Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2013:0686 - Security Advisory
Issued:
2013-03-26
Updated:
2013-03-26

RHSA-2013:0686 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: Subscription Asset Manager 1.2.1 update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat Subscription Asset Manager 1.2.1, which fixes several security
issues, multiple bugs, and adds various enhancements, is now available.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Description

Red Hat Subscription Asset Manager acts as a proxy for handling
subscription information and software updates on client machines.

The latest packages for Subscription Asset Manager include a number of security
fixes:

When a Subscription Asset Manager instance is created, its configuration
script automatically creates an RPM of the internal subscription service
CA certificate. However, this RPM incorrectly created the CA certificate
with file permissions of 0666. This allowed other users on a client system
to modify the CA certificate used to trust the remote subscription server.
All administrators are advised to update and deploy the subscription
service certificate on all systems which use Subscription Asset Manager
as their subscription service. This procedure is described in:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Subscription_Asset_Manager/1.2/html/Installation_Guide/sect-Installation_Guide-Administration-Upgrading_Subscription_Asset_Manager.html (CVE-2012-6116)

Manifest signature checking was not implemented for early versions of
Subscription Asset Manager. This meant that a malicious user could edit
a manifest file, insert arbitrary data, and successfully upload the edited
manifest file into the Subscription Asset Manager server. (CVE-2012-6119)

Ruby's documentation generator had a flaw in the way it generated HTML
documentation. When a Ruby application exposed its documentation
on a network (such as a web page), an attacker could use a specially-
crafted URL to open an arbitrary web script or to execute HTML code
within the application's user session. (CVE-2013-0256)

A timing attack flaw was found in the way rubygem-rack and
ruby193-rubygem-rack processed HMAC digests in cookies. This flaw could aid
an attacker using forged digital signatures to bypass authentication
checks. (CVE-2013-0263)

A flaw in rubygem-json allowed remote attacks by creating different types
of malicious objects. For example, it could initiate a denial of service
(DoS) attack through resource consumption by using a JSON document to
create arbitrary Ruby symbols, which were never garbage collected. It
could also be exploited to create internal objects which could allow a SQL
injection attack. (CVE-2013-0269)

A flaw in ActiveRecord in Ruby on Rails allowed remote attackers to
circumvent attribute protections and to insert their own crafted requests
to change protected attribute values. (CVE-2013-0276)

HTML markup was not properly escaped when filling in the username field in
the Notifications form of the Subscription Asset Manager UI. This meant
that HTML code used in the value was then applied in the UI page when the
entry was viewed. This could have allowed malicious HTML code to be
entered. The field value is now validated and any HTML tags are escaped.
(CVE-2013-1823)

These updated packages also include bug fixes and enhancements:

  • Previously, no SELinux policy for the subscription service was included

with the Subscription Asset Manager packages. The candlepin-selinux package
is now included with SELinux policies for the subscription server.
(BZ#906901)

  • When attempting to use the subscription service's CA certificate to

validate a manifest during import, the comparison failed. The upstream
subscription service which generated the manifest is a different service
than the local subscription service; thus, they have different CA
certificates. This caused importing a manifest to fail with the error
'archive failed signature'. This has been fixed so that the proper
certificate is used for verification. (BZ#918778)

All users of Subscription Asset Manager are recommended to update to the
latest packages.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64

Fixes

  • BZ - 906207 - CVE-2012-6116 Candlepin: bootstrap RPM deploys CA certificate file with mode 666
  • BZ - 906901 - SAM installation is missing Candlepin SELinux policy
  • BZ - 907820 - CVE-2013-0256 rubygem-rdoc: Cross-site scripting in the documentation created by Darkfish Rdoc HTML generator / template
  • BZ - 908613 - CVE-2012-6119 Candlepin: Re-enable manifest signature checking
  • BZ - 909029 - CVE-2013-0269 rubygem-json: Denial of Service and SQL Injection
  • BZ - 909071 - CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
  • BZ - 909528 - CVE-2013-0276 rubygem-activerecord/rubygem-activemodel: circumvention of attr_protected
  • BZ - 918778 - Katello-configure overwrites candlepin-upstream-ca.crt, breaking manifest import
  • BZ - 918784 - CVE-2013-1823 Katello: Notifications page Username XSS
  • BZ - 922190 - Thumbslug can't read cert v3

CVEs

  • CVE-2012-6116
  • CVE-2013-0256
  • CVE-2013-0276
  • CVE-2013-0263
  • CVE-2012-6119
  • CVE-2013-0269
  • CVE-2013-1823

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
candlepin-0.7.24-1.el6_3.src.rpm SHA-256: e841500ffadb49d4c6e319bb15a7795b1cdc134357e0ae7e07bdd22d04a2a7fa
katello-1.2.1.1-1h.el6_4.src.rpm SHA-256: 3beb8c1288794c9ffa23e5b70946171b43d743ef3875afac0754996af1db94be
katello-configure-1.2.3.1-4h.el6_4.src.rpm SHA-256: a14bce5d439eb7b35401d3aefd5c66a3451546f4586f34744b61d0b991227b85
rubygem-actionpack-3.0.10-12.el6cf.src.rpm SHA-256: 64c431ed3fb03514fe25a96d770518cbcab5fd33ea2562046c505522508c0a4a
rubygem-activemodel-3.0.10-3.el6cf.src.rpm SHA-256: 0a31f4a0bd78cfcbf37d3afc815396d5df005080d784db154ddc2b73bb1162ea
rubygem-delayed_job-2.1.4-3.el6cf.src.rpm SHA-256: f62def9e34e2b991bc3e27a3eeffc41db684fb4c2595c459f1aaefd62b47045f
rubygem-json-1.7.3-2.el6_3.src.rpm SHA-256: 1de05e5bbefb237c6c1c4eb47ff22fbc91250cb22c0514b62306504670f22f68
rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.src.rpm SHA-256: 772473df95ae86dfdcea19a3d0d31d31d92ef3e49d0c8b9dbcfd0e29d22aeb4b
rubygem-rack-1.3.0-4.el6cf.src.rpm SHA-256: f363190f686df1d39148dd7ff11ad6e28539e5da32a86d80f20327f04f60e9da
rubygem-rails_warden-0.5.5-2.el6cf.src.rpm SHA-256: 5e9e5e6328bbcacf5618552654f353461fb2ca75892c47177eec19791a47325d
rubygem-rdoc-3.8-6.el6cf.src.rpm SHA-256: 66f4a1f17ae0c67b91f183d7ee20f543957f35da38aaa202050c94dd73099b9c
thumbslug-0.0.28.1-1.el6_4.src.rpm SHA-256: c0ea5b2e8f78429a7bf0775aed8bc5a8eddbbad68c1164eec1404f61c4de9c50
x86_64
candlepin-0.7.24-1.el6_3.noarch.rpm SHA-256: ca4765c17caa420493705065a1d20900443372b54102b8396c489396203f2cad
candlepin-devel-0.7.24-1.el6_3.noarch.rpm SHA-256: 73c456736bc66d79e247cbff5ccad39ad5052d54375bc5c749c4ec796bc8c23b
candlepin-selinux-0.7.24-1.el6_3.noarch.rpm SHA-256: fad6f9edc9a735188c2705518b7864daf8e3a5267dd17b95cd43d6c85062de01
candlepin-tomcat6-0.7.24-1.el6_3.noarch.rpm SHA-256: a96d1266495bffd9b5cfb75ce149b4934e29d69873b8649b2a2ff62074353c77
katello-common-1.2.1.1-1h.el6_4.noarch.rpm SHA-256: ad0a5f3ddb51bdb659a034027f024f9a88ed36e7caed28bfb7b1c23c5231412c
katello-configure-1.2.3.1-4h.el6_4.noarch.rpm SHA-256: a38861b4004702ab114e9615bbb39e637b1b485aa06d56b56d003a6292214544
katello-glue-candlepin-1.2.1.1-1h.el6_4.noarch.rpm SHA-256: c5ed08486d5d0fc849d4bfc88ff3cc23d083cbdb54bd67a7202c28c21e15a84c
katello-headpin-1.2.1.1-1h.el6_4.noarch.rpm SHA-256: 5dbb602d849fa14c4e80bd0a237e818c356039c7952b0bcafb8eb5d791716c8f
katello-headpin-all-1.2.1.1-1h.el6_4.noarch.rpm SHA-256: c43165b07b2fa4b3d145a3ddac8991b85d80ba6af6aa62cf93035e062a8b259b
ruby-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm SHA-256: 694af7dd76daaaa54eab7845bf749c459630e4c05a949b8ff4eb6d421314df65
rubygem-actionpack-3.0.10-12.el6cf.noarch.rpm SHA-256: f7225b67031d6c7865b98a1aa5999434c566cee03402553f9d018a6f6f41968d
rubygem-activemodel-3.0.10-3.el6cf.noarch.rpm SHA-256: 41616b9b62d942bd78282738b85a377efa1cac28dba6fdb852aea994ea0d18c1
rubygem-activemodel-doc-3.0.10-3.el6cf.noarch.rpm SHA-256: ebd619e9ee2e786c5776b4e9ba2a6ecc0e70779c5ab3873abd85272a61ef57ec
rubygem-delayed_job-2.1.4-3.el6cf.noarch.rpm SHA-256: 637f3143211c71e5c693ea00077d3533b494d6fdb2f64589a296cff4465ba2ec
rubygem-delayed_job-doc-2.1.4-3.el6cf.noarch.rpm SHA-256: 2618bc4d7d82d6fa9cb1145057b7a07a6c291d1f2ca8cfaaa448bd2d21550280
rubygem-json-1.7.3-2.el6_3.x86_64.rpm SHA-256: e4ff98c787af308928b8295f3195eec17fa297134d2540f41373585fd1813171
rubygem-json-debuginfo-1.7.3-2.el6_3.x86_64.rpm SHA-256: 07081cb4d8587b97062968f1295b61bd0055978b04af15aa98bfebee648b04bd
rubygem-nokogiri-1.5.0-0.9.beta4.el6cf.x86_64.rpm SHA-256: 2284596c7bf2ff29369643b60801b576895a969c6cd567ddaa828487eb27eb5c
rubygem-nokogiri-debuginfo-1.5.0-0.9.beta4.el6cf.x86_64.rpm SHA-256: dfe52ed08ad520d096a5c9bcbc11d6c7f6f9db0b9ab75c2dc59fec23516351eb
rubygem-nokogiri-doc-1.5.0-0.9.beta4.el6cf.noarch.rpm SHA-256: 365f41ee7f5651812d4a32601309759d518df5d43e2eecc513c2d22a9e375473
rubygem-rack-1.3.0-4.el6cf.noarch.rpm SHA-256: 9de6ead0063c7936ac3a2a5ab68e24208fa0f25e4713532c5194a969ba38ebd8
rubygem-rails_warden-0.5.5-2.el6cf.noarch.rpm SHA-256: 8de7b1b4f83ff37d4e9da059458da6cabe345c9eb538c29c1cc01839fd9a094c
rubygem-rails_warden-doc-0.5.5-2.el6cf.noarch.rpm SHA-256: eef9585883ce1dc9ccacdb3a984596237bdb8dfce17ef0c4258f055654127abb
rubygem-rdoc-3.8-6.el6cf.noarch.rpm SHA-256: 821b01aad5bd9034866fcfa8b0eb37b2f66d9f554914a9b15b5c17de6a4b6ac7
rubygem-rdoc-doc-3.8-6.el6cf.noarch.rpm SHA-256: b6c2a724e4bcf42249521ef1269f14cdd28ebeaf7c5c9b71f9a89ddb88c6e139
thumbslug-0.0.28.1-1.el6_4.noarch.rpm SHA-256: 0e460b0983b3c2cf0e58dcf5f9f3a5df708c60697a4b439e322d22f7a79161b9
thumbslug-selinux-0.0.28.1-1.el6_4.noarch.rpm SHA-256: ef7996dc3e3aa029dddb8a96a9be5a0fc5717614142e45aecaf43ae0267c1587

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter