- Vulnerability/
- RHSA-2021:3473
RHSA-2021:3473: Moderate: Red Hat Automation Platform 1.2.5 security and bugfixes update
First published: Wed Sep 08 2021(Updated: )
Red Hat Ansible Automation Platform integrates Red Hat’s automation suite<br>consisting of Red Hat Ansible Tower, Red Hat Ansible Engine, and use-case<br>specific capabilities for Microsoft Windows,network, security, and more,<br>along with Software-as-a-Service (SaaS)-based capabilities and features for<br>organization-wide effectiveness.<br>Security Fix(es):<br><li> python-urllib3: Catastrophic backtracking in URL authority parser (CVE-2021-33503)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>This update fixes various bugs and adds enhancements. Documentation for<br>these changes is available from the Release Notes document linked to in the<br>References section.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/automation-hub | <4.2.6-1.el8 | 4.2.6-1.el8 |
| redhat/python-galaxy-ng | <4.2.6-1.el8 | 4.2.6-1.el8 |
| redhat/python-requests | <2.25.1-1.el8 | 2.25.1-1.el8 |
| redhat/python-urllib3 | <1.26.5-1.el8 | 1.26.5-1.el8 |
| redhat/python3-click | <7.1.2-3.el8 | 7.1.2-3.el8 |
| redhat/python3-galaxy-ng | <4.2.6-1.el8 | 4.2.6-1.el8 |
| redhat/python3-gnupg | <0.4.6-3.el8 | 0.4.6-3.el8 |
| redhat/python3-jinja2 | <2.11.2-3.el8 | 2.11.2-3.el8 |
| redhat/python3-markupsafe | <1.1.1-4.el8 | 1.1.1-4.el8 |
| redhat/python3-markupsafe-debuginfo | <1.1.1-4.el8 | 1.1.1-4.el8 |
| redhat/python3-markupsafe-debugsource | <1.1.1-4.el8 | 1.1.1-4.el8 |
| redhat/python3-requests | <2.25.1-1.el8 | 2.25.1-1.el8 |
| redhat/python3-semantic-version | <2.8.5-3.el8 | 2.8.5-3.el8 |
| redhat/python3-urllib3 | <1.26.5-1.el8 | 1.26.5-1.el8 |
| redhat/automation-hub | <4.2.6-1.el7 | 4.2.6-1.el7 |
| redhat/python-galaxy-ng | <4.2.6-1.el7 | 4.2.6-1.el7 |
| redhat/python-requests | <2.25.1-1.el7 | 2.25.1-1.el7 |
| redhat/python-urllib3 | <1.26.5-1.el7 | 1.26.5-1.el7 |
| redhat/python3-click | <7.1.2-3.el7 | 7.1.2-3.el7 |
| redhat/python3-chardet | <3.0.4-3.el7 | 3.0.4-3.el7 |
| redhat/python3-galaxy-ng | <4.2.6-1.el7 | 4.2.6-1.el7 |
| redhat/python3-gnupg | <0.4.6-3.el7 | 0.4.6-3.el7 |
| redhat/python3-jinja2 | <2.11.2-3.el7 | 2.11.2-3.el7 |
| redhat/python3-markupsafe | <1.1.1-4.el7 | 1.1.1-4.el7 |
| redhat/python3-markupsafe-debuginfo | <1.1.1-4.el7 | 1.1.1-4.el7 |
| redhat/python3-requests | <2.25.1-1.el7 | 2.25.1-1.el7 |
| redhat/python3-semantic-version | <2.8.5-3.el7 | 2.8.5-3.el7 |
| redhat/python3-urllib3 | <1.26.5-1.el7 | 1.26.5-1.el7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1968074
- https://access.redhat.com/security/updates/classification/#moderate
- https://access.redhat.com/documentation/en-us/red_hat_ansible_automation_platform/1.2/html/red_hat_ansible_automation_platform_release_notes/index
- https://access.redhat.com/errata/RHSA-2021:3473 (Advisory)
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2021:3473
- agent/software-canonical-lookup
- package-manager/redhat