-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: Satellite 6.3 security, bug fix, and enhancement update Advisory ID: RHSA-2018:0336-01 Product: Red Hat Satellite 6 Advisory URL: https://access.redhat.com/errata/RHSA-2018:0336 Issue date: 2018-02-21 CVE Names: CVE-2013-6459 CVE-2014-8183 CVE-2016-1669 CVE-2016-3693 CVE-2016-3696 CVE-2016-3704 CVE-2016-4451 CVE-2016-4995 CVE-2016-4996 CVE-2016-6319 CVE-2016-8639 CVE-2016-9593 CVE-2016-9595 CVE-2017-2667 CVE-2017-2672 ===================================================================== 1. Summary: An update is now available for Red Hat Satellite. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Satellite 6.3 - noarch, x86_64 Red Hat Satellite Capsule 6.3 - noarch, x86_64 3. Description: Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6. All users who require Satellite version 6.3 are advised to install these new packages. Security Fix(es): * V8: integer overflow leading to buffer overflow in Zone::New (CVE-2016-1669) * rubygem-will_paginate: XSS vulnerabilities (CVE-2013-6459) * foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization (CVE-2014-8183) * foreman: inspect in a provisioning template exposes sensitive controller information (CVE-2016-3693) * pulp: Unsafe use of bash $RANDOM for NSS DB password and seed (CVE-2016-3704) * foreman: privilege escalation through Organization and Locations API (CVE-2016-4451) * foreman: inside discovery-debug, the root password is displayed in plaintext (CVE-2016-4996) * foreman: Persistent XSS in Foreman remote execution plugin (CVE-2016-6319) * foreman: Stored XSS via organization/location with HTML in name (CVE-2016-8639) * katello-debug: Possible symlink attacks due to use of predictable file names (CVE-2016-9595) * rubygem-hammer_cli: no verification of API server's SSL certificate (CVE-2017-2667) * foreman: Image password leak (CVE-2017-2672) * pulp: Leakage of CA key in pulp-qpid-ssl-cfg (CVE-2016-3696) * foreman: Information disclosure in provisioning template previews (CVE-2016-4995) * foreman-debug: missing obfuscation of sensitive information (CVE-2016-9593) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Randy Barlow (RedHat) for reporting CVE-2016-3704 and Sander Bos for reporting CVE-2016-3696. The CVE-2014-8183 issue was discovered by Eric Helms (Red Hat); the CVE-2016-3693 and CVE-2016-4995 issues were discovered by Dominic Cleal (Red Hat); the CVE-2016-4451 and CVE-2016-6319 issues were discovered by Marek HulA!n (Red Hat); the CVE-2016-4996 issue was discovered by Thom Carlin (Red Hat); the CVE-2016-8639 issue was discovered by Sanket Jagtap (Red Hat); the CVE-2016-9595 issue was discovered by Evgeni Golov (Red Hat); the CVE-2017-2667 issue was discovered by Tomas Strachota (Red Hat); and the CVE-2016-9593 issue was discovered by Pavel Moravec (Red Hat). 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update this system to include these fixes, ensure your system has access to the latest Red Hat packages, then execute the following steps. If you are on a self-registered Satellite, download all packages before stopping Satellite Server: # yum update --downloadonly Stop Katello services: # katello-service stop Update all packages: # yum update Perform the update: # satellite-installer --upgrade For detailed instructions how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/in stallation_guide/updating_satellite_server_capsule_server_and_content_hosts 5. Bugs fixed (https://bugzilla.redhat.com/): 1019214 - [RFE] Connect foreman bootiso when creating a new VM and boot from it. 1046642 - CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities 1132402 - [RFE] Support Facter 2 structured facts 1133515 - [RFE] Hammer repository