—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: Satellite 6.3 security, bug fix, and enhancement update
Advisory ID: RHSA-2018:0336-01
Product: Red Hat Satellite 6
Advisory URL: https://access.redhat.com/errata/RHSA-2018:0336
Issue date: 2018-02-21
CVE Names: CVE-2013-6459 CVE-2014-8183 CVE-2016-1669
CVE-2016-3693 CVE-2016-3696 CVE-2016-3704
CVE-2016-4451 CVE-2016-4995 CVE-2016-4996
CVE-2016-6319 CVE-2016-8639 CVE-2016-9593
CVE-2016-9595 CVE-2017-2667 CVE-2017-2672
=====================================================================
1. Summary:
An update is now available for Red Hat Satellite.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Satellite 6.3 – noarch, x86_64
Red Hat Satellite Capsule 6.3 – noarch, x86_64
3. Description:
Red Hat Satellite is a systems management tool for Linux-based
infrastructure. It allows for provisioning, remote management, and
monitoring of multiple Linux deployments with a single centralized tool.
This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7
Satellite server. For the full list of new features provided by Satellite
6.3, see the Release Notes linked to in the references section. See the
Satellite 6 Installation Guide for detailed instructions on how to install
a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating
guide for detailed instructions on how to upgrade from prior versions of
Satellite 6.
All users who require Satellite version 6.3 are advised to install these
new packages.
Security Fix(es):
* V8: integer overflow leading to buffer overflow in Zone::New
(CVE-2016-1669)
* rubygem-will_paginate: XSS vulnerabilities (CVE-2013-6459)
* foreman: models with a ‘belongs_to’ association to an Organization do not
verify association belongs to that Organization (CVE-2014-8183)
* foreman: inspect in a provisioning template exposes sensitive controller
information (CVE-2016-3693)
* pulp: Unsafe use of bash $RANDOM for NSS DB password and seed
(CVE-2016-3704)
* foreman: privilege escalation through Organization and Locations API
(CVE-2016-4451)
* foreman: inside discovery-debug, the root password is displayed in
plaintext (CVE-2016-4996)
* foreman: Persistent XSS in Foreman remote execution plugin
(CVE-2016-6319)
* foreman: Stored XSS via organization/location with HTML in name
(CVE-2016-8639)
* katello-debug: Possible symlink attacks due to use of predictable file
names (CVE-2016-9595)
* rubygem-hammer_cli: no verification of API server’s SSL certificate
(CVE-2017-2667)
* foreman: Image password leak (CVE-2017-2672)
* pulp: Leakage of CA key in pulp-qpid-ssl-cfg (CVE-2016-3696)
* foreman: Information disclosure in provisioning template previews
(CVE-2016-4995)
* foreman-debug: missing obfuscation of sensitive information
(CVE-2016-9593)
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Red Hat would like to thank Randy Barlow (RedHat) for reporting
CVE-2016-3704 and Sander Bos for reporting CVE-2016-3696. The CVE-2014-8183
issue was discovered by Eric Helms (Red Hat); the CVE-2016-3693 and
CVE-2016-4995 issues were discovered by Dominic Cleal (Red Hat); the
CVE-2016-4451 and CVE-2016-6319 issues were discovered by Marek Hulán (Red
Hat); the CVE-2016-4996 issue was discovered by Thom Carlin (Red Hat); the
CVE-2016-8639 issue was discovered by Sanket Jagtap (Red Hat); the
CVE-2016-9595 issue was discovered by Evgeni Golov (Red Hat); the
CVE-2017-2667 issue was discovered by Tomas Strachota (Red Hat); and the
CVE-2016-9593 issue was discovered by Pavel Moravec (Red Hat).
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update this system to include these fixes, ensure your system has access
to the latest Red Hat packages, then execute the following steps.
If you are on a self-registered Satellite, download all packages before
stopping Satellite Server:
# yum update –downloadonly
Stop Katello services:
# katello-service stop
Update all packages:
# yum update
Perform the update:
# satellite-installer –upgrade
For detailed instructions how to apply this update, refer to:
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/in
stallation_guide/updating_satellite_server_capsule_server_and_content_hosts
5. Bugs fixed (https://bugzilla.redhat.com/):
1019214 – [RFE] Connect foreman bootiso when creating a new VM and boot from it.
1046642 – CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities
1132402 – [RFE] Support Facter 2 structured facts
1133515 – [RFE] Hammer repository upload-content doesn’t support globs
1140671 – [RFE] API Missing creation of smart proxy autosign entries
1144042 – [RFE] API Missing activation key listing available service_levels
1145653 – [RFE] Satellite 6: UEFI PXE support
1154382 – [RFE] Ability to use tokenized authentication to hammer in lieu of username/password in configuration file.
1177766 – [RFE] Republish composite content views on republished component content view
1187338 – [RFE] Patch management functionality of satellite missing patch management functionality
1190002 – [RFE] add “update all” button to host collections package update, selecting multiple content hosts
1199204 – [RFE] Content Hosts: UI should have some indicator as if/which capsule is providing content
1210878 – [RFE] Allow user to disable SSL verification for custom repositories hosted via SSL
1215825 – [RFE] Showing Packages that can be updated on a content-host via the UI
1217523 – [RFE] Request for the support of mirrorlists for rpm repository feeds
1245642 – [RFE] Allow editing of taxonomy for discovered hosts
1255484 – [RFE] Make subnet an optional field
1257588 – [RFE] API routes for repositories in consistent with filter on per product and per organization
1260697 – [RFE] As a CLI user, I should be able to set the Content Source for a host and hostgroup.
1263748 – [RFE] Using Dynconsole to review tasks, unable to get back to Satellite GUI missing a “back” button
1264043 – [RFE] Unable to edit Mail configuration in API and WebUI
1264732 – [RFE] Predefined role which is equivalent of ORG ADMIN
1265125 – [RFE] Allow activation keys to enable product repos regardless of whether there is a subscription attached or not
1270771 – [RFE] Possibility to set value of memory for compute profile under RHEV other then dropdown list
1274159 – [RFE] Add content counters to Content View Versions Repositories overview
1278642 – [RFE] Expose config groups in host yaml
1278644 – [RFE] manage provisioning templates outside of the web interface
1284686 – [RFE] Support use of snapshots in katello-backup to allow service to be restored quickly
1291935 – [RFE] support for Parametized Subnets
1292510 – [RFE] Satellite should support OpenSCAP tailoring file
1293538 – [RFE] Netgroup LDAP Authentication with Satellite 6.
1303103 – [RFE] Allow ISO repositories to be added to a content view and published/distributed
1304608 – [RFE] Manager and viewer role do not contain permissions for katello, rex and other plugins actions
1305059 – [RFE] [Sat6] allow multiple rpms to be added via hammer content-view filter rule create
1306723 – [RFE] add multiple content views to a CCV which contain the same repository
1309569 – [RFE] Composite Content View Web UI: show if “Latest” view is in use or if new version of content view available
1309944 – [RFE] Create/update composite content-view by content-view Names
1313634 – [RFE] Warning message while pulp-puppet-module-builder overwrites existing module files.
