-1.4.6-1.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'ansiblerole-foreman_scap_client-0.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'ansiblerole-insights-client-1.7.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'ansiblerole-satellite-receptor-installer-0.6.13-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'candlepin-3.1.26-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'candlepin-selinux-3.1.26-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'crane-selinux-3.5.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'createrepo_c-0.17.1-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'createrepo_c-libs-0.17.1-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-bootloaders-redhat-202005201200-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-bootloaders-redhat-tftpboot-202005201200-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-cli-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-debug-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-discovery-image-3.7.4-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-discovery-image-service-1.0.0-4.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-discovery-image-service-tui-1.0.0-4.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-dynflow-sidekiq-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-ec2-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-gce-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-installer-2.3.1.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-installer-katello-2.3.1.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-journald-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-libvirt-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-openstack-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-ovirt-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-postgresql-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-proxy-2.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-proxy-content-3.18.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-proxy-journald-2.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-proxy-selinux-2.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-selinux-2.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-service-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-telemetry-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'foreman-vmware-2.3.1.20-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'hfsplus-tools-332.14-12.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-3.18.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-certs-tools-2.7.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-client-bootstrap-1.7.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-common-3.18.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-debug-3.18.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'katello-selinux-3.5.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'keycloak-httpd-client-install-1.2.2-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'kobo-0.5.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'libcomps-0.1.15-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'libmodulemd-1.7.0-1.pulp.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'libmodulemd2-2.9.3-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'libsolv-0.7.12-2.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'libwebsockets-2.4.2-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'livecd-tools-20.4-1.6.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'mod_passenger-4.0.18-24.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'mod_xsendfile-0.12-11.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'ostree-2017.1-2.atomic.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pcp-mmvstatsd-0.4-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-admin-client-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-docker-admin-extensions-3.2.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-docker-plugins-3.2.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-katello-1.0.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-maintenance-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-nodes-child-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-nodes-common-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-nodes-parent-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-ostree-admin-extensions-1.3.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-ostree-plugins-1.3.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-puppet-admin-extensions-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-puppet-plugins-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-puppet-tools-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-rpm-admin-extensions-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-rpm-plugins-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-selinux-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulp-server-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pulpcore-selinux-1.2.3-2.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'puppet-agent-6.19.1-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'puppet-agent-oauth-0.5.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'puppet-foreman_scap_client-0.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'puppetlabs-stdlib-5.2.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'puppetserver-6.14.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'pycairo-1.16.3-9.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-blinker-1.3-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-bson-3.2-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-gnupg-0.3.7-1.el7ui', 'release':'7', 'el_string':'el7ui', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-gofer-2.12.5-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-gofer-qpid-2.12.5-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-imgcreate-20.4-1.6.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-kid-0.9.6-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-mongoengine-0.10.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-nectar-1.6.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-oauth2-1.5.211-8.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-agent-lib-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-bindings-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-client-lib-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-common-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-docker-common-3.2.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-integrity-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-oid_validation-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-ostree-common-1.3.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-puppet-common-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-repoauth-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-rpm-common-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pulp-streamer-2.21.5-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pymongo-3.2-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-pymongo-gridfs-3.2-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-qpid-1.35.0-5.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-qpid-proton-0.28.0-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-qpid-qmf-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-saslwrapper-0.22-5.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-semantic_version-2.2.0-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-simplejson-3.2.0-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python-zope-interface-4.0.5-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-amqp-2.2.2-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-ansible-runner-1.4.6-1.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-anyjson-0.3.3-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-billiard-3.5.0.3-3.