upload-content doesn't support globs 1140671 - [RFE] API Missing creation of smart proxy autosign entries 1144042 - [RFE] API Missing activation key listing available service_levels 1145653 - [RFE] Satellite 6: UEFI PXE support 1154382 - [RFE] Ability to use tokenized authentication to hammer in lieu of username/password in configuration file. 1177766 - [RFE] Republish composite content views on republished component content view 1187338 - [RFE] Patch management functionality of satellite missing patch management functionality 1190002 - [RFE] add "update all" button to host collections package update, selecting multiple content hosts 1199204 - [RFE] Content Hosts: UI should have some indicator as if/which capsule is providing content 1210878 - [RFE] Allow user to disable SSL verification for custom repositories hosted via SSL 1215825 - [RFE] Showing Packages that can be updated on a content-host via the UI 1217523 - [RFE] Request for the support of mirrorlists for rpm repository feeds 1245642 - [RFE] Allow editing of taxonomy for discovered hosts 1255484 - [RFE] Make subnet an optional field 1257588 - [RFE] API routes for repositories in consistent with filter on per product and per organization 1260697 - [RFE] As a CLI user, I should be able to set the Content Source for a host and hostgroup. 1263748 - [RFE] Using Dynconsole to review tasks, unable to get back to Satellite GUI missing a "back" button 1264043 - [RFE] Unable to edit Mail configuration in API and WebUI 1264732 - [RFE] Predefined role which is equivalent of ORG ADMIN 1265125 - [RFE] Allow activation keys to enable product repos regardless of whether there is a subscription attached or not 1270771 - [RFE] Possibility to set value of memory for compute profile under RHEV other then dropdown list 1274159 - [RFE] Add content counters to Content View Versions Repositories overview 1278642 - [RFE] Expose config groups in host yaml 1278644 - [RFE] manage provisioning templates outside of the web interface 1284686 - [RFE] Support use of snapshots in katello-backup to allow service to be restored quickly 1291935 - [RFE] support for Parametized Subnets 1292510 - [RFE] Satellite should support OpenSCAP tailoring file 1293538 - [RFE] Netgroup LDAP Authentication with Satellite 6. 1303103 - [RFE] Allow ISO repositories to be added to a content view and published/distributed 1304608 - [RFE] Manager and viewer role do not contain permissions for katello, rex and other plugins actions 1305059 - [RFE] [Sat6] allow multiple rpms to be added via hammer content-view filter rule create 1306723 - [RFE] add multiple content views to a CCV which contain the same repository 1309569 - [RFE] Composite Content View Web UI: show if "Latest" view is in use or if new version of content view available 1309944 - [RFE] Create/update composite content-view by content-view Names 1313634 - [RFE] Warning message while pulp-puppet-module-builder overwrites existing module files. 1317614 - [RFE] - "hammer info" command should have information related to "Host Status" 1318534 - [RFE] Puppet classes inherited from a parent should indicate which one 1323436 - [RFE] Latest available packages are not listed in the update list over the Satellite Server Web UI 1324508 - [RFE] Accept 'organization' and 'location' parameters for POST/PUT requests for discovery rules 1327030 - [RFE] Add extension point to Subnets form for Discovery Proxy 1327471 - CVE-2016-3693 foreman: inspect in a provisioning template exposes sensitive controller information 1328238 - [RFE] katello-backup report times 1328930 - CVE-2016-3696 pulp: Leakage of CA key in pulp-qpid-ssl-cfg 1330264 - CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed 1335449 - CVE-2016-1669 V8: integer overflow leading to buffer overflow in Zone::New 1336924 - [RFE]hypervisors that do NOT have a subscription attached should NOT be green under content hosts 1339715 - [RFE] Initiate OpenSCAP scan from web ui 1339889 - CVE-2016-4451 foreman: privilege escalation through Organization and Locations API 1340559 - [RFE] Add ability to Sort Content Hosts by additional column headers in WebUI 1342623 - [RFE] Extend the foreman API for improved compliance/openscap usage 1344049 - [RFE] Ability to use subscription associated to hypervisor when adding a server with activation key 1348939 - CVE-2016-4995 foreman: Information disclosure in provisioning template previews 1349136 - CVE-2016-4996 foreman: inside discovery-debug, the root password is displayed in plaintext 1361473 - [RFE] - Display the errata or packages that would applicable/installable for a given host using Hammer CLI 1365815 - CVE-2016-6319 foreman: Persistent XSS in Foreman remote execution plugin 1366029 - [RFE] satellite installer doesn't allow for upgrading puppet 1370168 - [RFE] Update foreman-debug to by default not disclose confidential passwords and private keys 1376134 - [RFE] Pulp should log content unit downloads at a level other than DEBUG 1376191 - [RFE] Capability to Red Hat Satellite 6 to provision clients on IBM POWER 1382356 - [RFE] Delete smart class parameter when a puppet class is deleted 1382735 - [RFE] Allow accessing all template names for a host (in safe mode) 1384146 - [RFE] Discovery should not create an entry if the mac/serialnumber already exists as managed 1384548 - [RFE] cronjob to clear old tasks 1386266 - [RFE] krb5 support for remote execution job invocations 1386278 - [RFE] Job invocations should timeout 1390545 - [RFE] hammer sync-plan info should show associated products 1391831 - [RFE] Include Host's Host Collection to YAML definition. 1393291 - CVE-2016-8639 foreman: Stored XSS via organization/location with HTML in name 1393409 - [RFE] Enable Process Recycling for Pulp Worker Processes 1394056 - [RFE] Getting IP Auto-Suggestion via API 1402922 - [RFE] Publishing provisioning template by version control system 1406384 - CVE-2016-9593 foreman-debug: missing obfuscation of sensitive information 1406729 - CVE-2016-9595 katello-debug: Possible symlink attacks due to use of predictable file names 1410872 - [RFE] Rake task needed to clean up repos published to wrong directory 1412186 - [RFE] Track what user executed remote job in the production.log 1413851 - [RFE] OpenSCAP download full report XML is not usable, include the html or PDF report. 1416119 - [RFE] foreman-debug takes > 1 hour to complete at scale 1417073 - [RFE] Enhance Satelltie 6 UI to make the need for virt-who apparent 1420711 - [RFE] - Applying Erratum to a client, Cancel and Next button only visible while scrolling through the entire list of content-hosts 1422458 - [RFE] The search function shows dummy facts that are not used any more and the dummy facts should be deleted 1425121 - [RFE] Sort smart class parameter overrides by resolution order 1425523 - [RFE] Update Subscriptions Page in Satellite 6 to point to customer portal landing page. 1426404 - [RFE] Backport session/request id in logs 1426411 - [RFE] Allow batched content install actions during errata install 1426448 - [RFE] Add schema to full backup if dbfiles are corrupted 1428761 - [RFE] Show upgradable package count in Content Hosts list and at the Content Host page 1429426 - [RFE] set release version of a content host via bulk action 1434069 - [RFE] max_memory_per_executor support 1435972 - [RFE] - Option to disable autostart for puppet agent 1436262 - CVE-2017-2667 rubygem-hammer_cli: no verification of API server's SSL certificate 1438376 - [RFE] Hammer location list to optionally show parents of location 1439537 - CVE-2017-2672 foreman: Image password leak 1439850 - [RFE] Allow setting HTTPS CDN URLs in Satellite 1445807 - [RFE] Allow choice of target shell in Remote Execution 1446707 - [RFE] add confirmation step for manifest deletion (explaining when refresh will do, and when have to use delete) 1446719 - [RFE] Refreshing a manifest should re-generate entitlement certificates. 