红帽产品勘误 RHSA-2024:8719 - Security Advisory
发布:
2024-10-31
已更新:
2024-10-31

RHSA-2024:8719 - Security Advisory

概述

Important: Satellite 6.15.4.2 Async Update

类型/严重性

Security Advisory: Important

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from the
CVE link(s) in the References section.

描述

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):

  • mosquitto: sending specific sequences of packets may trigger memory leak (CVE-2024-8376)
  • foreman: Read-only access to entire DB from templates (CVE-2024-8553)

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

解决方案

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.15/html/updating_red_hat_satellite/index

受影响的产品

  • Red Hat Satellite 6.15 x86_64
  • Red Hat Satellite Capsule 6.15 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64

修复

  • BZ - 2312524 - CVE-2024-8553 foreman: Read-only access to entire DB from templates
  • BZ - 2318080 - CVE-2024-8376 mosquitto: sending specific sequences of packets may trigger memory leak

Red Hat Satellite 6.15

SRPM
foreman-3.9.1.11-1.el8sat.src.rpm SHA-256: 9b3bca754249e2cd3bb95fe08b20530cdd82b5127688405d45c3896e97f70809
mosquitto-2.0.19-1.el8sat.src.rpm SHA-256: 13d0478eadff182e66241755372e4c8edb492295d5cb2ce7d3de5e43d27fe33a
satellite-6.15.4.2-1.el8sat.src.rpm SHA-256: 0c325ddd5a383f1588d217beef928eb1191d872f4eac3a344b80212fad55c32e
x86_64
foreman-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 74c068288532eb3694efb8bb379ddf09ee88c2eee614ee3a4beebf5fb719723c
foreman-cli-3.9.1.11-1.el8sat.noarch.rpm SHA-256: a3b582c475838dfe5ed23ca18bfd5aacaece138f8390cc0656f76a4ec285b8f7
foreman-debug-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 20c10f8a363c130a092a1b446c0950857a051ca8a0c9a8b37f6d82c9074ecf77
foreman-dynflow-sidekiq-3.9.1.11-1.el8sat.noarch.rpm SHA-256: d430588d1a0a9beccf6ab5f27b0e504ba8f7f4229bfd7bb2c04179165d84443a
foreman-ec2-3.9.1.11-1.el8sat.noarch.rpm SHA-256: c9b7792ea7e6c1c2876acc621d7cdb9148b3ef12b7bf172cc0df35e9baa136e7
foreman-journald-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 0aa4d7906190ef00d91da71d739e134b89b19f2c338211455f4e0166bbe9dae0
foreman-libvirt-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 1902467273c255a2ebeef549b1176c28b8e248ce03b2d7fc45f1ba72e75106a0
foreman-openstack-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 03f63e1f990fbca437b4b1d0aaba8deac5cbe3e90ed624fdcc706bf10ac2c4a1
foreman-ovirt-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 1e6dc40056c2f5b27861d9147f6b046fcb388e6a27c66ee7dc79eb3700eda813
foreman-pcp-3.9.1.11-1.el8sat.noarch.rpm SHA-256: ff0b90e9041eab32e068fe070f5a7f3eedce5501c7f4cc0c3fb415df9d7946dd
foreman-postgresql-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 25e1d2c2332b16da2decaf2ccb2adf39745e35ba6317b08d82e33b6a740220f5
foreman-redis-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 18d839ed7d8b0cba5adb76f63e7ccf4b44c58eac9fa6072f77cd4c0c4deb62e4
foreman-service-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 2381266e4f45dde08f7aa12ff6e18ebe63b8c5738d16c6659fb276aa91692adf
foreman-telemetry-3.9.1.11-1.el8sat.noarch.rpm SHA-256: d2c2356d5f20009037e6c9051d3b7adce6edf70f84f3dd8d47a55fc981ab96b3
foreman-vmware-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 7e20facb75d279acdbb6b7f60e27198e72302d76558aeb5174816a2699f313ed
mosquitto-2.0.19-1.el8sat.x86_64.rpm SHA-256: 6b647773e500c813a7186b1bcb60bd8914a19ede95e3676c08dd607f10b64336
mosquitto-debuginfo-2.0.19-1.el8sat.x86_64.rpm SHA-256: 079730e4c3bedd2b794fd603b05a5959cdce6c54c88bba05d2e52c59733388a4
mosquitto-debugsource-2.0.19-1.el8sat.x86_64.rpm SHA-256: 2e772a303020a71ef1d68eff9462b61c90f577c71cb2771708dcb996137cb534
satellite-6.15.4.2-1.el8sat.noarch.rpm SHA-256: 68282c8b3a654869a0d69443ca2de59544c3ae3d68a5c5fbc9aeece57b4764ed
satellite-cli-6.15.4.2-1.el8sat.noarch.rpm SHA-256: 6108d5615389d46688765470c341266cafceae05036ffa03d8935963dfd4c4b9
satellite-common-6.15.4.2-1.el8sat.noarch.rpm SHA-256: dd9338dd8125338bff98dfcaad35afe1148e9175cf32d4063324fcafe979df67

Red Hat Satellite Capsule 6.15

SRPM
foreman-3.9.1.11-1.el8sat.src.rpm SHA-256: 9b3bca754249e2cd3bb95fe08b20530cdd82b5127688405d45c3896e97f70809
mosquitto-2.0.19-1.el8sat.src.rpm SHA-256: 13d0478eadff182e66241755372e4c8edb492295d5cb2ce7d3de5e43d27fe33a
satellite-6.15.4.2-1.el8sat.src.rpm SHA-256: 0c325ddd5a383f1588d217beef928eb1191d872f4eac3a344b80212fad55c32e
x86_64
foreman-debug-3.9.1.11-1.el8sat.noarch.rpm SHA-256: 20c10f8a363c130a092a1b446c0950857a051ca8a0c9a8b37f6d82c9074ecf77
foreman-pcp-3.9.1.11-1.el8sat.noarch.rpm SHA-256: ff0b90e9041eab32e068fe070f5a7f3eedce5501c7f4cc0c3fb415df9d7946dd
mosquitto-2.0.19-1.el8sat.x86_64.rpm SHA-256: 6b647773e500c813a7186b1bcb60bd8914a19ede95e3676c08dd607f10b64336
mosquitto-debuginfo-2.0.19-1.el8sat.x86_64.rpm SHA-256: 079730e4c3bedd2b794fd603b05a5959cdce6c54c88bba05d2e52c59733388a4
mosquitto-debugsource-2.0.19-1.el8sat.x86_64.rpm SHA-256: 2e772a303020a71ef1d68eff9462b61c90f577c71cb2771708dcb996137cb534
satellite-capsule-6.15.4.2-1.el8sat.noarch.rpm SHA-256: 0df05a1caf39e4bd865b6281e4f567279306f5b4ae88f37593e7e4fa2e825221
satellite-common-6.15.4.2-1.el8sat.noarch.rpm SHA-256: dd9338dd8125338bff98dfcaad35afe1148e9175cf32d4063324fcafe979df67

Red Hat Enterprise Linux for x86_64 8

SRPM
foreman-3.9.1.11-1.el8sat.src.rpm SHA-256: 9b3bca754249e2cd3bb95fe08b20530cdd82b5127688405d45c3896e97f70809
satellite-6.15.4.2-1.el8sat.src.rpm SHA-256: 0c325ddd5a383f1588d217beef928eb1191d872f4eac3a344b80212fad55c32e
x86_64
foreman-cli-3.9.1.11-1.el8sat.noarch.rpm SHA-256: a3b582c475838dfe5ed23ca18bfd5aacaece138f8390cc0656f76a4ec285b8f7
satellite-cli-6.15.4.2-1.el8sat.noarch.rpm SHA-256: 6108d5615389d46688765470c341266cafceae05036ffa03d8935963dfd4c4b9

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/