Red Hat Product Errata RHSA-2024:8717 - Security Advisory
Issued:
2024-10-31
Updated:
2024-10-31

RHSA-2024:8717 - Security Advisory

Synopsis

Moderate: Satellite 6.13.7.3 Async Update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):

  • foreman: Read-only access to entire DB from templates (CVE-2024-8553)

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://docs.redhat.com/en/documentation/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index

Affected Products

  • Red Hat Satellite 6.13 x86_64
  • Red Hat Satellite Capsule 6.13 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

  • BZ - 2312524 - CVE-2024-8553 foreman: Read-only access to entire DB from templates
  • SAT-27302 - Host owner not set correctly during registration
  • SAT-27304 - satellite-clone fails due to missing 'get_md5' parameter for the 'stat' module

Red Hat Satellite 6.13

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
rubygem-foreman_theme_satellite-11.0.0.7-1.el8sat.src.rpm SHA-256: bb24a8e0b541ccf19ba2e0f62d1299e6174a300c23906972063508f6d9ff8782
rubygem-katello-4.7.0.37-1.el8sat.src.rpm SHA-256: 48e789df66c8cf7b6f6cb443580226892f1d84a5782c5ca1b8bcd6675f87c670
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
satellite-lifecycle-6.13.0-1.el8sat.src.rpm SHA-256: 133ea7a6cad605ab12c87668b60223fb9f2b9a5fe0bed6161d34e9a1fb261afb
x86_64
foreman-3.5.1.25-1.el8sat.noarch.rpm SHA-256: d3fca64bd2141fcfa6ea793fe70ca63bd83a68bedf471ca4acd991c595d45fca
foreman-cli-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 3a8bf1bf0c133f59707feddf42eade2616bd11f7fbaee185df021285d2f3a72d
foreman-debug-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 5353491aa19f46c29605791e1ef7634d1497997783e9a8feb15f530f0c042ac8
foreman-dynflow-sidekiq-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 57d15c7da49ec15e68e2b1b0bec188ad6fcc1ecb02e8cfecdc37eb6ab332120c
foreman-ec2-3.5.1.25-1.el8sat.noarch.rpm SHA-256: c4c6d814a45b21a0d4c8deb36b7fbe4f4f289a1936675b15acdfa162f359d4b4
foreman-journald-3.5.1.25-1.el8sat.noarch.rpm SHA-256: f69891aa375ec3a8d842f8ae11e8d0c9617d881c707e1b6829af522775e8f415
foreman-libvirt-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 20379bf95517e6e200d760816c20dad9e4d89cd6153749780d3e641b812d9ea2
foreman-openstack-3.5.1.25-1.el8sat.noarch.rpm SHA-256: f20278974b5b1974378b3d4ef882b424bdba8997addc8d9f96f94874716bd529
foreman-ovirt-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 180338512d60f1800075e9d3559021804100942d007cb1a19c23303ec947b638
foreman-postgresql-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 9587d6f0363463ff738c4e2ca7f6c7203203131335202c57fb0d2350d2d162b7
foreman-service-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 85f299659074729b9f3ac12b711b506779becf005f3a8438a3ed2cbfa748b8e6
foreman-telemetry-3.5.1.25-1.el8sat.noarch.rpm SHA-256: cba54a32d6b089b0862f21e5d37433d08439f493997b1fd43b598feb83e48d4f
foreman-vmware-3.5.1.25-1.el8sat.noarch.rpm SHA-256: bb2a688b10e08c62e808bc00192e3c2a8cc0e22186b8cdfd7efa7c893a34991a
rubygem-foreman_theme_satellite-11.0.0.7-1.el8sat.noarch.rpm SHA-256: 9638a265a44790c49869f63a5f316ff8a2da4b83b39e097d06ae1715798ab5d2
rubygem-katello-4.7.0.37-1.el8sat.noarch.rpm SHA-256: 86792957cf9518fa31ec280b2f2f42b39a14ced2b93b7a240fdb3302f4caef03
satellite-6.13.7.3-1.el8sat.noarch.rpm SHA-256: ebd95d13983caf16ff8e6e5300ed3ed685ca835b10568b5e0972500a74092a04
satellite-cli-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 560b1664892bc142b1a1aadd3456714315531d4bcb1ecb64a35d2a57c0208912
satellite-common-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 809fb888a5ee7a2d989928894fb26d833d5b45b0bead40ec384375cd603e70a5
satellite-lifecycle-6.13.0-1.el8sat.noarch.rpm SHA-256: 56e0a0adf9f8af5ea64fe6877361ad7fded17624f6755a552244d046072190d8

Red Hat Satellite Capsule 6.13

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
x86_64
foreman-debug-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 5353491aa19f46c29605791e1ef7634d1497997783e9a8feb15f530f0c042ac8
satellite-capsule-6.13.7.3-1.el8sat.noarch.rpm SHA-256: e42a73f99ca659f3ee00e1241820f91d617dc8cb2e2e3427c011436270c375bb
satellite-common-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 809fb888a5ee7a2d989928894fb26d833d5b45b0bead40ec384375cd603e70a5

Red Hat Enterprise Linux for x86_64 8

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
satellite-clone-3.6.1-1.el8sat.src.rpm SHA-256: c9f49b83c93fc8774dc0c0dbbeb6059da39d9f53f2c9ede015160dec1e74b016
x86_64
foreman-cli-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 3a8bf1bf0c133f59707feddf42eade2616bd11f7fbaee185df021285d2f3a72d
satellite-cli-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 560b1664892bc142b1a1aadd3456714315531d4bcb1ecb64a35d2a57c0208912
satellite-clone-3.6.1-1.el8sat.noarch.rpm SHA-256: 691e34b3e214102434c2aea51ff2e5c1abf328b8f08fabd647e4620b50b99d9c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.