Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2023:1630 - Security Advisory
Issued:
2023-04-04
Updated:
2023-04-04

RHSA-2023:1630 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: Satellite 6.12.3 Async Security Update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated Satellite 6.12 packages that fixes important security bugs and several
regular bugs are now available for Red Hat Satellite.

Description

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

Security fix(es):

  • Candlepin: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k (CVE-2022-41946)

This update fixes the following bugs:

2163538 - Pages Blank
2174984 - Getting 'null value in column \"image_manifest_id\" violates not-null constraint' when syncing openstack container repos
2174987 - (Regression of 2033940) Error: AttributeError: 'NoneType' object has no attribute 'cast' thrown while listing repository versions
2174994 - VMware Image based Provisioning fails with error- : Could not find virtual machine network interface matching <IP>
2174997 - Package and Errata actions on content hosts selected using the "select all hosts" option fails.
2174998 - Subscription can't be blank, A Pool and its Subscription cannot belong to different organizations
2175002 - Getting "undefined method `schema_version' for nil:NilClass" while syncing from quay.io
2175005 - New kickstart_kernel_options snippet breaks UEFI (Grub2) PXE provisioning when boot_mode is static
2175008 - RHEL 9 as Guest OS is not available on Satellite 6.11
2174995 - Health check should use hostname -f
2175007 - [regression] data.yml is referring to old sync plain id which does not exist in katello_sync_plans
2176272 - new wait task introduced by rh_cloud 6.0.44 is not recognized by maintain as OK to interrupt
2175010 - Some custom repositories are failing to synchorize with error "This field may not be blank" after upgrading to Red Hat Satellite 6.11
2176922 - [RFE] Need syncable yum-format repository imports
2175003 - Can't perform incremental content exports in syncable format

Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Satellite 6.12 x86_64
  • Red Hat Satellite Capsule 6.12 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

  • BZ - 2153399 - CVE-2022-41946 postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions
  • BZ - 2163538 - Pages Blank
  • BZ - 2174984 - Getting 'null value in column \"image_manifest_id\" violates not-null constraint' when syncing openstack container repos
  • BZ - 2174987 - (Regression of 2033940) Error: AttributeError: 'NoneType' object has no attribute 'cast' thrown while listing repository versions
  • BZ - 2174994 - VMware Image based Provisioning fails with error- : Could not find virtual machine network interface matching <IP>
  • BZ - 2174995 - Health check should use hostname -f
  • BZ - 2174997 - Package and Errata actions on content hosts selected using the "select all hosts" option fails.
  • BZ - 2174998 - Subscription can't be blank, A Pool and its Subscription cannot belong to different organizations
  • BZ - 2175002 - Getting "undefined method `schema_version' for nil:NilClass" while syncing from quay.io
  • BZ - 2175003 - Can't perform incremental content exports in syncable format
  • BZ - 2175005 - New kickstart_kernel_options snippet breaks UEFI (Grub2) PXE provisioning when boot_mode is static
  • BZ - 2175007 - [regression] data.yml is referring to old sync plain id which does not exist in katello_sync_plans
  • BZ - 2175008 - RHEL 9 as Guest OS is not available on Satellite 6.11
  • BZ - 2175010 - Some custom repositories are failing to synchorize with error "This field may not be blank" after upgrading to Red Hat Satellite 6.11
  • BZ - 2176272 - new wait task introduced by rh_cloud 6.0.44 is not recognized by maintain as OK to interrupt
  • BZ - 2176922 - [RFE] Need syncable yum-format repository imports

CVEs

  • CVE-2022-41946

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite 6.12

SRPM
candlepin-4.1.20-1.el8sat.src.rpm SHA-256: 346847657c60ccd666ce5fed8b093ad697aa8dcdc4d1dbd493e5b06492dbc41b
foreman-3.3.0.21-2.el8sat.src.rpm SHA-256: 3f0834a984705c55daebe4168023bfc040eedb4a7a1123fbab9c8acc11984f49
python-django-3.2.16-1.el8pc.src.rpm SHA-256: f516eac58d9354c32d84d9f15396e942543fba4dbf389fcb0bacdd91f7520345
python-pulp-container-2.10.12-1.el8pc.src.rpm SHA-256: 9b70d268759ff149f697e0a3b819bbb0bbcd294deeca9903fb9aaaf17d8d707f
python-pulpcore-3.18.16-1.el8pc.src.rpm SHA-256: 8a1be5f6f590196c1b6bc9c95334ccf9a68e94ec9debecdf61fb1eea00b2c0cb
rubygem-fog-vsphere-3.6.0-1.el8sat.src.rpm SHA-256: 6bb8b6682f02465d1d14b1a56d41394e975999ce4d2329415a2f76055e113c95
rubygem-foreman_maintain-1.1.12-1.el8sat.src.rpm SHA-256: 331ad894085a8d7feb30dec40a7e2d87ddaf9bfe247dbf2137ae82666012d71e
rubygem-hammer_cli_katello-1.6.0.2-1.el8sat.src.rpm SHA-256: 1ec9a4b7c068a5b9b6be73b45648cab76d194df243f23832b27a3ac06b83aa70
rubygem-katello-4.5.0.32-1.el8sat.src.rpm SHA-256: e2096e5e31a246c25899840cbe1ca3c78816ab650fc0561b91f274394d603d5d
rubygem-optimist-3.0.1-1.el8sat.src.rpm SHA-256: 8d827772525c54a2313617817e0cb3e1d817b510b22516124756562d483ebe0b
rubygem-rbvmomi2-3.6.0-2.el8sat.src.rpm SHA-256: 139896162b7570f89ddccde5a539e8ec12e561c9a276b9e5edf2676aca6d6be8
satellite-6.12.3-1.el8sat.src.rpm SHA-256: b7e2fbaa5f82ce1cd824960060a7363e691a5c4de41f716b15b46a17a67ebfa2
x86_64
candlepin-4.1.20-1.el8sat.noarch.rpm SHA-256: dc65236f025d116ca4ad42f7f8799a170f2f367da05a0cae6750fb900a2876a9
candlepin-selinux-4.1.20-1.el8sat.noarch.rpm SHA-256: fc8e96387613765708cf515226be3f5c37bfe429c9f0c3c51e56854acb2f7e2d
foreman-3.3.0.21-2.el8sat.noarch.rpm SHA-256: faeefbb4fc2baea56fd5f1c9206eedd7358c51b461fbc655cc26decfc7cd1214
foreman-cli-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c2827b228f4d3375e90815a60e29c5845a397c17da8d7e49762cfd11334d3f25
foreman-debug-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c12ff146996ad3c77a4f358c4de39646ed5ce0ecfaff2a20429f1b136d7f277a
foreman-dynflow-sidekiq-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c918d6d92d807c7656db823d6a541e336f865e35af251c8dfd63496250fab570
foreman-ec2-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 5a88d481dbea5be0d7e962cdf6c07bc80af1be3c6f34d9db095d83f7e7ed30b6
foreman-gce-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 4128972a65e69dacd8d531937a7f82678fd80e7c5040a1b272eb25041dd218fa
foreman-journald-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c608ed0033b2b41d44ba0fd34093f29e391b49e74770a70bcca3db2f536cd8f0
foreman-libvirt-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 08fdd54b81c925119a5fa5e487ae4e2269b2b969ea3f580733fa922491eab757
foreman-openstack-3.3.0.21-2.el8sat.noarch.rpm SHA-256: bd746df415a61eb9fc67345a8bb9f04443465995b040a270b1e6a3397600098c
foreman-ovirt-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 79ff5697671109bafb9df7cc00668031bfb9db3b4db956c3b4087817d4204ef6
foreman-postgresql-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 4f0f0eff13d0b026b501325e5a2c3b1fffefad74fd5902490bc48b0f78bd222f
foreman-service-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 463d6ade4bcc36329737f091999680bd4e6e4536a1905121d6056c48afb59f4a
foreman-telemetry-3.3.0.21-2.el8sat.noarch.rpm SHA-256: ebaa35df47c9a3df8dc24812b6e2306427d5b31c3c8a942a14f884c69bbe11eb
foreman-vmware-3.3.0.21-2.el8sat.noarch.rpm SHA-256: 56b5e3351b4e6d3a50f0693f99c510531d03b99b2c178d7dbc4e2dffbec63c25
python39-django-3.2.16-1.el8pc.noarch.rpm SHA-256: 9c7924cd8936834939e8310b99bc76e378bdd5a0a6a2f4056722e320dd83cdab
python39-pulp-container-2.10.12-1.el8pc.noarch.rpm SHA-256: dc424db94f97169493bf4f2e103ef1893556e5d5266e0104d9ce41957795019e
python39-pulpcore-3.18.16-1.el8pc.noarch.rpm SHA-256: 9da831af382222aff43f7c775e0ae8046889db2387256f99d80910c9e93a3289
rubygem-fog-vsphere-3.6.0-1.el8sat.noarch.rpm SHA-256: 835ea0ef40bf1c14e96ec60d198229f10c87a1f5dd6e96d92a458127245d7c29
rubygem-foreman_maintain-1.1.12-1.el8sat.noarch.rpm SHA-256: 083d754e6d15eea7edaab8860d9fa92d0263e06c091858ef7d33d0dbd871e8d3
rubygem-hammer_cli_katello-1.6.0.2-1.el8sat.noarch.rpm SHA-256: eacaa1c9db05481b06057815d41e3c478372545c2e13f3f6531e83dd0b524870
rubygem-katello-4.5.0.32-1.el8sat.noarch.rpm SHA-256: 3d751404ab52f30bbb3a4daf3ade1ea53b79ece842972bce56a4b0752461ffe8
rubygem-optimist-3.0.1-1.el8sat.noarch.rpm SHA-256: 86b074fa0d85d682ee363305aba3c9cb8718731e2eedf029ebeb57bc114fa3cb
rubygem-rbvmomi2-3.6.0-2.el8sat.noarch.rpm SHA-256: 0ba4ce5c54a92422bf11fd0e6b00e19f19d06e568f19ef03a8323019c2ea4a8c
satellite-6.12.3-1.el8sat.noarch.rpm SHA-256: f4871f88055d2a83f72ec1cce0bbf1f99abdd16d6efbce0b51e0f4b510755b43
satellite-cli-6.12.3-1.el8sat.noarch.rpm SHA-256: a38562ac2f1cd9ac188d08076fac181a77ad2bc79a1690e2af82442ae8b2f0aa
satellite-common-6.12.3-1.el8sat.noarch.rpm SHA-256: b5e86c99c39949e1bb9ae210246aea65b3b0b09f7600cf11ed46ec2fe5561015

