Red Hat Product Errata RHSA-2024:6335 - Security Advisory
Issued:
2024-09-04
Updated:
2024-09-04

RHSA-2024:6335 - Security Advisory

Synopsis

Important: Satellite 6.15.3.1 Security Update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Satellite 6.15 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the
CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index

Affected Products

  • Red Hat Satellite 6.15 x86_64
  • Red Hat Satellite Capsule 6.15 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

  • BZ - 2299429 - CVE-2024-7012 puppet-foreman: An authentication bypass vulnerability exists in Foreman
  • BZ - 2305718 - CVE-2024-7923 puppet-pulpcore: An authentication bypass vulnerability exists in pulpcore

Red Hat Satellite 6.15

SRPM
foreman-installer-3.9.3.4-1.el8sat.src.rpm SHA-256: b9f6bf732ba60eecd7f79bb6a13a5e65f22fa81e34fbb1dcbfcf0f1b4b44d14d
satellite-6.15.3.1-2.el8sat.src.rpm SHA-256: 85cdf58becec07f118e6a25725d93c003370db701a2c6cf206488ced3142c3a9
x86_64
foreman-installer-3.9.3.4-1.el8sat.noarch.rpm SHA-256: d2eb5f87807d27be2924ca757dca2be7a85f5d82dc43be6f84428325b5b95039
foreman-installer-katello-3.9.3.4-1.el8sat.noarch.rpm SHA-256: c2d80956852aafbff7a2fc8bb7cfd0942568dabd139dc07e9beb3f40a04399e3
satellite-6.15.3.1-2.el8sat.noarch.rpm SHA-256: 0cef04973e1dbb606f05da90ba11f07777260c44586d0d43cb29436f60cb754e
satellite-cli-6.15.3.1-2.el8sat.noarch.rpm SHA-256: 5209acfd33542d19ae7fbdba341f1c62955279e268fc4a01fe9046893d9b7014
satellite-common-6.15.3.1-2.el8sat.noarch.rpm SHA-256: f532cd15c0c7efc8a93f722df302fb13555d8f191d866295b2adb22e7ee954bc

Red Hat Satellite Capsule 6.15

SRPM
foreman-installer-3.9.3.4-1.el8sat.src.rpm SHA-256: b9f6bf732ba60eecd7f79bb6a13a5e65f22fa81e34fbb1dcbfcf0f1b4b44d14d
satellite-6.15.3.1-2.el8sat.src.rpm SHA-256: 85cdf58becec07f118e6a25725d93c003370db701a2c6cf206488ced3142c3a9
x86_64
foreman-installer-3.9.3.4-1.el8sat.noarch.rpm SHA-256: d2eb5f87807d27be2924ca757dca2be7a85f5d82dc43be6f84428325b5b95039
foreman-installer-katello-3.9.3.4-1.el8sat.noarch.rpm SHA-256: c2d80956852aafbff7a2fc8bb7cfd0942568dabd139dc07e9beb3f40a04399e3
satellite-capsule-6.15.3.1-2.el8sat.noarch.rpm SHA-256: 033d19f4964b45e99c900dfa19aca57c7bc2487e94a51994585916d03b841c32
satellite-common-6.15.3.1-2.el8sat.noarch.rpm SHA-256: f532cd15c0c7efc8a93f722df302fb13555d8f191d866295b2adb22e7ee954bc

Red Hat Enterprise Linux for x86_64 8

SRPM
satellite-6.15.3.1-2.el8sat.src.rpm SHA-256: 85cdf58becec07f118e6a25725d93c003370db701a2c6cf206488ced3142c3a9
x86_64
satellite-cli-6.15.3.1-2.el8sat.noarch.rpm SHA-256: 5209acfd33542d19ae7fbdba341f1c62955279e268fc4a01fe9046893d9b7014

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.