Issued:: 2025-05-14
Updated:: 2025-05-14

RHSA-2025:7605 - Security Advisory

Overview
Updated Packages

Synopsis

Important: Satellite 6.16.5.1 Async Update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.

Security Fix(es):

rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser (CVE-2025-46727)

Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://access.redhat.com/documentation/en-us/red_hat_satellite/6.16/html/updating_red_hat_satellite/index

Affected Products

Red Hat Satellite 6.16 for RHEL 9 x86_64
Red Hat Satellite 6.16 for RHEL 8 x86_64
Red Hat Satellite Capsule 6.16 for RHEL 9 x86_64
Red Hat Satellite Capsule 6.16 for RHEL 8 x86_64
Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 8 x86_64

Fixes

BZ - 2364966 - CVE-2025-46727 rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser
SAT-33429 - post_Script field is not executed for ansible remote job in satellite 6.15
SAT-33430 - ACS refresh causes out-of-memory errors
SAT-33431 - Capsule sync gets stuck forever after specific connection issues

CVEs

CVE-2025-46727

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite 6.16 for RHEL 9

SRPM
python-pulp-rpm-3.26.5-1.el9pc.src.rpm	SHA-256: efd893054ade223b1a9ff4e0ec60752c646bad8d5eb49624157a715d441b5d63
python-pulpcore-3.49.39-1.el9pc.src.rpm	SHA-256: 52dd29d3148f938fe3a0b00942d7443be283b9655ad2f66093570431443c0e06
rubygem-katello-4.14.0.13-1.el9sat.src.rpm	SHA-256: 60f52e82b228670f8b122a0cf6976fd96227b040c25ff75fef0ea8b7e54049f6
rubygem-rack-2.2.14-1.el9sat.src.rpm	SHA-256: 3a51a0d3813a89fa63ff0c2052440b6d4838beeee80241d38f310260f12b1d55
satellite-6.16.5.1-1.el9sat.src.rpm	SHA-256: faad9e593d58a42f05f594c32e5b888729cd655c69f7b5cb8ce1633448b3746c
x86_64
python3.11-pulp-rpm-3.26.5-1.el9pc.noarch.rpm	SHA-256: d90cd98853d523d047abac2a75020ca6055b4dc3865a4ceb91c8855d1052108d
python3.11-pulpcore-3.49.39-1.el9pc.noarch.rpm	SHA-256: 46201ca4365d8604a42bf69b9699216890b563204cad2e4bbda97cd4272d51f6
rubygem-katello-4.14.0.13-1.el9sat.noarch.rpm	SHA-256: 63fe04242b39dc78e98459c9a2221b3e6ce56d3500540de2437aa2ca95316da9
rubygem-rack-2.2.14-1.el9sat.noarch.rpm	SHA-256: 88f9a26194e4b5d0db24be742427fe75755fd2d9116f54f28731199ee4c1fc1e
satellite-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: 9c1dc74b0da13183a998cbaa5c9a929c6ba0e8920dca83e6526f70bc0635d2cd
satellite-cli-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: c04e6c76802af756aec136b57d2302ed33424b17a38a08fde9604d1af4e0eb1e
satellite-common-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: 90abaeaa57882544592b9ec5a6e1ca206ff655d61e5b8ffffebe36d901661479

Red Hat Satellite 6.16 for RHEL 8

SRPM
python-pulp-rpm-3.26.5-1.el8pc.src.rpm	SHA-256: 4fd7affbbe7498a5ee48f69b46be94f26464d7d6ffa2ea43fb4da9e00d8bacdb
python-pulpcore-3.49.39-1.el8pc.src.rpm	SHA-256: b883346431476cabc1292a15e26a27c689bad74a06e33a7b145ad819385c94bc
rubygem-katello-4.14.0.13-1.el8sat.src.rpm	SHA-256: 413fe00254ef64d7577089a1c7024f99b62499ff5f383630a064e99a224cdee8
rubygem-rack-2.2.14-1.el8sat.src.rpm	SHA-256: 3b1c2486b65191d5c2abde6e3326772dd9df1bd109801445047c72960748143c
satellite-6.16.5.1-1.el8sat.src.rpm	SHA-256: 189def4910af3b7a0b17ab399b05f0b0945183b4659926b6c048b53d0d26a7b8
x86_64
python3.11-pulp-rpm-3.26.5-1.el8pc.noarch.rpm	SHA-256: 023ace9fdcafec1933b4eada49ac479b8e2de83cfba51b85c99f01433ae9d420
python3.11-pulpcore-3.49.39-1.el8pc.noarch.rpm	SHA-256: f9e78974707ea73ec65ccc45461029b2c562ad699148e8a5e2a7c4c6671ccc53
rubygem-katello-4.14.0.13-1.el8sat.noarch.rpm	SHA-256: 01b3f4489ebf695636f3fb0768ee39ed303ab752dceaabb938fcd3962174817f
rubygem-rack-2.2.14-1.el8sat.noarch.rpm	SHA-256: 71d67b7def81d1f551af25673e36007945c042945cb940d8792a11b892cd2db4
satellite-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: db1ce79b89da015a22118baa3b0ccaeb9a86391434fcc733e09eab3dbc1364e4
satellite-cli-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: edfe65cc1a9dfd6e897d5f1a3bf0d7295d1d940f1183892d3b078d76f628f303
satellite-common-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: 554025e7ad4d435c301c1894e771b8fd7c083565801d15b3fcdb1553b228f850

Red Hat Satellite Capsule 6.16 for RHEL 9

SRPM
python-pulp-rpm-3.26.5-1.el9pc.src.rpm	SHA-256: efd893054ade223b1a9ff4e0ec60752c646bad8d5eb49624157a715d441b5d63
python-pulpcore-3.49.39-1.el9pc.src.rpm	SHA-256: 52dd29d3148f938fe3a0b00942d7443be283b9655ad2f66093570431443c0e06
rubygem-rack-2.2.14-1.el9sat.src.rpm	SHA-256: 3a51a0d3813a89fa63ff0c2052440b6d4838beeee80241d38f310260f12b1d55
satellite-6.16.5.1-1.el9sat.src.rpm	SHA-256: faad9e593d58a42f05f594c32e5b888729cd655c69f7b5cb8ce1633448b3746c
x86_64
python3.11-pulp-rpm-3.26.5-1.el9pc.noarch.rpm	SHA-256: d90cd98853d523d047abac2a75020ca6055b4dc3865a4ceb91c8855d1052108d
python3.11-pulpcore-3.49.39-1.el9pc.noarch.rpm	SHA-256: 46201ca4365d8604a42bf69b9699216890b563204cad2e4bbda97cd4272d51f6
rubygem-rack-2.2.14-1.el9sat.noarch.rpm	SHA-256: 88f9a26194e4b5d0db24be742427fe75755fd2d9116f54f28731199ee4c1fc1e
satellite-capsule-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: 777cbe60b3c7487a8f0b0cd4c628a28ae60d1c4165bc536ed02637f462f53511
satellite-common-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: 90abaeaa57882544592b9ec5a6e1ca206ff655d61e5b8ffffebe36d901661479

Red Hat Satellite Capsule 6.16 for RHEL 8

SRPM
python-pulp-rpm-3.26.5-1.el8pc.src.rpm	SHA-256: 4fd7affbbe7498a5ee48f69b46be94f26464d7d6ffa2ea43fb4da9e00d8bacdb
python-pulpcore-3.49.39-1.el8pc.src.rpm	SHA-256: b883346431476cabc1292a15e26a27c689bad74a06e33a7b145ad819385c94bc
rubygem-rack-2.2.14-1.el8sat.src.rpm	SHA-256: 3b1c2486b65191d5c2abde6e3326772dd9df1bd109801445047c72960748143c
satellite-6.16.5.1-1.el8sat.src.rpm	SHA-256: 189def4910af3b7a0b17ab399b05f0b0945183b4659926b6c048b53d0d26a7b8
x86_64
python3.11-pulp-rpm-3.26.5-1.el8pc.noarch.rpm	SHA-256: 023ace9fdcafec1933b4eada49ac479b8e2de83cfba51b85c99f01433ae9d420
python3.11-pulpcore-3.49.39-1.el8pc.noarch.rpm	SHA-256: f9e78974707ea73ec65ccc45461029b2c562ad699148e8a5e2a7c4c6671ccc53
rubygem-rack-2.2.14-1.el8sat.noarch.rpm	SHA-256: 71d67b7def81d1f551af25673e36007945c042945cb940d8792a11b892cd2db4
satellite-capsule-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: 908e0c92357df645a5a8563093c18ea24b2fa36a855b49f6b9168f265b22457d
satellite-common-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: 554025e7ad4d435c301c1894e771b8fd7c083565801d15b3fcdb1553b228f850

Red Hat Enterprise Linux for x86_64 9

SRPM
satellite-6.16.5.1-1.el9sat.src.rpm	SHA-256: faad9e593d58a42f05f594c32e5b888729cd655c69f7b5cb8ce1633448b3746c
x86_64
satellite-cli-6.16.5.1-1.el9sat.noarch.rpm	SHA-256: c04e6c76802af756aec136b57d2302ed33424b17a38a08fde9604d1af4e0eb1e

Red Hat Enterprise Linux for x86_64 8

SRPM
satellite-6.16.5.1-1.el8sat.src.rpm	SHA-256: 189def4910af3b7a0b17ab399b05f0b0945183b4659926b6c048b53d0d26a7b8
x86_64
satellite-cli-6.16.5.1-1.el8sat.noarch.rpm	SHA-256: edfe65cc1a9dfd6e897d5f1a3bf0d7295d1d940f1183892d3b078d76f628f303

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation