Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:34366 - Security Advisory
Issued:
2026-07-01
Updated:
2026-07-01

RHSA-2026:34366 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: Satellite 6.17.9 Async Update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

A new release is now available for Red Hat Satellite 6.17 for RHEL 9.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

Description

Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.

Security Fix(es):

  • python-pillow: Pillow: Denial of Service via decompression bomb in FITS image processing (CVE-2026-40192)
  • dynflow-utils: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
  • yggdrasil-worker-forwarder: Root.Chmod can follow symlinks out of the root (CVE-2026-32282)
  • foreman: Foreman: Privilege escalation to administrator-level access via

usergroup role assignment manipulation (CVE-2026-5136)

  • foreman: Foreman: Information disclosure via improper validation of nested request parameters (CVE-2026-5138)
  • foreman: Foreman: Unauthorized modification of host configurations via broken access control (CVE-2026-5135)
  • foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass (CVE-2026-5142)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

  • orphan cleanup triggers CapsuleContent::UpdateContentCounts regardless of automatic_content_count_updates setting (SAT-45923)
  • The custom repository fails to sync with the Capsule server, resulting in an error (SAT-44719)

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For detailed instructions how to apply this update, refer to:

https://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index

Affected Products

  • Red Hat Satellite 6.17 x86_64
  • Red Hat Satellite Capsule 6.17 x86_64
  • Red Hat Enterprise Linux for x86_64 9 x86_64

Fixes

  • BZ - 2452230 - CVE-2026-5135 foreman: Foreman: Unauthorized modification of host configurations via broken access control
  • BZ - 2452970 - CVE-2026-5136 foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation
  • BZ - 2452971 - CVE-2026-5138 foreman: Foreman: Information disclosure via improper validation of nested request parameters
  • BZ - 2452999 - CVE-2026-5142 foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass
  • BZ - 2456336 - CVE-2026-32282 golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
  • BZ - 2458856 - CVE-2026-40192 Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing
  • SAT-45923 - orphan cleanup triggers CapsuleContent::UpdateContentCounts regardless of automatic_content_count_updates setting [rhn_satellite_6.17]
  • SAT-44719 - The custom repository fails to sync with the Capsule server, resulting in an error. [rhn_satellite_6.17]

CVEs

  • CVE-2026-5135
  • CVE-2026-5136
  • CVE-2026-5138
  • CVE-2026-5142
  • CVE-2026-32282
  • CVE-2026-40192

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Satellite 6.17

SRPM
dynflow-utils-1.6.3-1.1.el9sat.src.rpm SHA-256: 37bba5e0cce43ccfbed82c8a4e50e216a897fdc121a4b72e671ffdee4f0f2f37
foreman-3.14.0.17-1.el9sat.src.rpm SHA-256: 431b41ba59fb525704cf7b55137144654087da80efb1061af1a14d29e0ecaaa1
python-pillow-12.2.0-1.el9pc.src.rpm SHA-256: 610c66c93245660b1e54060d2ae029ec7372bdacf8f6c0252a637c7d722c7624
python-pulp-ansible-0.22.4-3.el9pc.src.rpm SHA-256: 529eab722beebe84cf11f5921b9b48f8e8e29be5e3a89dc9ab4a03378524b05b
rubygem-foreman_maintain-1.10.5-1.el9sat.src.rpm SHA-256: 020a7b5a9a0f6cb59f1b5d727ccf25aa2d2fc7a91ac9058a01ff1aa431221356
rubygem-katello-4.16.0.16-1.el9sat.src.rpm SHA-256: 0ba82dc0bffbd87956474ae10ba8467c066c6f6d50c87239e0585d774484f17d
satellite-6.17.9-1.el9sat.src.rpm SHA-256: 1a7cf142f380282189f8debc46390b3ee55571feb0bf6f078baee999599c87dd
yggdrasil-worker-forwarder-0.0.3-5.el9sat.src.rpm SHA-256: c5acc8c634c5e0716829c648395035fb570d835225d53f738d4193a63a8d8dd5
x86_64
dynflow-utils-1.6.3-1.1.el9sat.x86_64.rpm SHA-256: ee54f2e4c239b978f6030e4bcf72e2503919271f8f5e84ca299686e504ad0863
foreman-3.14.0.17-1.el9sat.noarch.rpm SHA-256: fd837f61fcd75ad7d2b26ab9a8380e9a5df70d1315eda356ceee46b38635a9be
foreman-cli-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 69b559b2bc814ed1e31ba4352400d868b922a841c2e59d6bc0db51e258191ebb
foreman-debug-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 589770113df65f0d0ea119c679ffc17746349ccd92bdf056682d48cc48b3c676
foreman-dynflow-sidekiq-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 515331f7d0539c19f31458eebb49f4700b0f295f855cee9436c370d14dadadd9
foreman-ec2-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 3d4a3878a029e7aa270001423fdf06d72356025622b39e3576c9cc018e9016ac
foreman-journald-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 90ba15e2c1dad1f32bd1401486203ea864797f5b795d77a92a0f99181389e2f5
foreman-libvirt-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 67aa68d36572656b77b8ca2bd91ac6cc409d1401ad0704f5970361db1f450e05
foreman-openstack-3.14.0.17-1.el9sat.noarch.rpm SHA-256: a11aa462e15120f61c0130be331f7bebe33dfc53af05b453e88132724788e572
foreman-ovirt-3.14.0.17-1.el9sat.noarch.rpm SHA-256: e544c7b4406f89be815672e1b456464c1db8450471da99b8c68562fcf67c76ce
foreman-pcp-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 3c861e3ac4c2cda06069e347812471a31ba54480b7a1d39a456179163dda5fa5
foreman-postgresql-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 52b19e15c8443458fd5977817049823c3c6ddc11bbfc2b09f3e48c17d6ae2906
foreman-redis-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 1d4390942ef5a7d385279940bb90f73ddd2a2dd2fe39b88ee9807c70f1c11520
foreman-service-3.14.0.17-1.el9sat.noarch.rpm SHA-256: d9eedad8bc052c18dd4f9ebf90edab36d310668698c6532003b2ecf9803a7cf2
foreman-telemetry-3.14.0.17-1.el9sat.noarch.rpm SHA-256: e2d9968e80db2769be236b3b6316e9894b62a48c127ee3c69d9d5fdd8b6a6fd7
foreman-vmware-3.14.0.17-1.el9sat.noarch.rpm SHA-256: def7b9e16310f996f064594a11d8ce017f9eb67a774f983350b8491fddcc6f07
python-pillow-debugsource-12.2.0-1.el9pc.x86_64.rpm SHA-256: 30a96b7cfa78ee33cecb5231ce8fd994f3f8e6fb8ef3070234e12cc390b340d6
python3.11-pillow-12.2.0-1.el9pc.x86_64.rpm SHA-256: 215e6cec5eef2ba3e45ded4f3224bf6f23bfa44a0958a7a4cce1a266e4eaa0de
python3.11-pillow-debuginfo-12.2.0-1.el9pc.x86_64.rpm SHA-256: 4a81b20c59d8489aa3336c89e069c71a3e9a5cca43252cbddb19ca7b8c4b8fa4
python3.11-pulp-ansible-0.22.4-3.el9pc.noarch.rpm SHA-256: 28f5098e316b5737f418fd8886e67c2db422a2cb0ef71d55dd7e1dd2a2467d42
rubygem-foreman_maintain-1.10.5-1.el9sat.noarch.rpm SHA-256: bea5e9f1b0d12ccbce0ddbe332fa23cc2960c552ae58c29b7c9b20d6bd7705a9
rubygem-katello-4.16.0.16-1.el9sat.noarch.rpm SHA-256: 42d8673051ab23670f568fce87459bc2893f0eff27fdf2b33891182ed3004f47
satellite-6.17.9-1.el9sat.noarch.rpm SHA-256: e468b3d347806c4c68c868c37a6783b7c8d1874d60c80c8600432cda4f1434a3
satellite-cli-6.17.9-1.el9sat.noarch.rpm SHA-256: 24adb6b1bc58fa4359e329f364a88b76371427ce53ad3a63a88a4451ce990820
satellite-common-6.17.9-1.el9sat.noarch.rpm SHA-256: ec190c725a005f2fa027ab9bfee3dd47be1e6e1f693c60e4fbe5930b7fe5d6af
satellite-obsolete-packages-6.17.9-1.el9sat.noarch.rpm SHA-256: 245bf1f6347e260c619df0047a765aad46c690db6548ea74eb17811d1ba7358b
yggdrasil-worker-forwarder-0.0.3-5.el9sat.x86_64.rpm SHA-256: b60c37bfd0f45f36d8c673c4bb71f919a874cb8e66e463e7add4ce55d1a80226

