Important: Red Hat Security Advisory: Satellite 6.3 security, bug fix, and enhancement update

An update is now available for Red Hat Satellite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

CVE-2016-3704

Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords...

CVE-2016-3704

CVE-2016-3704 affects Pulp prior to 2.8.5, arising from the unsafe use of bash $RANDOM to generate NSS DB passwords/seeds. This Legacy issue is documented in Red Hat/Satellite advisories and Fedora/OpenVAS entries; exploitation details are not described in the provided docs. Remediation per sourc...

Fedora Update for pulp-ostree FEDORA-2016-4373f7d32a

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : pulp / pulp-docker / pulp-ostree / pulp-puppet / pulp-python / etc (2016-4373f7d32a)

2.8.6 is a security and bugfix release. Included in the list of fixed issues in 2.8.5 are two CVEs : - CVE-2016-3696: Leakage of CA key in pulp-qpid-ssl-cfg - CVE-2016-3704: Unsafe use of bash $RANDOM for NSS DB password and seed Several issues with database migrations are also addressed in this...