- Vulnerability/
- RHSA-2023:1151
RHSA-2023:1151: Critical: Satellite 6.11.5 Async Security Update
First published: Tue Mar 07 2023(Updated: )
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.<br>Security fix(es):<br>tfm-rubygem-activerecord: activerecord: Possible RCE escalation bug with Serialized Columns in Active Record (CVE-2022-32224)<br>This update fixes the following bugs:<br>2153877 - The "Documentation" button on Satellite 6.11 for "Provisioning Templates" page is pointing to 404 Page Not Found link<br>2161929 - Locale change caused by RHEL upgrade results in database index corruption "get() returned more than one Modulemd -- it returned 2!"<br>2166747 - unable to install satellite 6.11 on rhel8.8 - ansible-core version is too new<br>2166748 - Entitlement certificate is missing content section for a custom product<br>2166749 - Sync container images of existing docker type repositories fail with 404 - Not found<br>2166750 - Another deadlock issue when syncing repos with high concurrency<br>2166756 - Inspecting an image with skopeo no longer works on Capsules<br>2166757 - Content view filter included errata not in the filter date range<br>2166759 - Content view filter will include module streams of other repos/arches if the errata contain rpms in different repos/arches.<br>2166760 - Even in 6.11.1, sync summary email notification shows the incorrect summary for newly added errata.<br>2166761 - Content view publish fails when the content view and repository both have a large name with : Error message: the server returns an error HTTP status code: 500<br>2166762 - Insights recommendation sync failing in Satelliite<br>2170874 - Satellite-clone not working if ansible-core 2.13 is installed<br>Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/foreman | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/satellite | <6.11.5-1.el7 | 6.11.5-1.el7 |
| redhat/satellite-clone | <3.1.1-2.el7 | 3.1.1-2.el7 |
| redhat/foreman-cli | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/satellite-cli | <6.11.5-1.el7 | 6.11.5-1.el7 |
| redhat/candlepin | <4.1.19-1.el8 | 4.1.19-1.el8 |
| redhat/foreman | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/python-naya | <1.1.1-1.1.el8 | 1.1.1-1.1.el8 |
| redhat/python-pulp-container | <2.9.9-1.el8 | 2.9.9-1.el8 |
| redhat/python-pulpcore | <3.16.15-1.el8 | 3.16.15-1.el8 |
| redhat/rubygem-actioncable | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-actionmailbox | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-actionmailer | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-actionpack | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-actiontext | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-actionview | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-activejob | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-activemodel | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-activerecord | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-activestorage | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-activesupport | <6.0.6-1.el8 | 6.0.6-1.el8 |
| redhat/rubygem-katello | <4.3.0.52-1.el8 | 4.3.0.52-1.el8 |
| redhat/rubygem-rails | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/rubygem-railties | <6.0.6-2.el8 | 6.0.6-2.el8 |
| redhat/satellite | <6.11.5-1.el8 | 6.11.5-1.el8 |
| redhat/candlepin-selinux | <4.1.19-1.el8 | 4.1.19-1.el8 |
| redhat/foreman-cli | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-debug | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-dynflow-sidekiq | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-ec2 | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-gce | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-journald | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-libvirt | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-openstack | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-ovirt | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-postgresql | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-service | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-telemetry | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/foreman-vmware | <3.1.1.26-1.el8 | 3.1.1.26-1.el8 |
| redhat/python38-naya | <1.1.1-1.1.el8 | 1.1.1-1.1.el8 |
| redhat/python38-pulp-container | <2.9.9-1.el8 | 2.9.9-1.el8 |
| redhat/python38-pulpcore | <3.16.15-1.el8 | 3.16.15-1.el8 |
| redhat/satellite-cli | <6.11.5-1.el8 | 6.11.5-1.el8 |
| redhat/satellite-common | <6.11.5-1.el8 | 6.11.5-1.el8 |
| redhat/candlepin | <4.1.19-1.el7 | 4.1.19-1.el7 |
| redhat/tfm-pulpcore-python-naya | <1.1.1-1.1.el7 | 1.1.1-1.1.el7 |
| redhat/tfm-pulpcore-python-pulp-container | <2.9.9-1.el7 | 2.9.9-1.el7 |
| redhat/tfm-pulpcore-python-pulpcore | <3.16.15-1.el7 | 3.16.15-1.el7 |
| redhat/tfm-rubygem-actioncable | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-actionmailbox | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-actionmailer | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-actionpack | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-actiontext | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-actionview | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-activejob | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-activemodel | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-activerecord | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-activestorage | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-activesupport | <6.0.6-1.el7 | 6.0.6-1.el7 |
| redhat/tfm-rubygem-katello | <4.3.0.52-1.el7 | 4.3.0.52-1.el7 |
| redhat/tfm-rubygem-rails | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/tfm-rubygem-railties | <6.0.6-2.el7 | 6.0.6-2.el7 |
| redhat/candlepin-selinux | <4.1.19-1.el7 | 4.1.19-1.el7 |
| redhat/foreman-debug | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-dynflow-sidekiq | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-ec2 | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-gce | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-journald | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-libvirt | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-openstack | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-ovirt | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-postgresql | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-service | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-telemetry | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/foreman-vmware | <3.1.1.26-1.el7 | 3.1.1.26-1.el7 |
| redhat/satellite-common | <6.11.5-1.el7 | 6.11.5-1.el7 |
| redhat/tfm-pulpcore-python3-naya | <1.1.1-1.1.el7 | 1.1.1-1.1.el7 |
| redhat/tfm-pulpcore-python3-pulp-container | <2.9.9-1.el7 | 2.9.9-1.el7 |
| redhat/tfm-pulpcore-python3-pulpcore | <3.16.15-1.el7 | 3.16.15-1.el7 |
| redhat/satellite-capsule | <6.11.5-1.el8 | 6.11.5-1.el8 |
| redhat/satellite-capsule | <6.11.5-1.el7 | 6.11.5-1.el7 |
| redhat/satellite-clone | <3.1.1-2.el8 | 3.1.1-2.el8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/severity
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/remedy
- agent/title
- agent/description
- agent/tags
- agent/event
- collector/redhat-errata
- source/Red Hat
- anchor-id/RHSA-2023:1151
- agent/software-canonical-lookup
- package-manager/redhat