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-celery-4.0.2-9.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-click-6.7-9.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-crane-3.3.1-9.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-daemon-2.1.2-7.el7at', 'release':'7', 'el_string':'el7at', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-django-1.11.29-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-flask-0.12.2-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-future-0.16.0-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-gobject-3.28.3-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-gobject-base-3.28.3-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-isodate-0.5.4-12.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-itsdangerous-0.24-15.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-jinja2-2.10-10.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-jmespath-0.9.0-6.el7_7', 'release':'7', 'el_string':'el7_7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-keycloak-httpd-client-install-1.2.2-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-kombu-4.0.2-14.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-lockfile-0.11.0-10.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-markupsafe-0.23-21.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-okaara-1.0.37-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-pexpect-4.6-1.el7at', 'release':'7', 'el_string':'el7at', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-psutil-5.7.2-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-ptyprocess-0.5.2-3.el7at', 'release':'7', 'el_string':'el7at', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-pycurl-7.43.0.2-4.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-solv-0.7.12-2.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-twisted-16.4.1-12.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-vine-1.1.3-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'10', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python2-werkzeug-0.12.2-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-aiodns-2.0.0-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-aiofiles-0.6.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-aiohttp-3.6.2-4.el7ar', 'cpu':'x86_64', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-async-timeout-3.0.1-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-attrs-19.3.0-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-backoff-1.10.0-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-cairo-1.10.0-25.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-certifi-2020.6.20-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-cffi-1.14.3-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-chardet-3.0.4-10.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-chardet-3.0.4-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-click-7.1.2-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-createrepo_c-0.17.1-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-cryptography-2.9.2-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-dateutil-2.8.1-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-defusedxml-0.6.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-diff-match-patch-20200713-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-2.2.18-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-currentuser-0.5.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-filter-2.3.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-guardian-2.3.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-import-export-2.3.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-lifecycle-0.8.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-prometheus-2.1.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-django-readonly-field-1.0.5-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-djangorestframework-3.11.2-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-djangorestframework-queryfields-1.0.0-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-drf-access-policy-0.7.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-drf-nested-routers-0.91-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-drf-spectacular-0.9.13-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-dynaconf-3.1.2-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-ecdsa-0.13.3-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-et-xmlfile-1.0.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-future-0.18.2-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-gnupg-0.4.6-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-gobject-3.22.0-8.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-gobject-base-3.22.0-8.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-gunicorn-20.0.4-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-idna-2.10-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-idna-ssl-1.1.0-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-importlib-metadata-1.7.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-inflection-0.5.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-iniparse-0.4-33.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-jdcal-1.4.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-jinja2-2.11.2-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-jsonschema-3.2.0-4.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-libcomps-0.1.15-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-markuppy-1.14-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-markupsafe-1.1.1-4.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-mongoengine-0.20.0-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-multidict-4.7.6-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-odfpy-1.4.1-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-openpyxl-3.0.5-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-productmd-1.31-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-prometheus-client-0.7.1-2.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-psycopg2-2.8.6-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulp-2to3-migration-0.10.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulp-certguard-1.0.3-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulp-container-2.1.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulp-file-1.3.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulp-rpm-3.9.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pulpcore-3.7.3-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pycares-3.1.1-2.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pycparser-2.20-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pycryptodomex-3.9.8-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pygtrie-2.3.3-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pyjwkest-1.4.2-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pyjwt-1.7.1-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pymongo-3.11.0-3.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pyOpenSSL-19.1.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pyrsistent-0.17.3-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pytz-2020.4-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-pyyaml-5.3.1-3.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-receptor-satellite-1.3.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-redis-3.5.3-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-requests-2.24.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-rpm-4.11.3-8.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-rq-1.5.2-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-semantic-version-2.8.5-3.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-six-1.15.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-solv-0.7.12-2.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-sqlparse-0.4.1-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-subscription-manager-rhsm-1.27.5-4.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-tablib-2.0.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-typing-3.7.4.3-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-typing-extensions-3.7.4.3-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-uritemplate-3.0.1-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-url-normalize-1.4.3-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-urllib3-1.25.11-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-urlman-1.3.0-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-whitenoise-5.2.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-xlrd-1.2.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-xlwt-1.3.0-1.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-yarl-1.6.2-1.el7pc', 'cpu':'x86_64', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'python3-zipp-3.4.0-2.el7pc', 'release':'7', 'el_string':'el7pc', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-cpp-client-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-cpp-client-devel-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-cpp-server-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-cpp-server-linearstore-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-dispatch-router-1.5.0-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-dispatch-tools-1.5.0-4.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-proton-c-0.28.0-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-qmf-1.36.0-28.el7amq', 'cpu':'x86_64', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'qpid-tools-1.36.0-28.el7amq', 'release':'7', 'el_string':'el7amq', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'receptor-0.6.3-1.el7ar', 'release':'7', 'el_string':'el7ar', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'redhat-access-insights-puppet-1.0.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'repoview-0.6.6-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rh-postgresql12-postgresql-evr-0.0.2-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rhel8-kickstart-setup-0.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-facter-2.4.1-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-fast_gettext-1.1.0-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-foreman_scap_client-0.4.7-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-highline-1.7.8-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-oauth-0.5.4-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-passenger-4.0.18-24.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-passenger-native-4.0.18-24.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-passenger-native-libs-4.0.18-24.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-rack-1.6.12-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'rubygem-rake-0.9.2.2-41.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'saslwrapper-0.22-5.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-6.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-capsule-6.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-cli-6.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-common-6.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-debug-tools-6.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'satellite-installer-6.9.0.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actioncable-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actionmailbox-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actionmailer-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actionpack-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actiontext-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-actionview-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activejob-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activemodel-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activerecord-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activerecord-import-1.0.0-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activerecord-session_store-1.1.1-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activestorage-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-activesupport-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-addressable-2.6.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-algebrick-0.7.3-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-amazing_print-1.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ancestry-3.0.7-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-anemone-0.7.2-22.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-angular-rails-templates-1.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ansi-1.5.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-apipie-bindings-0.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-apipie-dsl-2.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-apipie-params-0.0.5-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-apipie-rails-0.5.17-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-audited-4.9.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-azure_mgmt_compute-0.18.7-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-azure_mgmt_network-0.19.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-azure_mgmt_resources-0.17.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-azure_mgmt_storage-0.17.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-azure_mgmt_subscriptions-0.18.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-bcrypt-3.1.12-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-builder-3.2.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-bundler_ext-0.4.1-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-clamp-1.1.2-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-coffee-rails-5.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-coffee-script-2.4.1-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-coffee-script-source-1.12.2-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-concurrent-ruby-1.1.6-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-concurrent-ruby-edge-0.6.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-connection_pool-2.2.2-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-crass-1.0.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-css_parser-1.4.7-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-daemons-1.2.3-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-deacon-1.0.0-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-declarative-0.0.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-declarative-option-0.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-deep_cloneable-3.0.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-deface-1.5.3-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-diffy-3.0.1-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-domain_name-0.5.20160310-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-dynflow-1.4.7-1.fm2_1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-erubi-1.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-excon-0.76.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-execjs-2.7.0-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-facter-2.4.0-6.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-faraday-0.17.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-faraday-cookie_jar-0.0.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-faraday_middleware-0.13.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fast_gettext-1.4.1-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ffi-1.12.2-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-aws-3.6.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-core-2.1.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-google-1.11.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-json-1.2.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-kubevirt-1.3.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-libvirt-0.7.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-openstack-1.0.8-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-ovirt-1.2.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-vsphere-3.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fog-xml-0.1.2-8.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman-tasks-3.0.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman-tasks-core-0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_ansible-6.1.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_ansible_core-4.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_azure_rm-2.1.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_bootdisk-17.0.2-2.fm2_1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_discovery-16.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_hooks-0.3.17-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_kubevirt-0.1.8-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_leapp-0.1.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_openscap-4.1.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_remote_execution-4.2.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_remote_execution-cockpit-4.2.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_remote_execution_core-1.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_rh_cloud-3.0.18.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_templates-9.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_theme_satellite-7.0.1.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-foreman_virt_who_configure-0.5.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-formatador-0.2.1-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-friendly_id-5.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-fx-0.5.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-get_process_mem-0.2.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-gettext-3.1.4-10.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-gettext_i18n_rails-1.8.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-git-1.5.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-gitlab-sidekiq-fetcher-0.6.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-globalid-0.4.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-google-api-client-0.33.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-google-cloud-env-1.3.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-googleauth-0.13.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-graphql-1.8.14-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-graphql-batch-0.3.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-gssapi-1.2.0-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli-2.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman-2.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_admin-0.0.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_ansible-0.3.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_azure_rm-0.2.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_bootdisk-0.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_discovery-1.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_docker-0.0.7-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_kubevirt-0.1.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_leapp-0.1.0-2.fm2_1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_openscap-0.1.12-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_remote_execution-0.2.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_tasks-0.0.15-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_templates-0.2.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.7-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hammer_cli_katello-0.24.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-hashie-3.6.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-highline-1.7.8-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-http-3.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-http-cookie-1.0.2-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-http-form_data-2.1.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-http_parser.rb-0.6.0-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-httpclient-2.8.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-i18n-1.8.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-infoblox-3.0.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ipaddress-0.8.0-11.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-jgrep-1.3.3-12.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-journald-logger-2.0.4-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-journald-native-1.0.11-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-jwt-2.2.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-kafo-6.2.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-kafo_parsers-1.1.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-kafo_wizards-0.0.1-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-katello-3.18.1.22-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-kubeclient-4.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ldap_fluff-0.4.7-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-little-plugger-1.1.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-locale-2.0.9-13.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-logging-2.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-logging-journald-2.0.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-loofah-2.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mail-2.7.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-marcel-0.3.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-memoist-0.16.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-method_source-0.9.2-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mime-types-3.2.2-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mime-types-data-3.2018.0812-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mimemagic-0.3.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mini_mime-1.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mini_portile2-2.4.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ms_rest-0.7.4-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ms_rest_azure-0.11.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-multi_json-1.14.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-multipart-post-2.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-mustermann-1.0.2-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-net-ldap-0.16.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-net-ping-2.0.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-net-scp-1.2.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-net-ssh-4.2.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-net-ssh-krb-0.4.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-netrc-0.11.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-newt-0.9.7-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-nio4r-2.5.4-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-nokogiri-1.10.9-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-oauth-0.5.4-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-openscap-0.4.9-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-optimist-3.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-os-1.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ovirt-engine-sdk-4.3.0-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ovirt_provision_plugin-2.0.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-parse-cron-0.1.4-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-passenger-4.0.18-26.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-passenger-native-4.0.18-26.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-passenger-native-libs-4.0.18-26.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pg-1.1.4-2.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-polyglot-0.3.5-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-powerbar-2.0.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-prometheus-client-1.0.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-promise.rb-0.7.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-public_suffix-3.0.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_2to3_migration_client-0.7.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_ansible_client-0.4.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_certguard_client-1.0.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_container_client-2.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_deb_client-2.7.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_file_client-1.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulp_rpm_client-3.9.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-pulpcore_client-3.7.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-puma-4.3.6-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-puma-plugin-systemd-0.1.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-quantile-0.2.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rabl-0.14.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rack-2.2.3-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rack-cors-1.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rack-jsonp-1.3.1-9.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rack-protection-2.0.3-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rack-test-1.1.0-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rails-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rails-dom-testing-2.0.3-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rails-html-sanitizer-1.3.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rails-i18n-6.0.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-railties-6.0.3.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rainbow-2.2.1-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rb-inotify-0.9.7-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rbovirt-0.1.7-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rbvmomi-2.2.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-record_tag_helper-1.0.1-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-recursive-open-struct-1.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-redfish_client-0.5.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-redhat_access-2.2.19-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-redhat_access_lib-1.1.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-redis-4.1.2-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-representable-3.0.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-responders-3.0.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rest-client-2.0.2-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-retriable-3.1.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rkerberos-0.1.5-18.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-roadie-3.4.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-roadie-rails-2.1.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-robotex-1.0.0-21.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rsec-0.4.3-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ruby-libvirt-0.7.1-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ruby2ruby-2.4.2-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-ruby_parser-3.10.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-rubyipmi-0.10.0-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-runcible-2.13.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-safemode-1.3.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-scoped_search-4.1.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sd_notify-0.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-secure_headers-6.3.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sequel-5.7.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-server_sent_events-0.1.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sexp_processor-4.10.0-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sidekiq-5.2.7-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-signet-0.14.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sinatra-2.0.3-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_ansible-3.0.1-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_dhcp_infoblox-0.0.16-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_dhcp_remote_isc-0.0.5-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_discovery-1.0.5-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_discovery_image-1.3.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_dns_infoblox-1.1.0-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_dynflow-0.3.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_dynflow_core-0.3.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_openscap-0.7.4-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_pulp-2.1.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-smart_proxy_remote_execution_ssh-0.3.1-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sprockets-4.0.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sprockets-rails-3.2.1-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sqlite3-1.3.13-5.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-sshkey-1.9.0-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-statsd-instrument-2.1.4-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-stomp-1.4.9-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-text-1.3.0-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-thor-1.0.1-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-thread_safe-0.3.6-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-tilt-2.0.8-4.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-timeliness-0.3.10-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-tzinfo-1.2.6-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-uber-0.1.0-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-unf-0.1.3-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-unf_ext-0.0.7.2-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-unicode-0.4.4.4-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-unicode-display_width-1.0.5-5.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-validates_lengths_from_database-0.5.0-7.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-webpack-rails-0.9.8-6.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-websocket-driver-0.7.1-1.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-websocket-extensions-0.1.5-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-will_paginate-3.1.7-3.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-xmlrpc-0.3.0-2.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-rubygem-zeitwerk-2.2.2-1.el7sat', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']},\n {'reference':'tfm-runtime-6.1-4.el7sat', 'cpu':'x86_64', 'release':'7', 'el_string':'el7sat', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'satellite-6', 'repo_list':['satellite_6_9_el7', 'satellite_capsule_6_9_el7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ansible-collection-redhat-satellite / ansible-runner / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:57:42", "description": "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-02T19:15:00", "type": "cve", "title": "CVE-2020-8185", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2021-10-21T14:36:00", "cpe": ["cpe:/o:fedoraproject:fedora:33"], "id": "CVE-2020-8185", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8185", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*"]}], "github": [{"lastseen": "2022-05-13T12:33:16", "description": "There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed\nan untrusted user to run any pending migrations on a Rails app running in\nproduction.\n\nThis vulnerability has been assigned the CVE identifier CVE-2020-8185.\n\nVersions Affected: 6.0.0 < rails < 6.0.3.2\nNot affected: Applications with `config.action_dispatch.show_exceptions = false` (this is not a default setting in production)\nFixed Versions: rails >= 6.0.3.2\n\nImpact\n------\n\nUsing this issue, an attacker would be able to execute any migrations that\nare pending for a Rails app running in production mode. It is important to\nnote that an attacker is limited to running migrations the application\ndeveloper has already defined in their application and ones that have not\nalready ran.\n\nWorkarounds\n-----------\n\nUntil such time as the patch can be applied, application developers should\ndisable the ActionDispatch middleware in their production environment via\na line such as this one in their config/environment/production.rb:\n\n`config.middleware.delete ActionDispatch::ActionableExceptions`", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-24T17:40:33", "type": "github", "title": "Untrusted users can run pending migrations in production in Rails", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2021-10-22T14:00:01", "id": "GHSA-C6QR-H5VQ-59JC", "href": "https://github.com/advisories/GHSA-c6qr-h5vq-59jc", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-09T18:35:54", "description": "A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-30T10:20:48", "type": "redhatcve", "title": "CVE-2020-8185", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2022-07-09T18:23:22", "id": "RH:CVE-2020-8185", "href": "https://access.redhat.com/security/cve/cve-2020-8185", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2022-08-15T08:23:19", "description": "There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed\nan untrusted user to run any pending migrations on a Rails app running in\nproduction.\n\nThis vulnerability has been assigned the CVE identifier CVE-2020-8185.\n\nVersions Affected: 6.0.0 < rails < 6.0.3.2\nNot affected: Applications with `config.action_dispatch.show_exceptions = false` (this is not a default setting in production)\nFixed Versions: rails >= 6.0.3.2\n\nImpact\n------\n\nUsing this issue, an attacker would be able to execute any migrations that\nare pending for a Rails app running in production mode. It is important to\nnote that an attacker is limited to running migrations the application\ndeveloper has already defined in their application and ones that have not\nalready ran.\n\nWorkarounds\n-----------\n\nUntil such time as the patch can be applied, application developers should\ndisable the ActionDispatch middleware in their production environment via\na line such as this one in their config/environment/production.rb:\n\n`config.middleware.delete ActionDispatch::ActionableExceptions`", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-24T17:40:33", "type": "osv", "title": "Untrusted users can run pending migrations in production in Rails", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8185"], "modified": "2022-08-15T08:23:18", "id": "OSV:GHSA-C6QR-H5VQ-59JC", "href": "https://osv.dev/vulnerability/GHSA-c6qr-h5vq-59jc", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}], "rubygems": [{"lastseen": "2022-03-17T15:51:30", "description": "There is a vulnerability in versions of Rails prior to 6.0.3.2 that allowed\nan untrusted user to run any pending migrations on a Rails app running in\nproduction.\n\nThis vulnerability has been assigned the CVE identifier CVE-2020-8185.\n\nVersions Affected: 6.0.0 < rails < 6.0.3.2\nNot affected: Applications with `config.action_dispatch.show_exceptions = false` (this is not a default setting in production)\nFixed Versions: rails >= 6.0.3.2\n\nImpact\n------\n\nUsing this issue, an attacker would be able to execute any migrations that\nare pending for a Rails app running in production mode. It is important to\nnote that an attacker is limited to running migrations the application\ndeveloper has already defined in their application and ones that have not\nalready ran.\n\nWorkarounds\n-----------\n\nUntil such time as the patch can be applied, application developers should\ndisable the ActionDispatch middleware in their production environment via\na line such as this one in their config/environment/production.rb:\n\n`config.middleware.delete ActionDispatch::ActionableExceptions`\n", "cvss3": {}, "published": "2020-06-17T00:00:00", "type": "rubygems", "title": "Untrusted users able to run pending migrations in production", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["2020-8185", "CVE-2020-8185"], "modified": "2020-06-17T00:00:00", "id": "RUBY:ACTIONPACK-2020-8185", "href": "https://rubysec.com/advisories/2020-8185/", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2022-08-04T13:09:28", "description": "## Summary\n\nIBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Rails.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8163](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8163>) \n** DESCRIPTION: **Rails could allow a remote attacker to execute arbitrary code on the system, caused by a code injection vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184567](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184567>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-8185](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8185>) \n** DESCRIPTION: **Rails is vulnerable to a denial of service, caused by improper access control. By sending a specially crafted request, a remote attacker could exploit this vulnerability to run pending migrations in production. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184564](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184564>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-8166](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8166>) \n** DESCRIPTION: **Ruby on Rails is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input by authenticity_token meta tag. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unintended actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184553](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184553>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nICP - Discovery| 2.0.0-2.1.2 \n \n\n\n## Remediation/Fixes\n\nUpgrade to IBM Watson Discovery 2.1.3 \n \n<https://cloud.ibm.com/docs/discovery-data?topic=discovery-data-install>\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n08 Jul 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU053\",\"label\":\"Cloud &amp; Data Platform\"},\"Product\":{\"code\":\"SSCLA6\",\"label\":\"Watson Discovery\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"2.0.0-2.1.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"\",\"label\":\"\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-18T06:08:42", "type": "ibm", "title": "Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Rails", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8163", "CVE-2020-8166", "CVE-2020-8185"], "modified": "2020-07-18T06:08:42", "id": "8C90E11DB242E8DC044F905A8987B587D4A711080CE57EFC871310507AC8BF90", "href": "https://www.ibm.com/support/pages/node/6250723", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T18:41:39", "description": "Structure many real-time application concerns into channels over a single WebSocket connection. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actioncable-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:2DDE030C0EF7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/D4VJEYQXG3YO2LEPJM4XXU5KUBHBSO6F/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Receive and process incoming emails in Rails applications. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actionmailbox-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:6905030C0EF2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RFUPYCMMB7Z2ZMQX6AW7I3NAR37BJI5A/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Simple, battle-tested conventions and helpers for building web pages. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actionview-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:C779E30C0EFA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5EZPMRMP5NJUYGUVIEPYFOGLVDPWFW2N/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Eases web-request routing, handling, and response as a half-way front, half-way page controller. Implemented with specific emphasis on enabling ea sy unit/integration testing that doesn't require a browser. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actionpack-6.0.3.3-2.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:98F1A30C0EF8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XBLUWGVWDBEL4UVXFH5PAX643HSWO7YF/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Edit and display rich text in Rails applications. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actiontext-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:AF8C030C0EF2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "A toolkit for building modeling frameworks like Active Record. Rich support for attributes, callbacks, validations, serialization, internationalization, and testing. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-activemodel-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:04C8E30BDAB3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LJSOSPY7DZOM4T3HZ7CQWKVOPP3GEHAP/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Implements the ActiveRecord pattern (Fowler, PoEAA) for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-activerecord-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:1BE4F30C0EF2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BNFPHMTLAWYZJ6EWEYHFJQXYUVKY23UM/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "High-level wrapper for processing images for the web with ImageMagick or libvips. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-image_processing-1.11.0-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:61EBD30BDAB3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/V77VWTREGLCV4FYZJECGWKOTTNFELDBQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Declare job classes that can be run by a variety of queueing backends. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-activejob-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:E04FA30C0EFD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QRZEMAYGXVQHF5WFVJUDLEEOZNJOVIX4/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-activesupport-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:4A6A3309B6F1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GO5HFESPLIQNFHB24NFZAB353VOPYCB2/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Email on Rails. Compose, deliver, and test emails using the familiar controller/view pattern. First-class support for multipart email and attachments. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:17:59", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-actionmailer-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:17:59", "id": "FEDORA:8116230C0EF7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OCTEWRI3XID5GZOZTXA4X6UOPUSC2UYL/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Ruby on Rails is a full-stack web framework optimized for programmer happin ess and sustainable productivity. It encourages beautiful code by favoring convention over configuration. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-rails-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:7AD1030BB654", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/FU5SRTFS6WYRUXYCCTM5MGDX3NLEEJKH/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Attach cloud and local files in Rails applications. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-activestorage-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:3313D30C0EF8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PFKTD4YMAG7SHBGR3NHQAEP7VJSDQQQT/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "Rails internals: application bootup, plugins, generators, and rake tasks. Railties is responsible to glue all frameworks together. Overall, it: * handles all the bootstrapping process for a Rails application; * manages rails command line interface; * provides Rails generators core; ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-10-05T00:18:00", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: rubygem-railties-6.0.3.3-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-15169", "CVE-2020-5267", "CVE-2020-8185"], "modified": "2020-10-05T00:18:00", "id": "FEDORA:92FD1309B6F1", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3TVKX2B2ESGFLM7F4MHZTA4XDWSPJ4P5/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "suse": [{"lastseen": "2022-04-21T22:47:58", "description": "An update that fixes 16 vulnerabilities is now available.\n\nDescription:\n\n This update for rmt-server fixes the following issues:\n\n Update to version 2.6.5:\n - Solved potential bug of SCC repository URLs changing over time. RMT now\n self heals by removing the previous invalid repository and creating the\n correct one.\n - Add web server settings to /etc/rmt.conf: Now it's possible to configure\n the minimum and maximum threads count as well the number of web server\n workers to be booted through /etc/rmt.conf.\n - Instead of using an MD5 of URLs for custom repository friendly_ids, RMT\n now builds an ID from the name.\n - Fix RMT file caching based on timestamps: Previously, RMT sent GET\n requests with the header 'If-Modified-Since' to a repository server and\n if the response had a 304 (Not Modified), it would copy a file from the\n local cache instead of downloading. However, if the local file timestamp\n accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors. Now,\n RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it\n from cache, by comparing the equalness of timestamps.\n - Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n - Friendlier IDs for custom repositories: In an effort to simplify the\n handling of SCC and custom repositories, RMT now has friendly IDs. For\n SCC repositories, it's the same SCC ID as before. For custom\n repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL). Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing \"SCC ID\" vs \"ID\" in `rmt-cli` output. Deprecation\n Warnings:\n * RMT now uses a different ID for custom repositories than before. RMT\n still supports that old ID, but it's recommended to start using the\n new ID to ensure future compatibility.\n - Updated rails and puma dependencies for security fixes.\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1993=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-21T00:00:00", "type": "suse", "title": "Security update for rmt-server (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-11-21T00:00:00", "id": "OPENSUSE-SU-2020:1993-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2W26GJJ7QXIADWB6ZCQWC2BUZD2ALYVT/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-04-18T12:40:55", "description": "An update that fixes 16 vulnerabilities is now available.\n\nDescription:\n\n This update for rmt-server fixes the following issues:\n\n - Version 2.6.5\n - Solved potential bug of SCC repository URLs changing over time. RMT now\n self heals by removing the previous invalid repository and creating the\n correct one.\n\n - Version 2.6.4\n - Add web server settings to /etc/rmt.conf: Now it's possible to configure\n the minimum and maximum threads count as well the number of web server\n workers to be booted through /etc/rmt.conf.\n\n - Version 2.6.3\n - Instead of using an MD5 of URLs for custom repository friendly_ids, RMT\n now builds an ID from the name.\n\n - Version 2.6.2\n - Fix RMT file caching based on timestamps: Previously, RMT sent GET\n requests with the header 'If-Modified-Since' to a repository server and\n if the response had a 304 (Not Modified), it would copy a file from the\n local cache instead of downloading. However, if the local file timestamp\n accidentally changed to a date newer than the one on the repository\n server, RMT would have an outdated file, which caused some errors. Now,\n RMT makes HEAD requests to the repositories servers and inspect the\n 'Last-Modified' header to decide whether to download a file or copy it\n from cache, by comparing the equalness of timestamps.\n\n\n - Version 2.6.1\n - Fixed an issue where relative paths supplied to `rmt-cli import repos`\n caused the command to fail.\n\n - Version 2.6.0\n - Friendlier IDs for custom repositories: In an effort to simplify the\n handling of SCC and custom repositories, RMT now has friendly IDs. For\n SCC repositories, it's the same SCC ID as before. For custom\n repositories, it can either be user provided\n or RMT generated (MD5 of the provided URL). Benefits:\n * `rmt-cli mirror repositories` now works for custom repositories.\n * Custom repository IDs can be the same across RMT instances.\n * No more confusing \"SCC ID\" vs \"ID\" in `rmt-cli` output. Deprecation\n Warnings:\n * RMT now uses a different ID for custom repositories than before. RMT\n still supports that old ID, but it's recommended to start using the\n new ID to ensure future compatibility.\n\n - Version 2.5.20\n - Updated rails from 6.0.3.2 to 6.0.3.3:\n - actionview (CVE-2020-15169)\n\n - Version 2.5.19\n - RMT now has the ability to remove local systems with the command\n `rmt-cli systems remove`.\n\n - Version 2.5.18\n - Fixed exit code for `rmt-cli mirror` and its subcommands. Now it exits\n with 1 whenever an error occurs during mirroring\n - Improved message logging for `rtm-cli mirror`. Instead of logging an\n error when it occurs, the command summarize all errors at the end of\n execution. Now log messages have colors to better identify\n failure/success.\n\n - Version 2.5.17\n - RMT no longer provides the installer updates repository to systems via\n its zypper service. This repository is used during the installation\n process, as it provides an up-to-date installation experience, but it\n has no use on an already installed system.\n\n - Version 2.5.16\n - Updated RMT's rails and puma dependencies.\n - puma (CVE-2020-11076, CVE-2020-11077, CVE-2020-5249, CVE-2020-5247\n CVE-2019-16770)\n - actionpack (CVE-2020-8185, CVE-2020-8164, CVE-2020-8166)\n - actionview (CVE-2020-8167, CVE-2020-5267, CVE-2019-5418, CVE-2019-5419)\n - activesupport (CVE-2020-8165)\n - railties (CVE-2019-5420)\n\n - Version 2.5.15\n - RMT now checks if repositories are fully mirrored during the activation\n process. Previously, RMT only checked if the repositories were enabled\n to be mirrored, but not that they were actually mirrored. In this case,\n RMTs were not able to provide the repository data which systems assumed\n it had.\n\n - Version 2.5.14\n - Enable 'Installer-Updates' repositories by default\n\n - Fixed deprecation warning when thor encountered an error. Also, instead\n of returning 0 for thor errors, rmt-cli will return 1 instead.\n\n - Version 2.5.13\n - Added `rmt-cli repos clean` command to remove locally mirrored files\n of repositories which are not marked to be mirrored.\n - Previously, RMT didn't track deduplicated files in its database. Now, to\n accommodate `rmt-cli repos clean`, RMT will track all mirrored files.\n\n - Move the nginx reload to the configuration package which contain nginx\n config files, don't reload nginx unconditionally from main package.\n\n - Version 2.5.12\n - Update rack to version 2.2.3 (CVE-2020-8184: bsc#1173351)\n - Update Rails to version 5.2.4.3:\n - actionpack (CVE-2020-8164: bsc#1172177)\n - actionpack (CVE-2020-8166: bsc#1172182)\n - activesupport (CVE-2020-8165: bsc#1172186)\n - actionview (CVE-2020-8167: bsc#1172184)\n\n - Version 2.5.11\n - rmt-server-pubcloud:\n - SLES11 EOL\n - Extension activation verification based on the available subscriptions\n - Added a manual instance verification script\n\n - Version 2.5.10\n - Support rmt-server to run with Ruby 2.7 (Factory/Tumbleweed):\n - Bump gem 'config' version from 1.7.2 to 2.2.1 to fix incompatibility\n Ruby 2.7 OpenStruct class;\n - Bump gem 'typhoeus' version from 1.3.1 to 1.4.0 in order to also bump\n gem 'ethon' version, which caused a 'rb_safe_level' warning on Ruby\n 2.7;\n - Fix \"last arg as keyword arg\" Ruby 2.7 warning on source code;\n - Disable \"deprecated\" warnings from Ruby 2.7; Rails 5.1 generates a lot\n of warnings with Ruby 2.7, mainly due to \"capturing the given block\n with Proc.new\", which is deprecated;\n - Improve RPM spec to consider only the distribution default Ruby\n version configured in OBS;\n - Improve RPM spec to remove Ruby 2.7 warnings regarding 'bundler.\n\n - Move nginx/vhosts.d directory to correct sub-package. They are needed\n together with nginx, not rmt-server.\n - Fix dependencies especially for containerized usage:\n - mariadb and nginx are not hard requires, could run on another host\n - Fix generic dependencies:\n - systemd ordering was missing\n - shadow is required for pre-install\n\n - Version 2.5.9\n - rmt-server-pubcloud: enforce strict authentication\n\n - Version 2.5.8\n - Use repomd_parser gem to remove repository metadata parsing code.\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-2000=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-23T00:00:00", "type": "suse", "title": "Security update for rmt-server (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16770", "CVE-2019-5418", "CVE-2019-5419", "CVE-2019-5420", "CVE-2020-11076", "CVE-2020-11077", "CVE-2020-15169", "CVE-2020-5247", "CVE-2020-5249", "CVE-2020-5267", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8184", "CVE-2020-8185"], "modified": "2020-11-23T00:00:00", "id": "OPENSUSE-SU-2020:2000-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7MCDUWQEXA3XGI7X2XPATA7YTNVDYTSF/", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:39:24", "description": "Red Hat Satellite is a systems management tool for Linux-based\ninfrastructure. It allows for provisioning, remote management, and\nmonitoring of multiple Linux deployments with a single centralized tool.\n\nSecurity Fix(es):\n\n* foreman: Managing repositories with their id via hammer does not respect the role filters (CVE-2017-2662)\n* python-psutil: Double free because of refcount mishandling (CVE-2019-18874)\n* candlepin: netty: compression/decompression codecs don't enforce limits on buffer allocation sizes (CVE-2020-11612)\n* foreman: world-readable OMAPI secret through the ISC DHCP server (CVE-2020-14335)\n* candlepin: resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling (CVE-2020-25633)\n* python-django: potential SQL injection via \"tolerance\" parameter in GIS functions and aggregates on Oracle (CVE-2020-9402)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAdditional Changes:\n\n* Usability enhancements to Red Hat's Simple Content Access mode and Satellite\n\n* Usability improvements to enabling Remote Execution on your hosts.\n\n* Notifications in the UI to warn users when subscriptions are expiring.\n\n* Usability enhancements to enable Insights integration with Satellite.\n\n* Performance improvements to various aspects of the user interface and API.\n\n* Added support for OpenID Connect for authentication.\n\n* Usability improvements to the Satellite Installer.\n\n* Updated Ruby web server to the modern Puma application server which replaces Passenger.\n\nThe items above are not a complete list of changes. This update also fixes\nseveral bugs and adds various enhancements. Documentation for these changes\nis available from the Release Notes document linked to in the References\nsection.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-04-21T12:43:38", "type": "redhat", "title": "(RHSA-2021:1313) Moderate: Satellite 6.9 Release", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1820", "CVE-2015-3448", "CVE-2017-2662", "CVE-2018-1000119", "CVE-2019-16782", "CVE-2019-18874", "CVE-2020-11612", "CVE-2020-14335", "CVE-2020-15169", "CVE-2020-25633", "CVE-2020-8162", "CVE-2020-8164", "CVE-2020-8165", "CVE-2020-8166", "CVE-2020-8167", "CVE-2020-8185", "CVE-2020-9402"], "modified": "2021-05-07T18:18:28", "id": "RHSA-2021:1313", "href": "https://access.redhat.com/errata/RHSA-2021:1313", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}