- Issued:
- 2020-10-14
- Updated:
- 2020-10-14
RHSA-2020:4254 - Security Advisory
Synopsis
Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
Description
- Updated python-psutil version to 5.6.6 inside ansible-runner container (CVE-2019-18874)
Solution
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html
Affected Products
- Red Hat Ansible Automation Platform Text-Only Advisories for RHEL 7 x86_64
Fixes
- BZ - 1772014 - CVE-2019-18874 python-psutil: double free because of refcount mishandling
CVEs
- CVE-2017-12652
- CVE-2018-20843
- CVE-2019-5094
- CVE-2019-5188
- CVE-2019-5482
- CVE-2019-11719
- CVE-2019-11727
- CVE-2019-11756
- CVE-2019-12450
- CVE-2019-12749
- CVE-2019-14822
- CVE-2019-14866
- CVE-2019-14973
- CVE-2019-15903
- CVE-2019-16935
- CVE-2019-17006
- CVE-2019-17023
- CVE-2019-17498
- CVE-2019-17546
- CVE-2019-18874
- CVE-2019-19126
- CVE-2019-19956
- CVE-2019-20386
- CVE-2019-20388
- CVE-2020-5313
- CVE-2020-6829
- CVE-2020-7595
- CVE-2020-12243
- CVE-2020-12400
- CVE-2020-12401
- CVE-2020-12402
- CVE-2020-12403
- CVE-2020-14365
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.