1317614 – [RFE] – “hammer info” command should have information related to “Host Status”
1318534 – [RFE] Puppet classes inherited from a parent should indicate which one
1323436 – [RFE] Latest available packages are not listed in the update list over the Satellite Server Web UI
1324508 – [RFE] Accept ‘organization’ and ‘location’ parameters for POST/PUT requests for discovery rules
1327030 – [RFE] Add extension point to Subnets form for Discovery Proxy
1327471 – CVE-2016-3693 foreman: inspect in a provisioning template exposes sensitive controller information
1328238 – [RFE] katello-backup report times
1328930 – CVE-2016-3696 pulp: Leakage of CA key in pulp-qpid-ssl-cfg
1330264 – CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed
1335449 – CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New
1336924 – [RFE]hypervisors that do NOT have a subscription attached should NOT be green under content hosts
1339715 – [RFE] Initiate OpenSCAP scan from web ui
1339889 – CVE-2016-4451 foreman: privilege escalation through Organization and Locations API
1340559 – [RFE] Add ability to Sort Content Hosts by additional column headers in WebUI
1342623 – [RFE] Extend the foreman API for improved compliance/openscap usage
1344049 – [RFE] Ability to use subscription associated to hypervisor when adding a server with activation key
1348939 – CVE-2016-4995 foreman: Information disclosure in provisioning template previews
1349136 – CVE-2016-4996 foreman: inside discovery-debug, the root password is displayed in plaintext
1361473 – [RFE] – Display the errata or packages that would applicable/installable for a given host using Hammer CLI
1365815 – CVE-2016-6319 foreman: Persistent XSS in Foreman remote execution plugin
1366029 – [RFE] satellite installer doesn’t allow for upgrading puppet
1370168 – [RFE] Update foreman-debug to by default not disclose confidential passwords and private keys
1376134 – [RFE] Pulp should log content unit downloads at a level other than DEBUG
1376191 – [RFE] Capability to Red Hat Satellite 6 to provision clients on IBM POWER
1382356 – [RFE] Delete smart class parameter when a puppet class is deleted
1382735 – [RFE] Allow accessing all template names for a host (in safe mode)
1384146 – [RFE] Discovery should not create an entry if the mac/serialnumber already exists as managed
1384548 – [RFE] cronjob to clear old tasks
1386266 – [RFE] krb5 support for remote execution job invocations
1386278 – [RFE] Job invocations should timeout
1390545 – [RFE] hammer sync-plan info should show associated products
1391831 – [RFE] Include Host’s Host Collection to YAML definition.
1393291 – CVE-2016-8639 foreman: Stored XSS via organization/location with HTML in name
1393409 – [RFE] Enable Process Recycling for Pulp Worker Processes
1394056 – [RFE] Getting IP Auto-Suggestion via API
1402922 – [RFE] Publishing provisioning template by version control system
1406384 – CVE-2016-9593 foreman-debug: missing obfuscation of sensitive information
1406729 – CVE-2016-9595 katello-debug: Possible symlink attacks due to use of predictable file names
1410872 – [RFE] Rake task needed to clean up repos published to wrong directory
1412186 – [RFE] Track what user executed remote job in the production.log
1413851 – [RFE] OpenSCAP download full report XML is not usable, include the html or PDF report.
1416119 – [RFE] foreman-debug takes > 1 hour to complete at scale
1417073 – [RFE] Enhance Satelltie 6 UI to make the need for virt-who apparent
1420711 – [RFE] – Applying Erratum to a client, Cancel and Next button only visible while scrolling through the entire list of content-hosts
1422458 – [RFE] The search function shows dummy facts that are not used any more and the dummy facts should be deleted
1425121 – [RFE] Sort smart class parameter overrides by resolution order
1425523 – [RFE] Update Subscriptions Page in Satellite 6 to point to customer portal landing page.
1426404 – [RFE] Backport session/request id in logs
1426411 – [RFE] Allow batched content install actions during errata install
1426448 – [RFE] Add schema to full backup if dbfiles are corrupted
1428761 – [RFE] Show upgradable package count in Content Hosts list and at the Content Host page
1429426 – [RFE] set release version of a content host via bulk action
1434069 – [RFE] max_memory_per_executor support
1435972 – [RFE] – Option to disable autostart for puppet agent
1436262 – CVE-2017-2667 rubygem-hammer_cli: no verification of API server’s SSL certificate
1438376 – [RFE] Hammer location list to optionally show parents of location
1439537 – CVE-2017-2672 foreman: Image password leak
1439850 – [RFE] Allow setting HTTPS CDN URLs in Satellite
1445807 – [RFE] Allow choice of target shell in Remote Execution
1446707 – [RFE] add confirmation step for manifest deletion (explaining when refresh will do, and when have to use delete)
1446719 – [RFE] Refreshing a manifest should re-generate entitlement certificates.
