Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:8717 - Security Advisory
Issued:
2024-10-31
Updated:
2024-10-31

RHSA-2024:8717 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: Satellite 6.13.7.3 Async Update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):

  • foreman: Read-only access to entire DB from templates (CVE-2024-8553)

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://docs.redhat.com/en/documentation/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index

Affected Products

  • Red Hat Satellite 6.13 x86_64
  • Red Hat Satellite Capsule 6.13 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

  • BZ - 2312524 - CVE-2024-8553 foreman: Read-only access to entire DB from templates
  • SAT-27302 - Host owner not set correctly during registration
  • SAT-27304 - satellite-clone fails due to missing 'get_md5' parameter for the 'stat' module

CVEs

  • CVE-2024-8553

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://docs.redhat.com/en/documentation/red_hat_satellite/6.13/html/upgrading_and_updating_red_hat_satellite/index
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite 6.13

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
rubygem-foreman_theme_satellite-11.0.0.7-1.el8sat.src.rpm SHA-256: bb24a8e0b541ccf19ba2e0f62d1299e6174a300c23906972063508f6d9ff8782
rubygem-katello-4.7.0.37-1.el8sat.src.rpm SHA-256: 48e789df66c8cf7b6f6cb443580226892f1d84a5782c5ca1b8bcd6675f87c670
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
satellite-lifecycle-6.13.0-1.el8sat.src.rpm SHA-256: 133ea7a6cad605ab12c87668b60223fb9f2b9a5fe0bed6161d34e9a1fb261afb
x86_64
foreman-3.5.1.25-1.el8sat.noarch.rpm SHA-256: d3fca64bd2141fcfa6ea793fe70ca63bd83a68bedf471ca4acd991c595d45fca
foreman-cli-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 3a8bf1bf0c133f59707feddf42eade2616bd11f7fbaee185df021285d2f3a72d
foreman-debug-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 5353491aa19f46c29605791e1ef7634d1497997783e9a8feb15f530f0c042ac8
foreman-dynflow-sidekiq-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 57d15c7da49ec15e68e2b1b0bec188ad6fcc1ecb02e8cfecdc37eb6ab332120c
foreman-ec2-3.5.1.25-1.el8sat.noarch.rpm SHA-256: c4c6d814a45b21a0d4c8deb36b7fbe4f4f289a1936675b15acdfa162f359d4b4
foreman-journald-3.5.1.25-1.el8sat.noarch.rpm SHA-256: f69891aa375ec3a8d842f8ae11e8d0c9617d881c707e1b6829af522775e8f415
foreman-libvirt-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 20379bf95517e6e200d760816c20dad9e4d89cd6153749780d3e641b812d9ea2
foreman-openstack-3.5.1.25-1.el8sat.noarch.rpm SHA-256: f20278974b5b1974378b3d4ef882b424bdba8997addc8d9f96f94874716bd529
foreman-ovirt-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 180338512d60f1800075e9d3559021804100942d007cb1a19c23303ec947b638
foreman-postgresql-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 9587d6f0363463ff738c4e2ca7f6c7203203131335202c57fb0d2350d2d162b7
foreman-service-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 85f299659074729b9f3ac12b711b506779becf005f3a8438a3ed2cbfa748b8e6
foreman-telemetry-3.5.1.25-1.el8sat.noarch.rpm SHA-256: cba54a32d6b089b0862f21e5d37433d08439f493997b1fd43b598feb83e48d4f
foreman-vmware-3.5.1.25-1.el8sat.noarch.rpm SHA-256: bb2a688b10e08c62e808bc00192e3c2a8cc0e22186b8cdfd7efa7c893a34991a
rubygem-foreman_theme_satellite-11.0.0.7-1.el8sat.noarch.rpm SHA-256: 9638a265a44790c49869f63a5f316ff8a2da4b83b39e097d06ae1715798ab5d2
rubygem-katello-4.7.0.37-1.el8sat.noarch.rpm SHA-256: 86792957cf9518fa31ec280b2f2f42b39a14ced2b93b7a240fdb3302f4caef03
satellite-6.13.7.3-1.el8sat.noarch.rpm SHA-256: ebd95d13983caf16ff8e6e5300ed3ed685ca835b10568b5e0972500a74092a04
satellite-cli-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 560b1664892bc142b1a1aadd3456714315531d4bcb1ecb64a35d2a57c0208912
satellite-common-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 809fb888a5ee7a2d989928894fb26d833d5b45b0bead40ec384375cd603e70a5
satellite-lifecycle-6.13.0-1.el8sat.noarch.rpm SHA-256: 56e0a0adf9f8af5ea64fe6877361ad7fded17624f6755a552244d046072190d8

Red Hat Satellite Capsule 6.13

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
x86_64
foreman-debug-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 5353491aa19f46c29605791e1ef7634d1497997783e9a8feb15f530f0c042ac8
satellite-capsule-6.13.7.3-1.el8sat.noarch.rpm SHA-256: e42a73f99ca659f3ee00e1241820f91d617dc8cb2e2e3427c011436270c375bb
satellite-common-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 809fb888a5ee7a2d989928894fb26d833d5b45b0bead40ec384375cd603e70a5

Red Hat Enterprise Linux for x86_64 8

SRPM
foreman-3.5.1.25-1.el8sat.src.rpm SHA-256: 14df7e2027eb498a914807b5d222ca7810f137448080866069c48e771ba3f289
satellite-6.13.7.3-1.el8sat.src.rpm SHA-256: 061be0f33ac6d6a2e6e0b5f1106f33c9e1ca2bb8fadfc67ad4310de266660e3b
satellite-clone-3.6.1-1.el8sat.src.rpm SHA-256: c9f49b83c93fc8774dc0c0dbbeb6059da39d9f53f2c9ede015160dec1e74b016
x86_64
foreman-cli-3.5.1.25-1.el8sat.noarch.rpm SHA-256: 3a8bf1bf0c133f59707feddf42eade2616bd11f7fbaee185df021285d2f3a72d
satellite-cli-6.13.7.3-1.el8sat.noarch.rpm SHA-256: 560b1664892bc142b1a1aadd3456714315531d4bcb1ecb64a35d2a57c0208912
satellite-clone-3.6.1-1.el8sat.noarch.rpm SHA-256: 691e34b3e214102434c2aea51ff2e5c1abf328b8f08fabd647e4620b50b99d9c

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility