What is RHSA-2015:1591?

RHSA-2015:1591 is a security advisory published by Red Hat Product Security with High severity. Red Hat Security Advisory: Red Hat Satellite 6.1.1 on RHEL 7

RHSA-2015:1591High

Red Hat Security Advisory: Red Hat Satellite 6.1.1 on RHEL 7

Vendor

Red Hat Product Security

Published

August 12, 2015

Last Modified

May 27, 2026

🔗 CVE IDs covered (8)

CVE-2015-3155 →CVE-2015-3235 →CVE-2009-3555 →CVE-2013-4346 →CVE-2013-4347 →CVE-2014-3653 →CVE-2015-1816 →CVE-2015-1844 →

📋 Description

CVE-2009-3555 — TLS: MITM attacks via session renegotiation CVE-2013-4346 — python-oauth2: _check_signature() ignores the nonce value when validating signed urls CVE-2013-4347 — python-oauth2: Uses poor PRNG in nonce CVE-2014-3653 — foreman: cross-site scripting (XSS) flaw in template preview screen CVE-2015-1816 — foreman: lack of SSL certificate validation when performing LDAPS authentication CVE-2015-1844 — foreman: API not scoping resources to taxonomies CVE-2015-3155 — foreman: the _session_id cookie is issued without the Secure flag CVE-2015-3235 — foreman: edit_users permission allows changing of admin passwords

🔗 References (12)

selfhttps://access.redhat.com/errata/RHSA-2015:1591
externalhttps://access.redhat.com/security/updates/classification/#important
externalhttps://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html/Release_Notes/index.html
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1007746
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1007758
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1145398
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1201357
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1207589
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1208602
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1216035
externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1232366
selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1591.json