1452124 – [RFE] Hammer cli does not list Type field when listing subscriptions.
1455057 – [RFE] As a user, I expect the smart proxies page list of features to be sorted consistently
1455455 – [RFE] PXE less provisioning – Add delay to discovery image boot for slow DHCP networks
1458817 – [RFE] Prioritize attribute order in puppet classes limited to 255 chars
1464224 – [RFE] make the “Type” of a subscription a searchable unit
1468248 – [RFE] add task start time to “latest warning/error task” dashboard widget
1480346 – [RFE] Need a server side tool to assist with the process of changing the hostname of the Katello server
1480348 – [RFE] API to fetch list of hosts without full host details
1480886 – CVE-2014-8183 foreman: models with a ‘belongs_to’ association to an Organization do not verify association belongs to that Organization
1493001 – [RFE] Add NIC ignore patterns for OpenStack and OpenShift
1493494 – [RFE] While adding a content-view to a composite view which is not published, clicking “Add Content Views” button does nothing, it should give an error.
1517827 – [RFE] Satellite 6: add the ability to choose supported cipher suites for Tomcat
1529099 – [RFE] Users with email address more than 60 characters should be able to login to Satellite GUI
6. Package List:
Red Hat Satellite Capsule 6.3:
Source:
foreman-1.15.6.34-1.el7sat.src.rpm
foreman-bootloaders-redhat-201801241201-2.el7sat.src.rpm
foreman-discovery-image-3.4.4-1.el7sat.src.rpm
foreman-installer-1.15.6.8-1.el7sat.src.rpm
foreman-proxy-1.15.6.4-1.el7sat.src.rpm
foreman-selinux-1.15.6.2-1.el7sat.src.rpm
hiera-1.3.1-2.el7sat.src.rpm
katello-3.4.5-15.el7sat.src.rpm
katello-certs-tools-2.4.0-1.el7sat.src.rpm
katello-client-bootstrap-1.5.1-1.el7sat.src.rpm
katello-installer-base-3.4.5.26-1.el7sat.src.rpm
katello-selinux-3.0.2-1.el7sat.src.rpm
kobo-0.5.1-1.el7sat.src.rpm
pulp-2.13.4.6-1.el7sat.src.rpm
pulp-docker-2.4.1-2.el7sat.src.rpm
pulp-katello-1.0.2-1.el7sat.src.rpm
pulp-ostree-1.2.1.1-1.el7sat.src.rpm
pulp-puppet-2.13.4-3.el7sat.src.rpm
pulp-rpm-2.13.4.8-1.el7sat.src.rpm
puppet-foreman_scap_client-0.3.16-1.el7sat.src.rpm
python-zope-interface-4.0.5-4.el7.src.rpm
redhat-access-insights-puppet-0.0.9-2.el7sat.src.rpm
rubygem-kafo-2.0.2-1.el7sat.src.rpm
rubygem-kafo_parsers-0.1.6-1.el7sat.src.rpm
rubygem-kafo_wizards-0.0.1-2.el7sat.src.rpm
rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.src.rpm
rubygem-smart_proxy_discovery-1.0.4-3.el7sat.src.rpm
rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.src.rpm
rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.src.rpm
rubygem-smart_proxy_openscap-0.6.9-1.el7sat.src.rpm
rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.src.rpm
rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.src.rpm
rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.src.rpm
satellite-6.3.0-23.0.el7sat.src.rpm
satellite-installer-6.3.0.12-1.el7sat.src.rpm
tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.src.rpm
tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.src.rpm
noarch:
foreman-bootloaders-redhat-201801241201-2.el7sat.noarch.rpm
foreman-bootloaders-redhat-tftpboot-201801241201-2.el7sat.noarch.rpm
foreman-debug-1.15.6.34-1.el7sat.noarch.rpm
foreman-discovery-image-3.4.4-1.el7sat.noarch.rpm
foreman-installer-1.15.6.8-1.el7sat.noarch.rpm
foreman-installer-katello-3.4.5.26-1.el7sat.noarch.rpm
foreman-proxy-1.15.6.4-1.el7sat.noarch.rpm
foreman-proxy-content-3.4.5-15.el7sat.noarch.rpm
foreman-selinux-1.15.6.2-1.el7sat.noarch.rpm
hiera-1.3.1-2.el7sat.noarch.rpm
katello-certs-tools-2.4.0-1.el7sat.noarch.rpm
katello-client-bootstrap-1.5.1-1.el7sat.noarch.rpm
katello-debug-3.4.5-15.el7sat.noarch.rpm
katello-installer-base-3.4.5.26-1.el7sat.noarch.rpm
katello-selinux-3.0.2-1.el7sat.noarch.rpm
katello-service-3.4.5-15.el7sat.noarch.rpm
kobo-0.5.1-1.el7sat.noarch.rpm
pulp-admin-client-2.13.4.6-1.el7sat.noarch.rpm
pulp-docker-admin-extensions-2.4.1-2.el7sat.noarch.rpm
pulp-docker-plugins-2.4.1-2.el7sat.noarch.rpm
pulp-katello-1.0.2-1.el7sat.noarch.rpm
pulp-nodes-child-2.13.4.6-1.el7sat.noarch.rpm
pulp-nodes-common-2.13.4.6-1.el7sat.noarch.rpm
pulp-nodes-parent-2.13.4.6-1.el7sat.noarch.rpm
pulp-ostree-admin-extensions-1.2.1.1-1.el7sat.noarch.rpm
pulp-ostree-plugins-1.2.1.1-1.el7sat.noarch.rpm
pulp-puppet-admin-extensions-2.13.4-3.el7sat.noarch.rpm
pulp-puppet-plugins-2.13.4-3.el7sat.noarch.rpm
pulp-rpm-admin-extensions-2.13.4.8-1.el7sat.noarch.rpm
pulp-rpm-plugins-2.13.4.8-1.el7sat.noarch.rpm
pulp-selinux-2.13.4.6-1.el7sat.noarch.rpm
pulp-server-2.13.4.6-1.el7sat.noarch.rpm
puppet-foreman_scap_client-0.3.16-1.el7sat.noarch.rpm
python-pulp-agent-lib-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-bindings-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-client-lib-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-common-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-docker-common-2.4.1-2.el7sat.noarch.rpm
python-pulp-oid_validation-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-ostree-common-1.2.1.1-1.el7sat.noarch.rpm
python-pulp-puppet-common-2.13.4-3.el7sat.noarch.rpm
python-pulp-repoauth-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-rpm-common-2.13.4.8-1.el7sat.noarch.rpm
python-pulp-streamer-2.13.4.6-1.el7sat.noarch.rpm
redhat-access-insights-puppet-0.0.9-2.el7sat.noarch.rpm
rubygem-kafo-2.0.2-1.el7sat.noarch.rpm
rubygem-kafo_parsers-0.1.6-1.el7sat.noarch.rpm
rubygem-kafo_wizards-0.0.1-2.el7sat.noarch.rpm
rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.noarch.rpm
rubygem-smart_proxy_discovery-1.0.4-3.el7sat.noarch.rpm
rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.noarch.rpm
rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.noarch.rpm
rubygem-smart_proxy_openscap-0.6.9-1.el7sat.noarch.rpm
rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.noarch.rpm
rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.noarch.rpm
rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.noarch.rpm
satellite-capsule-6.3.0-23.0.el7sat.noarch.rpm
satellite-common-6.3.0-23.0.el7sat.noarch.rpm
satellite-debug-tools-6.3.0-23.0.el7sat.noarch.rpm
satellite-installer-6.3.0.12-1.el7sat.noarch.rpm
tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.noarch.rpm
x86_64:
python-zope-interface-4.0.5-4.el7.x86_64.rpm
python-zope-interface-debuginfo-4.0.5-4.el7.x86_64.rpm
Red Hat Satellite 6.3:
Source:
candlepin-2.1.14-1.el7.src.rpm
foreman-1.15.6.34-1.el7sat.src.rpm
foreman-bootloaders-redhat-201801241201-2.el7sat.src.rpm
foreman-discovery-image-3.4.4-1.el7sat.src.rpm
foreman-installer-1.15.6.8-1.el7sat.src.rpm
foreman-proxy-1.15.6.4-1.el7sat.src.rpm
foreman-selinux-1.15.6.2-1.el7sat.src.rpm
