[RHSA-2020:4127-01] Important: Satellite 6.7.4 Async Bug Fix Update
Security announcements for all Red Hat products and services.
rhsa-announce at redhat.com
Wed Sep 30 13:15:56 UTC 2020
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Satellite 6.7.4 Async Bug Fix Update
Advisory ID: RHSA-2020:4127-01
Product: Red Hat Satellite 6
Advisory URL: https://access.redhat.com/errata/RHSA-2020:4127
Issue date: 2020-09-30
CVE Names: CVE-2020-14334
=====================================================================
1. Summary:
Updated Satellite 6.7 packages that fix several bugs are now available for
Red Hat Satellite.
2. Relevant releases/architectures:
Red Hat Satellite 6.7 - noarch
Red Hat Satellite Capsule 6.7 - noarch
3. Description:
Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* foreman: unauthorized cache read on RPM-based installations through local
user (CVE-2020-14334)
This update fixes the following bugs:
1305773 - Changing Content View of a Content Host needs to better inform
the user around client needs
1666324 - The Host configuration chart shows 100% even if few hosts are
not in sync or reporting.
1781875 - Red Hat Inventory Uploads does not use proxy
1793416 - Searching for task requires clicking Search twice to get correct
results
1816464 - Decreased performance in GenerateApplicability in 6.6
1822564 - vmrc not working 6.7
1823396 - Hosts are rejected due to mismatch of metadata.json and actual
hosts included in satellite inventory report
1829412 - Unable to search by value of certain Hostgroup parameter
1853466 - RH Cloud -> Insights page does not report error when
rh_cloud_token setting is not set
1854711 - Sync Plan fails with 'uninitialized constant
Actions::Foreman::Exception'
1858307 - CVE-2020-14334 foreman: unauthorized cache read on RPM-based
installations through local user [rhn_satellite_6.7]
1862260 - Default job templates are not locked
1867258 - After upgrading to 6.7 and promoting content, Capsule sync is
extremely slow
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For detailed instructions how to apply this update, refer to:
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.7/html/up
grading_and_updating_red_hat_satellite/updating_satellite_server_capsule_se
rver_and_content_hosts
5. Bugs fixed (https://bugzilla.redhat.com/):
1305773 - Changing Content View of a Content Host needs to better inform the user around client needs
1666324 - The Host configuration chart shows 100% even if few hosts are not in sync or reporting.
1781875 - Red Hat Inventory Uploads does not use proxy
1793416 - Searching for task requires clicking Search twice to get correct results
1816464 - Decreased performance in GenerateApplicability in 6.6
1822564 - vmrc not working 6.7
1823396 - Hosts are rejected due to mismatch of metadata.json and actual hosts included in satellite inventory report
1829412 - Unable to search by value of certain Hostgroup parameter
1853466 - RH Cloud -> Insights page does not report error when rh_cloud_token setting is not set
1854711 - Sync Plan fails with 'uninitialized constant Actions::Foreman::Exception'
1858284 - CVE-2020-14334 foreman: unauthorized cache read on RPM-based installations through local user
1862260 - Default job templates are not locked
1867258 - After upgrading to 6.7 and promoting content, Capsule sync is extremely slow
6. Package List:
Red Hat Satellite Capsule 6.7:
Source:
foreman-1.24.1.28-3.el7sat.src.rpm
foreman-proxy-1.24.1-3.el7sat.src.rpm
pulp-2.21.0.4-1.el7sat.src.rpm
satellite-6.7.4-1.el7sat.src.rpm
noarch:
foreman-debug-1.24.1.28-3.el7sat.noarch.rpm
foreman-proxy-1.24.1-3.el7sat.noarch.rpm
foreman-proxy-journald-1.24.1-3.el7sat.noarch.rpm
pulp-admin-client-2.21.0.4-1.el7sat.noarch.rpm
pulp-maintenance-2.21.0.4-1.el7sat.noarch.rpm
pulp-nodes-child-2.21.0.4-1.el7sat.noarch.rpm
pulp-nodes-common-2.21.0.4-1.el7sat.noarch.rpm
pulp-nodes-parent-2.21.0.4-1.el7sat.noarch.rpm
pulp-selinux-2.21.0.4-1.el7sat.noarch.rpm
pulp-server-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-agent-lib-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-bindings-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-client-lib-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-common-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-oid_validation-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-repoauth-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-streamer-2.21.0.4-1.el7sat.noarch.rpm
satellite-capsule-6.7.4-1.el7sat.noarch.rpm
satellite-common-6.7.4-1.el7sat.noarch.rpm
satellite-debug-tools-6.7.4-1.el7sat.noarch.rpm
Red Hat Satellite 6.7:
Source:
foreman-1.24.1.28-3.el7sat.src.rpm
foreman-proxy-1.24.1-3.el7sat.src.rpm
pulp-2.21.0.4-1.el7sat.src.rpm
satellite-6.7.4-1.el7sat.src.rpm
tfm-rubygem-foreman-tasks-0.17.5.8-1.el7sat.src.rpm
tfm-rubygem-foreman_ansible-4.0.3.8-1.el7sat.src.rpm
tfm-rubygem-foreman_openscap-2.0.2.1-1.el7sat.src.rpm
tfm-rubygem-foreman_rh_cloud-1.0.10-1.el7sat.src.rpm
tfm-rubygem-katello-3.14.0.31-1.el7sat.src.rpm
noarch:
foreman-1.24.1.28-3.el7sat.noarch.rpm
foreman-cli-1.24.1.28-3.el7sat.noarch.rpm
foreman-debug-1.24.1.28-3.el7sat.noarch.rpm
foreman-ec2-1.24.1.28-3.el7sat.noarch.rpm
foreman-gce-1.24.1.28-3.el7sat.noarch.rpm
foreman-journald-1.24.1.28-3.el7sat.noarch.rpm
foreman-libvirt-1.24.1.28-3.el7sat.noarch.rpm
foreman-openstack-1.24.1.28-3.el7sat.noarch.rpm
foreman-ovirt-1.24.1.28-3.el7sat.noarch.rpm
foreman-postgresql-1.24.1.28-3.el7sat.noarch.rpm
foreman-proxy-1.24.1-3.el7sat.noarch.rpm
foreman-proxy-journald-1.24.1-3.el7sat.noarch.rpm
foreman-rackspace-1.24.1.28-3.el7sat.noarch.rpm
foreman-telemetry-1.24.1.28-3.el7sat.noarch.rpm
foreman-vmware-1.24.1.28-3.el7sat.noarch.rpm
pulp-admin-client-2.21.0.4-1.el7sat.noarch.rpm
pulp-maintenance-2.21.0.4-1.el7sat.noarch.rpm
pulp-selinux-2.21.0.4-1.el7sat.noarch.rpm
pulp-server-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-bindings-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-client-lib-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-common-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-oid_validation-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-repoauth-2.21.0.4-1.el7sat.noarch.rpm
python-pulp-streamer-2.21.0.4-1.el7sat.noarch.rpm
satellite-6.7.4-1.el7sat.noarch.rpm
satellite-capsule-6.7.4-1.el7sat.noarch.rpm
satellite-cli-6.7.4-1.el7sat.noarch.rpm
satellite-common-6.7.4-1.el7sat.noarch.rpm
satellite-debug-tools-6.7.4-1.el7sat.noarch.rpm
tfm-rubygem-foreman-tasks-0.17.5.8-1.el7sat.noarch.rpm
tfm-rubygem-foreman_ansible-4.0.3.8-1.el7sat.noarch.rpm
tfm-rubygem-foreman_openscap-2.0.2.1-1.el7sat.noarch.rpm
tfm-rubygem-foreman_rh_cloud-1.0.10-1.el7sat.noarch.rpm
tfm-rubygem-katello-3.14.0.31-1.el7sat.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-14334
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert at redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBX3SFCNzjgjWX9erEAQj/vw/+MbhzTnUsm6nWumrFzA6TgklXqIs3WPRD
FOylT3DVGa4B4zKBBoICMyjF5Vq1XN1fYhYKc+DYWNd3XKKZBD/tF78qzWz+DHe4
pVwr9eTBaTewzZIJEFQ32uOWBNQKxHqOe029twQCZp53Jv61UFS8pFw1w6vZj4MV
dNKZj/CStfARm6ucsQHRcW8DdNBL02Jr4NGaQV8MLn/qhO6d8S+q3+3WtsYprQqt
A+LrYj0iIl9CZPS5486nHgPUlZ1aoFOSooeO426Eyi901hh8jStt9FiXZIJAkuDH
13icrsdcc+rUhshdzRwB0UpKcBxx+2IWvAtXvoMACgkw9Cf+a3Ogg5BSMUoqJc1l
s/bl8HqyzOO+6fvQvSH4NVfDqu35oUDRAdV3MRL8bAtU31+LFDKZ6ypttz0e4DbM
0YfLTPskPAmIXwNm5e9/S9KV/v6o8CAB7x36J9CRpKyO0dZEtqq9xkb+6Gi9cAj7
EFv3jA3V8/3ToTvjnClHeT88aq2mO1tLu7MRDAZx+JQM5LIpM/nNdBzscBhNpKhb
cIZ/q7QriVm+ncW3RrqL/7PVXY2jm3egqLfE8Ht3c54jqIy8JpxAH6AvrZ8Ayzvm
DXxK3GYo20I1iUUu+8cdsNwASM1OAwKbN+4T2/E59yFrEHQw5lbSI94W1/DA+6fn
XHE6J8DFynQ=
=6gjZ
-----END PGP SIGNATURE-----
More information about the RHSA-announce
mailing list