Red Hat Satellite Capsule 6.12

SRPM
foreman-3.3.0.21-2.el8sat.src.rpm SHA-256: 3f0834a984705c55daebe4168023bfc040eedb4a7a1123fbab9c8acc11984f49
python-django-3.2.16-1.el8pc.src.rpm SHA-256: f516eac58d9354c32d84d9f15396e942543fba4dbf389fcb0bacdd91f7520345
python-pulp-container-2.10.12-1.el8pc.src.rpm SHA-256: 9b70d268759ff149f697e0a3b819bbb0bbcd294deeca9903fb9aaaf17d8d707f
python-pulpcore-3.18.16-1.el8pc.src.rpm SHA-256: 8a1be5f6f590196c1b6bc9c95334ccf9a68e94ec9debecdf61fb1eea00b2c0cb
rubygem-foreman_maintain-1.1.12-1.el8sat.src.rpm SHA-256: 331ad894085a8d7feb30dec40a7e2d87ddaf9bfe247dbf2137ae82666012d71e
satellite-6.12.3-1.el8sat.src.rpm SHA-256: b7e2fbaa5f82ce1cd824960060a7363e691a5c4de41f716b15b46a17a67ebfa2
x86_64
foreman-debug-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c12ff146996ad3c77a4f358c4de39646ed5ce0ecfaff2a20429f1b136d7f277a
python39-django-3.2.16-1.el8pc.noarch.rpm SHA-256: 9c7924cd8936834939e8310b99bc76e378bdd5a0a6a2f4056722e320dd83cdab
python39-pulp-container-2.10.12-1.el8pc.noarch.rpm SHA-256: dc424db94f97169493bf4f2e103ef1893556e5d5266e0104d9ce41957795019e
python39-pulpcore-3.18.16-1.el8pc.noarch.rpm SHA-256: 9da831af382222aff43f7c775e0ae8046889db2387256f99d80910c9e93a3289
rubygem-foreman_maintain-1.1.12-1.el8sat.noarch.rpm SHA-256: 083d754e6d15eea7edaab8860d9fa92d0263e06c091858ef7d33d0dbd871e8d3
satellite-capsule-6.12.3-1.el8sat.noarch.rpm SHA-256: 8de3c3d399222bdf6b56fc4af2b5bb78f7bc258d6ef008efe9887e831a743edf
satellite-common-6.12.3-1.el8sat.noarch.rpm SHA-256: b5e86c99c39949e1bb9ae210246aea65b3b0b09f7600cf11ed46ec2fe5561015

Red Hat Enterprise Linux for x86_64 8

SRPM
foreman-3.3.0.21-2.el8sat.src.rpm SHA-256: 3f0834a984705c55daebe4168023bfc040eedb4a7a1123fbab9c8acc11984f49
rubygem-foreman_maintain-1.1.12-1.el8sat.src.rpm SHA-256: 331ad894085a8d7feb30dec40a7e2d87ddaf9bfe247dbf2137ae82666012d71e
rubygem-hammer_cli_katello-1.6.0.2-1.el8sat.src.rpm SHA-256: 1ec9a4b7c068a5b9b6be73b45648cab76d194df243f23832b27a3ac06b83aa70
satellite-6.12.3-1.el8sat.src.rpm SHA-256: b7e2fbaa5f82ce1cd824960060a7363e691a5c4de41f716b15b46a17a67ebfa2
x86_64
foreman-cli-3.3.0.21-2.el8sat.noarch.rpm SHA-256: c2827b228f4d3375e90815a60e29c5845a397c17da8d7e49762cfd11334d3f25
rubygem-foreman_maintain-1.1.12-1.el8sat.noarch.rpm SHA-256: 083d754e6d15eea7edaab8860d9fa92d0263e06c091858ef7d33d0dbd871e8d3
rubygem-hammer_cli_katello-1.6.0.2-1.el8sat.noarch.rpm SHA-256: eacaa1c9db05481b06057815d41e3c478372545c2e13f3f6531e83dd0b524870
satellite-cli-6.12.3-1.el8sat.noarch.rpm SHA-256: a38562ac2f1cd9ac188d08076fac181a77ad2bc79a1690e2af82442ae8b2f0aa

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
2023
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Twitter Facebook