Red Hat Satellite Capsule 6.17

SRPM
dynflow-utils-1.6.3-1.1.el9sat.src.rpm SHA-256: 37bba5e0cce43ccfbed82c8a4e50e216a897fdc121a4b72e671ffdee4f0f2f37
foreman-3.14.0.17-1.el9sat.src.rpm SHA-256: 431b41ba59fb525704cf7b55137144654087da80efb1061af1a14d29e0ecaaa1
python-pillow-12.2.0-1.el9pc.src.rpm SHA-256: 610c66c93245660b1e54060d2ae029ec7372bdacf8f6c0252a637c7d722c7624
python-pulp-ansible-0.22.4-3.el9pc.src.rpm SHA-256: 529eab722beebe84cf11f5921b9b48f8e8e29be5e3a89dc9ab4a03378524b05b
rubygem-foreman_maintain-1.10.5-1.el9sat.src.rpm SHA-256: 020a7b5a9a0f6cb59f1b5d727ccf25aa2d2fc7a91ac9058a01ff1aa431221356
satellite-6.17.9-1.el9sat.src.rpm SHA-256: 1a7cf142f380282189f8debc46390b3ee55571feb0bf6f078baee999599c87dd
x86_64
dynflow-utils-1.6.3-1.1.el9sat.x86_64.rpm SHA-256: ee54f2e4c239b978f6030e4bcf72e2503919271f8f5e84ca299686e504ad0863
foreman-debug-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 589770113df65f0d0ea119c679ffc17746349ccd92bdf056682d48cc48b3c676
foreman-pcp-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 3c861e3ac4c2cda06069e347812471a31ba54480b7a1d39a456179163dda5fa5
python-pillow-debugsource-12.2.0-1.el9pc.x86_64.rpm SHA-256: 30a96b7cfa78ee33cecb5231ce8fd994f3f8e6fb8ef3070234e12cc390b340d6
python3.11-pillow-12.2.0-1.el9pc.x86_64.rpm SHA-256: 215e6cec5eef2ba3e45ded4f3224bf6f23bfa44a0958a7a4cce1a266e4eaa0de
python3.11-pillow-debuginfo-12.2.0-1.el9pc.x86_64.rpm SHA-256: 4a81b20c59d8489aa3336c89e069c71a3e9a5cca43252cbddb19ca7b8c4b8fa4
python3.11-pulp-ansible-0.22.4-3.el9pc.noarch.rpm SHA-256: 28f5098e316b5737f418fd8886e67c2db422a2cb0ef71d55dd7e1dd2a2467d42
rubygem-foreman_maintain-1.10.5-1.el9sat.noarch.rpm SHA-256: bea5e9f1b0d12ccbce0ddbe332fa23cc2960c552ae58c29b7c9b20d6bd7705a9
satellite-capsule-6.17.9-1.el9sat.noarch.rpm SHA-256: 4de07fd68cae0f1ece10dd51ae116b8989bff67e18b22fea30c8d2c666bf93c6
satellite-common-6.17.9-1.el9sat.noarch.rpm SHA-256: ec190c725a005f2fa027ab9bfee3dd47be1e6e1f693c60e4fbe5930b7fe5d6af
satellite-obsolete-packages-6.17.9-1.el9sat.noarch.rpm SHA-256: 245bf1f6347e260c619df0047a765aad46c690db6548ea74eb17811d1ba7358b

Red Hat Enterprise Linux for x86_64 9

SRPM
foreman-3.14.0.17-1.el9sat.src.rpm SHA-256: 431b41ba59fb525704cf7b55137144654087da80efb1061af1a14d29e0ecaaa1
rubygem-foreman_maintain-1.10.5-1.el9sat.src.rpm SHA-256: 020a7b5a9a0f6cb59f1b5d727ccf25aa2d2fc7a91ac9058a01ff1aa431221356
satellite-6.17.9-1.el9sat.src.rpm SHA-256: 1a7cf142f380282189f8debc46390b3ee55571feb0bf6f078baee999599c87dd
x86_64
foreman-cli-3.14.0.17-1.el9sat.noarch.rpm SHA-256: 69b559b2bc814ed1e31ba4352400d868b922a841c2e59d6bc0db51e258191ebb
rubygem-foreman_maintain-1.10.5-1.el9sat.noarch.rpm SHA-256: bea5e9f1b0d12ccbce0ddbe332fa23cc2960c552ae58c29b7c9b20d6bd7705a9
satellite-cli-6.17.9-1.el9sat.noarch.rpm SHA-256: 24adb6b1bc58fa4359e329f364a88b76371427ce53ad3a63a88a4451ce990820

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility