(RHSA-2016:2592) Moderate: subscription-manager security, bug fix, and enhancement update

2016-11-0306:07:15

access.redhat.com

0.0004 Low

EPSS

Percentile

12.7%

JSON

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

The subscription-manager-migration-data package provides certificates for migrating a system from the legacy Red Hat Network Classic (RHN) to Red Hat Subscription Management (RHSM).

The python-rhsm packages provide a library for communicating with the representational state transfer (REST) interface of a Red Hat Unified Entitlement Platform. The Subscription Management tools use this interface to manage system entitlements, certificates, and access to content.

The following packages have been upgraded to a newer upstream version: subscription-manager (1.17.15), python-rhsm (1.17.9), subscription-manager-migration-data (2.0.31). (BZ#1328553, BZ#1328555, BZ#1328559)

Security Fix(es):

It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user could use this flaw to access sensitive data that could potentially be used in a social engineering attack. (CVE-2016-4455)

Red Hat would like to thank Robert Scheck for reporting this issue.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7s390xsubscription-manager-plugin-ostree< 1.17.15-1.el7subscription-manager-plugin-ostree-1.17.15-1.el7.s390x.rpm
RedHat7x86_64subscription-manager-migration< 1.17.15-1.el7subscription-manager-migration-1.17.15-1.el7.x86_64.rpm
RedHat7x86_64subscription-manager-gui< 1.17.15-1.el7subscription-manager-gui-1.17.15-1.el7.x86_64.rpm
RedHat7ppc64python-rhsm-certificates< 1.17.9-1.el7python-rhsm-certificates-1.17.9-1.el7.ppc64.rpm
RedHat7aarch64subscription-manager-debuginfo< 1.17.15-1.el7subscription-manager-debuginfo-1.17.15-1.el7.aarch64.rpm
RedHat7aarch64subscription-manager-migration< 1.17.15-1.el7subscription-manager-migration-1.17.15-1.el7.aarch64.rpm
RedHat7ppc64lesubscription-manager-plugin-ostree< 1.17.15-1.el7subscription-manager-plugin-ostree-1.17.15-1.el7.ppc64le.rpm
RedHat7x86_64subscription-manager-plugin-container< 1.17.15-1.el7subscription-manager-plugin-container-1.17.15-1.el7.x86_64.rpm
RedHat7ppc64python-rhsm< 1.17.9-1.el7python-rhsm-1.17.9-1.el7.ppc64.rpm
RedHat7ppc64lesubscription-manager-initial-setup-addon< 1.17.15-1.el7subscription-manager-initial-setup-addon-1.17.15-1.el7.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	subscription-manager-plugin-ostree	< 1.17.15-1.el7	subscription-manager-plugin-ostree-1.17.15-1.el7.s390x.rpm
RedHat	7	x86_64	subscription-manager-migration	< 1.17.15-1.el7	subscription-manager-migration-1.17.15-1.el7.x86_64.rpm
RedHat	7	x86_64	subscription-manager-gui	< 1.17.15-1.el7	subscription-manager-gui-1.17.15-1.el7.x86_64.rpm
RedHat	7	ppc64	python-rhsm-certificates	< 1.17.9-1.el7	python-rhsm-certificates-1.17.9-1.el7.ppc64.rpm
RedHat	7	aarch64	subscription-manager-debuginfo	< 1.17.15-1.el7	subscription-manager-debuginfo-1.17.15-1.el7.aarch64.rpm
RedHat	7	aarch64	subscription-manager-migration	< 1.17.15-1.el7	subscription-manager-migration-1.17.15-1.el7.aarch64.rpm
RedHat	7	ppc64le	subscription-manager-plugin-ostree	< 1.17.15-1.el7	subscription-manager-plugin-ostree-1.17.15-1.el7.ppc64le.rpm
RedHat	7	x86_64	subscription-manager-plugin-container	< 1.17.15-1.el7	subscription-manager-plugin-container-1.17.15-1.el7.x86_64.rpm
RedHat	7	ppc64	python-rhsm	< 1.17.9-1.el7	python-rhsm-1.17.9-1.el7.ppc64.rpm
RedHat	7	ppc64le	subscription-manager-initial-setup-addon	< 1.17.15-1.el7	subscription-manager-initial-setup-addon-1.17.15-1.el7.ppc64le.rpm

Rows per page:

1-10 of 511

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for RHSA-2016:2592