Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security fix(es):
rubygem-actionpack: actionpack: Possible XSS via User Supplied Values to redirect_to [rhn_satellite_6.14] (CVE-2023-28362)
foreman: World readable file containing secrets [rhn_satellite_6.14] (CVE-2023-4886)
python-urllib3: urllib3: Request body not stripped after redirect from 303 status changes request method to GET [rhn_satellite_6-default] (CVE-2023-45803 )
python-gitpython: GitPython: Blind local file inclusion [rhn_satellite_6-default] (CVE-2023-41040)
This update fixes the following bugs:
2250342 - REX job finished with exit code 0 but the script failed on client side due to no space.
2250343 - Selinux denials are reported after following “Chapter 13. Managing Custom File Type Content” chapter step by step
2250344 - Long running postgres threads during content-export
2250345 - Upgrade django-import-export package to at least 3.1.0
2250349 - After upstream repo switched to zst compression, Satellite 6.12.5.1 unable to sync
2250350 - Slow generate applicability for Hosts with multiple modulestreams installed
2250352 - Recalculate button for Errata is not available on Satellite 6.13/ Satellite 6.14 if no errata is present
2250351 - Actions::ForemanLeapp::PreupgradeJob fails with null value in column “preupgrade_report_id” violates not-null constraint when run with non-admin user
2251799 - REX Template for ‘convert2rhel analyze’ command
2254085 - Getting ‘/usr/sbin/foreman-rake db:migrate’ returned 1 instead of one of [0] ERROR while trying to upgrade Satellite 6.13 to 6.14
2254080 - satellite-convert2rhel-toolkit rpm v1.0.0 in 6.14.z
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 8 | noarch | satellite-capsule | < 6.14.1-1.el8sat | satellite-capsule-6.14.1-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | rubygem-actiontext | < 6.1.7.4-1.el8sat | rubygem-actiontext-6.1.7.4-1.el8sat.noarch.rpm |
RedHat | 8 | x86_64 | createrepo_c | < 1.0.2-2.el8pc | createrepo_c-1.0.2-2.el8pc.x86_64.rpm |
RedHat | 8 | noarch | rubygem-actionmailer | < 6.1.7.4-1.el8sat | rubygem-actionmailer-6.1.7.4-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | rubygem-katello | < 4.9.0.18-1.el8sat | rubygem-katello-4.9.0.18-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | satellite-common | < 6.14.1-1.el8sat | satellite-common-6.14.1-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | foreman-cli | < 3.7.0.10-1.el8sat | foreman-cli-3.7.0.10-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | foreman-installer-katello | < 3.7.0.5-1.el8sat | foreman-installer-katello-3.7.0.5-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | satellite | < 6.14.1-1.el8sat | satellite-6.14.1-1.el8sat.noarch.rpm |
RedHat | 8 | noarch | rubygem-activerecord | < 6.1.7.4-1.el8sat | rubygem-activerecord-6.1.7.4-1.el8sat.noarch.rpm |