Red Hat Security Advisory: Satellite 6.3 security, bug fix, and enhancement update
🔗 CVE IDs covered (22)
📋 Description
CVE-2013-6459 — rubygem-will_paginate: XSS vulnerabilities CVE-2014-8183 — foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization CVE-2016-1669 — V8: integer overflow leading to buffer overflow in Zone::New CVE-2016-3693 — foreman: inspect in a provisioning template exposes sensitive controller information CVE-2016-3696 — pulp: Leakage of CA key in pulp-qpid-ssl-cfg CVE-2016-3704 — pulp: Unsafe use of bash $RANDOM for NSS DB password and seed CVE-2016-4451 — foreman: privilege escalation through Organization and Locations API CVE-2016-4995 — foreman: Information disclosure in provisioning template previews CVE-2016-4996 — foreman: inside discovery-debug, the root password is displayed in plaintext CVE-2016-6319 — foreman: Persistent XSS in Foreman remote execution plugin CVE-2016-7077 — foreman: Foreman information leak through unauthorized multiple_checkboxes helper CVE-2016-7078 — foreman: Information leak through organizations and locations feature CVE-2016-8613 — foreman: Stored XSS vulnerability in remote execution plugin CVE-2016-8634 — foreman: Stored XSS in org/loc wizard CVE-2016-8639 — foreman: Stored XSS via organization/location with HTML in name CVE-2016-9593 — foreman-debug: missing obfuscation of sensitive information CVE-2016-9595 — katello-debug: Possible symlink attacks due to use of predictable file names CVE-2017-2295 — puppet: Unsafe YAML deserialization CVE-2017-2667 — rubygem-hammer_cli: no verification of API server's SSL certificate CVE-2017-2672 — foreman: Image password leak CVE-2017-15699 — Interconnect: Denial of Service vulnerability in Red Hat JBoss AMQ Interconnect CVE-2018-14623 — katello: SQL inject in errata-related REST API
🔗 References (116)
- selfhttps://access.redhat.com/errata/RHSA-2018:0336
- externalhttps://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/release_notes/
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1019214
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1046642
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1132402
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1133515
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1140671
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1144042
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1145653
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1154382
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1177766
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1187338
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1190002
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1199204
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1210878
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1215825
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1217523
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1245642
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1255484
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1257588
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1260697
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1263748
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1264043
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1264732
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1265125
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1270771
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1274159
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1278642
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1278644
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1284686
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1291935
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1292510
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1293538
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1303103
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1304608
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1305059
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1306723
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1309569
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1309944
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1313634
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1317614
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1318534
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1323436
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1324508
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1327030
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1327471
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1328238
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1328930
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1330264
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1335449
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1336924
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1339715
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1339889
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1340559
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1342623
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1344049
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1348939
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1349136
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1361473
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1365815
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1366029
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1370168
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1376134
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1376191
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1382356
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1382735
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1384146
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1384548
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1386266
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1386278
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1390545
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1391831
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1393291
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1393409
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1394056
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1402922
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1406384
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1406729
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1410872
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1412186
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1413851
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1416119
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1417073
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1420711
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1422458
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1425121
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1425523
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1426404
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1426411
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1426448
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1428761
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1429426
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1434069
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1435972
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1436262
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1438376
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1439537
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1439850
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1445807
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1446707
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1446719
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1452124
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1455057
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1455455
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1458817
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1464224
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1468248
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1480346
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1480348
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1480886
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1493001
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1493494
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1517827
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1529099
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0336.json