Red Hat Product Errata RHSA-2024:0855 - Security Advisory
Issued:
2024-02-19
Updated:
2024-02-19

RHSA-2024:0855 - Security Advisory

Synopsis

Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Ansible Automation Platform 2.4

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

  • receptor: quic-go: memory exhaustion attack against QUIC's path validation mechanism (CVE-2023-49295)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional changes:

  • receptor has been updated to 1.4.4

Solution

Red Hat Ansible Automation Platform

Affected Products

  • Red Hat Ansible Automation Platform 2.4 for RHEL 9 x86_64
  • Red Hat Ansible Automation Platform 2.4 for RHEL 9 s390x
  • Red Hat Ansible Automation Platform 2.4 for RHEL 9 ppc64le
  • Red Hat Ansible Automation Platform 2.4 for RHEL 9 aarch64
  • Red Hat Ansible Automation Platform 2.4 for RHEL 8 x86_64
  • Red Hat Ansible Automation Platform 2.4 for RHEL 8 s390x
  • Red Hat Ansible Automation Platform 2.4 for RHEL 8 ppc64le
  • Red Hat Ansible Automation Platform 2.4 for RHEL 8 aarch64
  • Red Hat Ansible Inside 1.2 for RHEL 9 x86_64
  • Red Hat Ansible Inside 1.2 for RHEL 9 s390x
  • Red Hat Ansible Inside 1.2 for RHEL 9 ppc64le
  • Red Hat Ansible Inside 1.2 for RHEL 9 aarch64
  • Red Hat Ansible Inside 1.2 for RHEL 8 x86_64
  • Red Hat Ansible Inside 1.2 for RHEL 8 s390x
  • Red Hat Ansible Inside 1.2 for RHEL 8 ppc64le
  • Red Hat Ansible Inside 1.2 for RHEL 8 aarch64
  • Red Hat Ansible Developer 1.1 for RHEL 9 x86_64
  • Red Hat Ansible Developer 1.1 for RHEL 9 s390x
  • Red Hat Ansible Developer 1.1 for RHEL 9 ppc64le
  • Red Hat Ansible Developer 1.1 for RHEL 9 aarch64
  • Red Hat Ansible Developer 1.1 for RHEL 8 x86_64
  • Red Hat Ansible Developer 1.1 for RHEL 8 s390x
  • Red Hat Ansible Developer 1.1 for RHEL 8 ppc64le
  • Red Hat Ansible Developer 1.1 for RHEL 8 aarch64

Fixes

  • BZ - 2257815 - CVE-2023-49295 quic-go: memory exhaustion attack against QUIC's path validation mechanism

Red Hat Ansible Automation Platform 2.4 for RHEL 9

SRPM
receptor-1.4.4-1.el9ap.src.rpm SHA-256: 23f71b8b1d3983685e9e69c1ae5527c94f054650c245237e34171e7e670a2308
x86_64
receptor-1.4.4-1.el9ap.x86_64.rpm SHA-256: af3e0acec2f74fe97d109418cf9eeb7c9a24415bc247584c11813628f94e4cb6
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
s390x
receptor-1.4.4-1.el9ap.s390x.rpm SHA-256: b27f9455c90b5eb4d176185367acdefefea437d1ecbac3ff40e9734fc392a056
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
ppc64le
receptor-1.4.4-1.el9ap.ppc64le.rpm SHA-256: 559bfe17fb28c0006476d0cab4939fd45ece1951ad23f525894ed7e169a1becf
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
aarch64
receptor-1.4.4-1.el9ap.aarch64.rpm SHA-256: 6e3c20fbe649f35cefc1cea260c543c31fa62405f018756cba3b06723e96a6f6
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624

Red Hat Ansible Automation Platform 2.4 for RHEL 8

SRPM
receptor-1.4.4-1.el8ap.src.rpm SHA-256: 6c72f325e21d832aa592e2a20f102dcf9797951f7d80d0e9a80fd480645e2a43
x86_64
receptor-1.4.4-1.el8ap.x86_64.rpm SHA-256: 236d92563e82b4d5d0aa7f28f760c520f0fba0fa73c4d480c72f7ed8f85010d1
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
s390x
receptor-1.4.4-1.el8ap.s390x.rpm SHA-256: a3cc929386fda92f8ffcf7f67099c5ffc1ea62545bb27510a1eeffeee78048de
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
ppc64le
receptor-1.4.4-1.el8ap.ppc64le.rpm SHA-256: 4486c347a68222fda800d05a053369c401f8dee1afc35d41aca7d86de70732d1
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
aarch64
receptor-1.4.4-1.el8ap.aarch64.rpm SHA-256: f880edf3c2c991326af15e9f0f40a017a281dd45120b6ed94d715da211bea594
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c

Red Hat Ansible Inside 1.2 for RHEL 9

SRPM
receptor-1.4.4-1.el9ap.src.rpm SHA-256: 23f71b8b1d3983685e9e69c1ae5527c94f054650c245237e34171e7e670a2308
x86_64
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
s390x
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
ppc64le
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
aarch64
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624

Red Hat Ansible Inside 1.2 for RHEL 8

SRPM
receptor-1.4.4-1.el8ap.src.rpm SHA-256: 6c72f325e21d832aa592e2a20f102dcf9797951f7d80d0e9a80fd480645e2a43
x86_64
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
s390x
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
ppc64le
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
aarch64
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c

Red Hat Ansible Developer 1.1 for RHEL 9

SRPM
receptor-1.4.4-1.el9ap.src.rpm SHA-256: 23f71b8b1d3983685e9e69c1ae5527c94f054650c245237e34171e7e670a2308
x86_64
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
s390x
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
ppc64le
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624
aarch64
receptorctl-1.4.4-1.el9ap.noarch.rpm SHA-256: 81d06778b485a1d6a6cb690f2be80f5cfcb5ea9977faebfda0b5c3bd1a7d1624

Red Hat Ansible Developer 1.1 for RHEL 8

SRPM
receptor-1.4.4-1.el8ap.src.rpm SHA-256: 6c72f325e21d832aa592e2a20f102dcf9797951f7d80d0e9a80fd480645e2a43
x86_64
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
s390x
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
ppc64le
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c
aarch64
receptorctl-1.4.4-1.el8ap.noarch.rpm SHA-256: a6af21bf1e749a848e2b05a1b12fec82c74f28e1df004039e8ea79e5121d782c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.