hiera-1.3.1-2.el7sat.src.rpm
katello-3.4.5-15.el7sat.src.rpm
katello-certs-tools-2.4.0-1.el7sat.src.rpm
katello-client-bootstrap-1.5.1-1.el7sat.src.rpm
katello-installer-base-3.4.5.26-1.el7sat.src.rpm
katello-selinux-3.0.2-1.el7sat.src.rpm
kobo-0.5.1-1.el7sat.src.rpm
pulp-2.13.4.6-1.el7sat.src.rpm
pulp-docker-2.4.1-2.el7sat.src.rpm
pulp-katello-1.0.2-1.el7sat.src.rpm
pulp-ostree-1.2.1.1-1.el7sat.src.rpm
pulp-puppet-2.13.4-3.el7sat.src.rpm
pulp-rpm-2.13.4.8-1.el7sat.src.rpm
puppet-foreman_scap_client-0.3.16-1.el7sat.src.rpm
python-zope-interface-4.0.5-4.el7.src.rpm
redhat-access-insights-puppet-0.0.9-2.el7sat.src.rpm
rubygem-foreman_scap_client-0.3.0-2.el7sat.src.rpm
rubygem-kafo-2.0.2-1.el7sat.src.rpm
rubygem-kafo_parsers-0.1.6-1.el7sat.src.rpm
rubygem-kafo_wizards-0.0.1-2.el7sat.src.rpm
rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.src.rpm
rubygem-smart_proxy_discovery-1.0.4-3.el7sat.src.rpm
rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.src.rpm
rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.src.rpm
rubygem-smart_proxy_openscap-0.6.9-1.el7sat.src.rpm
rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.src.rpm
rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.src.rpm
rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.src.rpm
satellite-6.3.0-23.0.el7sat.src.rpm
satellite-installer-6.3.0.12-1.el7sat.src.rpm
tfm-rubygem-bastion-5.1.1.4-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman-redhat_access-2.0.13-1.el7sat.src.rpm
tfm-rubygem-foreman-tasks-0.9.6.4-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_bootdisk-10.0.2.2-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_discovery-9.1.5.3-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_docker-3.1.0.3-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_hooks-0.3.14-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_openscap-0.7.11-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_remote_execution-1.3.7.2-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_templates-5.0.1-1.fm1_15.el7sat.src.rpm
tfm-rubygem-foreman_theme_satellite-1.0.4.16-1.el7sat.src.rpm
tfm-rubygem-foreman_virt_who_configure-0.1.9-1.fm1_15.el7sat.src.rpm
tfm-rubygem-hammer_cli-0.11.0.1-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_csv-2.3.0-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman-0.11.0.5-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_admin-0.0.8-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3.3-2.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_discovery-1.0.0-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_docker-0.0.6-2.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_openscap-0.1.5-1.fm1_15.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_remote_execution-0.0.6-1.fm1_15.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_tasks-0.0.12-1.fm1_15.el7sat.src.rpm
tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.3-1.el7sat.src.rpm
tfm-rubygem-hammer_cli_katello-0.11.3.5-1.el7sat.src.rpm
tfm-rubygem-katello-3.4.5.58-1.el7sat.src.rpm
tfm-rubygem-ovirt_provision_plugin-1.0.2-1.fm1_15.el7sat.src.rpm
tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.src.rpm
noarch:
candlepin-2.1.14-1.el7.noarch.rpm
candlepin-selinux-2.1.14-1.el7.noarch.rpm
foreman-1.15.6.34-1.el7sat.noarch.rpm
