What is the severity of RHSA-2019:0796?

The severity of RHSA-2019:0796 is considered moderate.

How do I fix RHSA-2019:0796?

To fix RHSA-2019:0796, you need to update the affected packages to the specified remedied versions.

Which software packages are affected by RHSA-2019:0796?

Affected software packages include cfme, cfme-amazon-smartstate, cfme-appliance, and ansible-tower components.

When was RHSA-2019:0796 issued?

RHSA-2019:0796 was issued on March 5, 2019.

What is the primary focus of RHSA-2019:0796?

RHSA-2019:0796 addresses vulnerabilities in the Red Hat CloudForms Management Engine.

Vulnerability/
RHSA-2019:0796

23/4/2019

RHSA-2019:0796: Important: CloudForms 4.7.3 security, bug fix and enhancement update

First published: Tue Apr 23 2019(Updated: )

Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.<br>Security Fix(es):<br><li> rubygem-actionpack: render file directory traversal in Action View (CVE-2019-5418)</li> <li> rubygem-actionpack: denial of service vulnerability in Action View (CVE-2019-5419)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

Affected Software	Affected Version	How to fix
redhat/cfme	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-amazon-smartstate	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-appliance	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-gemset	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/ansible-tower	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/ansible-tower-server	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/ansible-tower-setup	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/ansible-tower-ui	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/ansible-tower-venv-ansible	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/ansible-tower-venv-tower	<3.4.3-1.el7a	3.4.3-1.el7a
redhat/cfme	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-amazon-smartstate	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-appliance	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-appliance-common	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-appliance-debuginfo	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-appliance-tools	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-debuginfo	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-gemset	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf
redhat/cfme-gemset-debuginfo	<5.10.3.3-1.el7cf	5.10.3.3-1.el7cf

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:0796?
The severity of RHSA-2019:0796 is considered moderate.
How do I fix RHSA-2019:0796?
To fix RHSA-2019:0796, you need to update the affected packages to the specified remedied versions.
Which software packages are affected by RHSA-2019:0796?
Affected software packages include cfme, cfme-amazon-smartstate, cfme-appliance, and ansible-tower components.
When was RHSA-2019:0796 issued?
RHSA-2019:0796 was issued on March 5, 2019.
What is the primary focus of RHSA-2019:0796?
RHSA-2019:0796 addresses vulnerabilities in the Red Hat CloudForms Management Engine.

agent/severity
agent/references
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:0796
agent/software-canonical-lookup
agent/remedy
agent/title
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat