(RHSA-2019:1222) Moderate: Satellite 6.5 Release

2019-05-1412:30:19

access.redhat.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.065 Low

EPSS

Percentile

93.7%

JSON

Red Hat Satellite is a systems management tool for Linux-based infrastructure.
It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.

Security Fix(es):

RESTEasy: Abuse of GZIPInterceptor in RESTEasy can lead to denial of service attack (CVE-2016-6346)
pulp: Improper path parsing leads to overwriting of iso repositories (CVE-2018-10917)
foreman: Persisted XSS on all pages that use breadcrumbs (CVE-2018-14664)
foreman: stored XSS in success notification after entity creation (CVE-2018-16861)
katello: stored XSS in subscriptions and repositories pages (CVE-2018-16887)
candlepin: credentials exposure through log files (CVE-2019-3891)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchtfm-rubygem-jwt< 1.2.1-1.el7sattfm-rubygem-jwt-1.2.1-1.el7sat.noarch.rpm
RedHat7x86_64tfm-rubygem-unicode-debuginfo< 0.4.4.1-6.el7sattfm-rubygem-unicode-debuginfo-0.4.4.1-6.el7sat.x86_64.rpm
RedHat7noarchforeman-ovirt< 1.20.1.34-1.el7satforeman-ovirt-1.20.1.34-1.el7sat.noarch.rpm
RedHat7noarchtfm-ror52-rubygem-tilt< 2.0.8-1.el7sattfm-ror52-rubygem-tilt-2.0.8-1.el7sat.noarch.rpm
RedHat7noarchtfm-rubygem-locale< 2.0.9-13.el7sattfm-rubygem-locale-2.0.9-13.el7sat.noarch.rpm
RedHat7noarchpython2-amqp< 2.2.2-3.el7satpython2-amqp-2.2.2-3.el7sat.noarch.rpm
RedHat7noarchtfm-rubygem-deface< 1.3.2-1.el7sattfm-rubygem-deface-1.3.2-1.el7sat.noarch.rpm
RedHat7noarchtfm-rubygem-secure_headers< 6.0.0-1.el7sattfm-rubygem-secure_headers-6.0.0-1.el7sat.noarch.rpm
RedHat7noarchpython-gnupg< 0.3.7-1.el7uipython-gnupg-0.3.7-1.el7ui.noarch.rpm
RedHat7noarchtfm-rubygem-hammer_cli_katello< 0.16.0.11-1.el7sattfm-rubygem-hammer_cli_katello-0.16.0.11-1.el7sat.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	tfm-rubygem-jwt	< 1.2.1-1.el7sat	tfm-rubygem-jwt-1.2.1-1.el7sat.noarch.rpm
RedHat	7	x86_64	tfm-rubygem-unicode-debuginfo	< 0.4.4.1-6.el7sat	tfm-rubygem-unicode-debuginfo-0.4.4.1-6.el7sat.x86_64.rpm
RedHat	7	noarch	foreman-ovirt	< 1.20.1.34-1.el7sat	foreman-ovirt-1.20.1.34-1.el7sat.noarch.rpm
RedHat	7	noarch	tfm-ror52-rubygem-tilt	< 2.0.8-1.el7sat	tfm-ror52-rubygem-tilt-2.0.8-1.el7sat.noarch.rpm
RedHat	7	noarch	tfm-rubygem-locale	< 2.0.9-13.el7sat	tfm-rubygem-locale-2.0.9-13.el7sat.noarch.rpm
RedHat	7	noarch	python2-amqp	< 2.2.2-3.el7sat	python2-amqp-2.2.2-3.el7sat.noarch.rpm
RedHat	7	noarch	tfm-rubygem-deface	< 1.3.2-1.el7sat	tfm-rubygem-deface-1.3.2-1.el7sat.noarch.rpm
RedHat	7	noarch	tfm-rubygem-secure_headers	< 6.0.0-1.el7sat	tfm-rubygem-secure_headers-6.0.0-1.el7sat.noarch.rpm
RedHat	7	noarch	python-gnupg	< 0.3.7-1.el7ui	python-gnupg-0.3.7-1.el7ui.noarch.rpm
RedHat	7	noarch	tfm-rubygem-hammer_cli_katello	< 0.16.0.11-1.el7sat	tfm-rubygem-hammer_cli_katello-0.16.0.11-1.el7sat.noarch.rpm