foreman-bootloaders-redhat-201801241201-2.el7sat.noarch.rpm
foreman-bootloaders-redhat-tftpboot-201801241201-2.el7sat.noarch.rpm
foreman-cli-1.15.6.34-1.el7sat.noarch.rpm
foreman-compute-1.15.6.34-1.el7sat.noarch.rpm
foreman-debug-1.15.6.34-1.el7sat.noarch.rpm
foreman-discovery-image-3.4.4-1.el7sat.noarch.rpm
foreman-ec2-1.15.6.34-1.el7sat.noarch.rpm
foreman-gce-1.15.6.34-1.el7sat.noarch.rpm
foreman-installer-1.15.6.8-1.el7sat.noarch.rpm
foreman-installer-katello-3.4.5.26-1.el7sat.noarch.rpm
foreman-libvirt-1.15.6.34-1.el7sat.noarch.rpm
foreman-openstack-1.15.6.34-1.el7sat.noarch.rpm
foreman-ovirt-1.15.6.34-1.el7sat.noarch.rpm
foreman-postgresql-1.15.6.34-1.el7sat.noarch.rpm
foreman-proxy-1.15.6.4-1.el7sat.noarch.rpm
foreman-proxy-content-3.4.5-15.el7sat.noarch.rpm
foreman-rackspace-1.15.6.34-1.el7sat.noarch.rpm
foreman-selinux-1.15.6.2-1.el7sat.noarch.rpm
foreman-vmware-1.15.6.34-1.el7sat.noarch.rpm
hiera-1.3.1-2.el7sat.noarch.rpm
katello-3.4.5-15.el7sat.noarch.rpm
katello-certs-tools-2.4.0-1.el7sat.noarch.rpm
katello-client-bootstrap-1.5.1-1.el7sat.noarch.rpm
katello-common-3.4.5-15.el7sat.noarch.rpm
katello-debug-3.4.5-15.el7sat.noarch.rpm
katello-installer-base-3.4.5.26-1.el7sat.noarch.rpm
katello-selinux-3.0.2-1.el7sat.noarch.rpm
katello-service-3.4.5-15.el7sat.noarch.rpm
kobo-0.5.1-1.el7sat.noarch.rpm
pulp-admin-client-2.13.4.6-1.el7sat.noarch.rpm
pulp-docker-admin-extensions-2.4.1-2.el7sat.noarch.rpm
pulp-docker-plugins-2.4.1-2.el7sat.noarch.rpm
pulp-katello-1.0.2-1.el7sat.noarch.rpm
pulp-ostree-admin-extensions-1.2.1.1-1.el7sat.noarch.rpm
pulp-ostree-plugins-1.2.1.1-1.el7sat.noarch.rpm
pulp-puppet-admin-extensions-2.13.4-3.el7sat.noarch.rpm
pulp-puppet-plugins-2.13.4-3.el7sat.noarch.rpm
pulp-puppet-tools-2.13.4-3.el7sat.noarch.rpm
pulp-rpm-admin-extensions-2.13.4.8-1.el7sat.noarch.rpm
pulp-rpm-plugins-2.13.4.8-1.el7sat.noarch.rpm
pulp-selinux-2.13.4.6-1.el7sat.noarch.rpm
pulp-server-2.13.4.6-1.el7sat.noarch.rpm
puppet-foreman_scap_client-0.3.16-1.el7sat.noarch.rpm
python-pulp-bindings-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-client-lib-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-common-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-docker-common-2.4.1-2.el7sat.noarch.rpm
python-pulp-oid_validation-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-ostree-common-1.2.1.1-1.el7sat.noarch.rpm
python-pulp-puppet-common-2.13.4-3.el7sat.noarch.rpm
python-pulp-repoauth-2.13.4.6-1.el7sat.noarch.rpm
python-pulp-rpm-common-2.13.4.8-1.el7sat.noarch.rpm
python-pulp-streamer-2.13.4.6-1.el7sat.noarch.rpm
redhat-access-insights-puppet-0.0.9-2.el7sat.noarch.rpm
rubygem-foreman_scap_client-0.3.0-2.el7sat.noarch.rpm
rubygem-kafo-2.0.2-1.el7sat.noarch.rpm
rubygem-kafo_parsers-0.1.6-1.el7sat.noarch.rpm
rubygem-kafo_wizards-0.0.1-2.el7sat.noarch.rpm
rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.noarch.rpm
rubygem-smart_proxy_discovery-1.0.4-3.el7sat.noarch.rpm
rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.noarch.rpm
rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.noarch.rpm
rubygem-smart_proxy_openscap-0.6.9-1.el7sat.noarch.rpm
rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.noarch.rpm
rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.noarch.rpm
rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.noarch.rpm
satellite-6.3.0-23.0.el7sat.noarch.rpm
satellite-capsule-6.3.0-23.0.el7sat.noarch.rpm
satellite-cli-6.3.0-23.0.el7sat.noarch.rpm
satellite-common-6.3.0-23.0.el7sat.noarch.rpm
satellite-debug-tools-6.3.0-23.0.el7sat.noarch.rpm
satellite-installer-6.3.0.12-1.el7sat.noarch.rpm
tfm-rubygem-bastion-5.1.1.4-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman-redhat_access-2.0.13-1.el7sat.noarch.rpm
tfm-rubygem-foreman-tasks-0.9.6.4-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_bootdisk-10.0.2.2-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_discovery-9.1.5.3-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_docker-3.1.0.3-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_hooks-0.3.14-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_openscap-0.7.11-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_remote_execution-1.3.7.2-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_templates-5.0.1-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-foreman_theme_satellite-1.0.4.16-1.el7sat.noarch.rpm
tfm-rubygem-foreman_virt_who_configure-0.1.9-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-hammer_cli-0.11.0.1-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_csv-2.3.0-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman-0.11.0.5-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_admin-0.0.8-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3.3-2.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_discovery-1.0.0-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_docker-0.0.6-2.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_openscap-0.1.5-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_remote_execution-0.0.6-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_tasks-0.0.12-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.3-1.el7sat.noarch.rpm
tfm-rubygem-hammer_cli_katello-0.11.3.5-1.el7sat.noarch.rpm
tfm-rubygem-katello-3.4.5.58-1.el7sat.noarch.rpm
tfm-rubygem-katello_ostree-3.4.5.58-1.el7sat.noarch.rpm
tfm-rubygem-ovirt_provision_plugin-1.0.2-1.fm1_15.el7sat.noarch.rpm
tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.noarch.rpm
x86_64:
python-zope-interface-4.0.5-4.el7.x86_64.rpm
python-zope-interface-debuginfo-4.0.5-4.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2013-6459
https://access.redhat.com/security/cve/CVE-2014-8183
https://access.redhat.com/security/cve/CVE-2016-1669
https://access.redhat.com/security/cve/CVE-2016-3693
https://access.redhat.com/security/cve/CVE-2016-3696
https://access.redhat.com/security/cve/CVE-2016-3704
https://access.redhat.com/security/cve/CVE-2016-4451
https://access.redhat.com/security/cve/CVE-2016-4995
https://access.redhat.com/security/cve/CVE-2016-4996
https://access.redhat.com/security/cve/CVE-2016-6319
https://access.redhat.com/security/cve/CVE-2016-8639
https://access.redhat.com/security/cve/CVE-2016-9593
https://access.redhat.com/security/cve/CVE-2016-9595
https://access.redhat.com/security/cve/CVE-2017-2667
https://access.redhat.com/security/cve/CVE-2017-2672
https://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/release_notes/
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iD4DBQFajWeIXlSAg2UNWIIRAouJAJwLI5jDnwjjh/YkDnJr5isfv4XalgCYmy9X
5E6G5050kzOcXtMs4tVO/g==
=7PmO
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce