Red Hat Product Errata RHSA-2024:6337 - Security Advisory
Issued:
2024-09-04
Updated:
2024-09-04

RHSA-2024:6337 - Security Advisory

Synopsis

Important: Satellite 6.13.7.2 Security Update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Satellite 6.13 for RHEL 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the
CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://docs.redhat.com/en/documentation/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index

Affected Products

  • Red Hat Satellite 6.13 x86_64
  • Red Hat Satellite Capsule 6.13 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

  • BZ - 2299429 - CVE-2024-7012 puppet-foreman: An authentication bypass vulnerability exists in Foreman
  • BZ - 2305718 - CVE-2024-7923 puppet-pulpcore: An authentication bypass vulnerability exists in pulpcore

Red Hat Satellite 6.13

SRPM
foreman-installer-3.5.2.8-1.el8sat.src.rpm SHA-256: f986b7edbd2436c88ac019367a7d48d38c51e51e9c2d0c573c86933024ac532b
satellite-6.13.7.2-1.el8sat.src.rpm SHA-256: 6cb0711fde216c2e0bf5d58464a462e33f9a30dd7c9c7b25a5e53d9ed3e2a3eb
x86_64
foreman-installer-3.5.2.8-1.el8sat.noarch.rpm SHA-256: 7ffd7e7d3103b334e3b0e59bb1f14bf3e438a3f457ad17126064acd380a7ca39
foreman-installer-katello-3.5.2.8-1.el8sat.noarch.rpm SHA-256: 1be8c3f15cfd6be7a5df6f11ea97a1d4288dcfb33bd89b5595d232e9eb59885a
satellite-6.13.7.2-1.el8sat.noarch.rpm SHA-256: 11682b5facafda68feda4837b04f2c96dab29a620ebb6c29b42b46b3b80c15dd
satellite-cli-6.13.7.2-1.el8sat.noarch.rpm SHA-256: edb60e97bdfab2290d364e46c50098d3919d8c0e899cfaa4425d234c166afd0a
satellite-common-6.13.7.2-1.el8sat.noarch.rpm SHA-256: f6e9ec11ecf9ff856b3b66fe7aac203444bb80d003ec3ec6bfefec4e4499053e

Red Hat Satellite Capsule 6.13

SRPM
foreman-installer-3.5.2.8-1.el8sat.src.rpm SHA-256: f986b7edbd2436c88ac019367a7d48d38c51e51e9c2d0c573c86933024ac532b
satellite-6.13.7.2-1.el8sat.src.rpm SHA-256: 6cb0711fde216c2e0bf5d58464a462e33f9a30dd7c9c7b25a5e53d9ed3e2a3eb
x86_64
foreman-installer-3.5.2.8-1.el8sat.noarch.rpm SHA-256: 7ffd7e7d3103b334e3b0e59bb1f14bf3e438a3f457ad17126064acd380a7ca39
foreman-installer-katello-3.5.2.8-1.el8sat.noarch.rpm SHA-256: 1be8c3f15cfd6be7a5df6f11ea97a1d4288dcfb33bd89b5595d232e9eb59885a
satellite-capsule-6.13.7.2-1.el8sat.noarch.rpm SHA-256: 242665caefb6f755b77bb4d84bf9e4b3b24417ef1cedd4794c9d80f654c92c92
satellite-common-6.13.7.2-1.el8sat.noarch.rpm SHA-256: f6e9ec11ecf9ff856b3b66fe7aac203444bb80d003ec3ec6bfefec4e4499053e

Red Hat Enterprise Linux for x86_64 8

SRPM
satellite-6.13.7.2-1.el8sat.src.rpm SHA-256: 6cb0711fde216c2e0bf5d58464a462e33f9a30dd7c9c7b25a5e53d9ed3e2a3eb
x86_64
satellite-cli-6.13.7.2-1.el8sat.noarch.rpm SHA-256: edb60e97bdfab2290d364e46c50098d3919d8c0e899cfaa4425d234c166afd0a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.