1452124 - [RFE] Hammer cli does not list Type field when listing subscriptions. 1455057 - [RFE] As a user, I expect the smart proxies page list of features to be sorted consistently 1455455 - [RFE] PXE less provisioning - Add delay to discovery image boot for slow DHCP networks 1458817 - [RFE] Prioritize attribute order in puppet classes limited to 255 chars 1464224 - [RFE] make the "Type" of a subscription a searchable unit 1468248 - [RFE] add task start time to "latest warning/error task" dashboard widget 1480346 - [RFE] Need a server side tool to assist with the process of changing the hostname of the Katello server 1480348 - [RFE] API to fetch list of hosts without full host details 1480886 - CVE-2014-8183 foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization 1493001 - [RFE] Add NIC ignore patterns for OpenStack and OpenShift 1493494 - [RFE] While adding a content-view to a composite view which is not published, clicking "Add Content Views" button does nothing, it should give an error. 1517827 - [RFE] Satellite 6: add the ability to choose supported cipher suites for Tomcat 1529099 - [RFE] Users with email address more than 60 characters should be able to login to Satellite GUI 6. Package List: Red Hat Satellite Capsule 6.3: Source: foreman-1.15.6.34-1.el7sat.src.rpm foreman-bootloaders-redhat-201801241201-2.el7sat.src.rpm foreman-discovery-image-3.4.4-1.el7sat.src.rpm foreman-installer-1.15.6.8-1.el7sat.src.rpm foreman-proxy-1.15.6.4-1.el7sat.src.rpm foreman-selinux-1.15.6.2-1.el7sat.src.rpm hiera-1.3.1-2.el7sat.src.rpm katello-3.4.5-15.el7sat.src.rpm katello-certs-tools-2.4.0-1.el7sat.src.rpm katello-client-bootstrap-1.5.1-1.el7sat.src.rpm katello-installer-base-3.4.5.26-1.el7sat.src.rpm katello-selinux-3.0.2-1.el7sat.src.rpm kobo-0.5.1-1.el7sat.src.rpm pulp-2.13.4.6-1.el7sat.src.rpm pulp-docker-2.4.1-2.el7sat.src.rpm pulp-katello-1.0.2-1.el7sat.src.rpm pulp-ostree-1.2.1.1-1.el7sat.src.rpm pulp-puppet-2.13.4-3.el7sat.src.rpm pulp-rpm-2.13.4.8-1.el7sat.src.rpm puppet-foreman_scap_client-0.3.16-1.el7sat.src.rpm python-zope-interface-4.0.5-4.el7.src.rpm redhat-access-insights-puppet-0.0.9-2.el7sat.src.rpm rubygem-kafo-2.0.2-1.el7sat.src.rpm rubygem-kafo_parsers-0.1.6-1.el7sat.src.rpm rubygem-kafo_wizards-0.0.1-2.el7sat.src.rpm rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.src.rpm rubygem-smart_proxy_discovery-1.0.4-3.el7sat.src.rpm rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.src.rpm rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.src.rpm rubygem-smart_proxy_openscap-0.6.9-1.el7sat.src.rpm rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.src.rpm rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.src.rpm rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.src.rpm satellite-6.3.0-23.0.el7sat.src.rpm satellite-installer-6.3.0.12-1.el7sat.src.rpm tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.src.rpm tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.src.rpm noarch: foreman-bootloaders-redhat-201801241201-2.el7sat.noarch.rpm foreman-bootloaders-redhat-tftpboot-201801241201-2.el7sat.noarch.rpm foreman-debug-1.15.6.34-1.el7sat.noarch.rpm foreman-discovery-image-3.4.4-1.el7sat.noarch.rpm foreman-installer-1.15.6.8-1.el7sat.noarch.rpm foreman-installer-katello-3.4.5.26-1.el7sat.noarch.rpm foreman-proxy-1.15.6.4-1.el7sat.noarch.rpm foreman-proxy-content-3.4.5-15.el7sat.noarch.rpm foreman-selinux-1.15.6.2-1.el7sat.noarch.rpm hiera-1.3.1-2.el7sat.noarch.rpm katello-certs-tools-2.4.0-1.el7sat.noarch.rpm katello-client-bootstrap-1.5.1-1.el7sat.noarch.rpm katello-debug-3.4.5-15.el7sat.noarch.rpm katello-installer-base-3.4.5.26-1.el7sat.noarch.rpm katello-selinux-3.0.2-1.el7sat.noarch.rpm katello-service-3.4.5-15.el7sat.noarch.rpm kobo-0.5.1-1.el7sat.noarch.rpm pulp-admin-client-2.13.4.6-1.el7sat.noarch.rpm pulp-docker-admin-extensions-2.4.1-2.el7sat.noarch.rpm pulp-docker-plugins-2.4.1-2.el7sat.noarch.rpm pulp-katello-1.0.2-1.el7sat.noarch.rpm pulp-nodes-child-2.13.4.6-1.el7sat.noarch.rpm pulp-nodes-common-2.13.4.6-1.el7sat.noarch.rpm pulp-nodes-parent-2.13.4.6-1.el7sat.noarch.rpm pulp-ostree-admin-extensions-1.2.1.1-1.el7sat.noarch.rpm pulp-ostree-plugins-1.2.1.1-1.el7sat.noarch.rpm pulp-puppet-admin-extensions-2.13.4-3.el7sat.noarch.rpm pulp-puppet-plugins-2.13.4-3.el7sat.noarch.rpm pulp-rpm-admin-extensions-2.13.4.8-1.el7sat.noarch.rpm pulp-rpm-plugins-2.13.4.8-1.el7sat.noarch.rpm pulp-selinux-2.13.4.6-1.el7sat.noarch.rpm pulp-server-2.13.4.6-1.el7sat.noarch.rpm puppet-foreman_scap_client-0.3.16-1.el7sat.noarch.rpm python-pulp-agent-lib-2.13.4.6-1.el7sat.noarch.rpm python-pulp-bindings-2.13.4.6-1.el7sat.noarch.rpm python-pulp-client-lib-2.13.4.6-1.el7sat.noarch.rpm python-pulp-common-2.13.4.6-1.el7sat.noarch.rpm python-pulp-docker-common-2.4.1-2.el7sat.noarch.rpm python-pulp-oid_validation-2.13.4.6-1.el7sat.noarch.rpm python-pulp-ostree-common-1.2.1.1-1.el7sat.noarch.rpm python-pulp-puppet-common-2.13.4-3.el7sat.noarch.rpm python-pulp-repoauth-2.13.4.6-1.el7sat.noarch.rpm python-pulp-rpm-common-2.13.4.8-1.el7sat.noarch.rpm python-pulp-streamer-2.13.4.6-1.el7sat.noarch.rpm redhat-access-insights-puppet-0.0.9-2.el7sat.noarch.rpm rubygem-kafo-2.0.2-1.el7sat.noarch.rpm rubygem-kafo_parsers-0.1.6-1.el7sat.noarch.rpm rubygem-kafo_wizards-0.0.1-2.el7sat.noarch.rpm rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.noarch.rpm rubygem-smart_proxy_discovery-1.0.4-3.el7sat.noarch.rpm rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.noarch.rpm rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.noarch.rpm rubygem-smart_proxy_openscap-0.6.9-1.el7sat.noarch.rpm rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.noarch.rpm rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.noarch.rpm rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.noarch.rpm satellite-capsule-6.3.0-23.0.el7sat.noarch.rpm satellite-common-6.3.0-23.0.el7sat.noarch.rpm satellite-debug-tools-6.3.0-23.0.el7sat.noarch.rpm satellite-installer-6.3.0.12-1.el7sat.noarch.rpm tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.noarch.rpm x86_64: python-zope-interface-4.0.5-4.el7.x86_64.rpm python-zope-interface-debuginfo-4.0.5-4.el7.x86_64.rpm Red Hat Satellite 6.3: Source: candlepin-2.1.14-1.el7.src.rpm foreman-1.15.6.34-1.el7sat.src.rpm foreman-bootloaders-redhat-201801241201-2.el7sat.src.rpm foreman-discovery-image-3.4.4-1.el7sat.src.rpm foreman-installer-1.15.6.8-1.el7sat.src.rpm foreman-proxy-1.15.6.4-1.el7sat.src.rpm foreman-selinux-1.15.6.2-1.el7sat.src.rpm hiera-1.3.1-2.el7sat.src.rpm katello-3.4.5-15.el7sat.src.rpm katello-certs-tools-2.4.0-1.el7sat.src.rpm katello-client-bootstrap-1.5.1-1.el7sat.src.rpm katello-installer-base-3.4.5.26-1.el7sat.src.rpm katello-selinux-3.0.2-1.el7sat.src.rpm kobo-0.5.1-1.el7sat.src.rpm pulp-2.13.4.6-1.el7sat.src.rpm pulp-docker-2.4.1-2.el7sat.src.rpm pulp-katello-1.0.2-1.el7sat.src.rpm pulp-ostree-1.2.1.1-1.el7sat.src.rpm pulp-puppet-2.13.4-3.el7sat.src.rpm pulp-rpm-2.13.4.8-1.el7sat.src.rpm puppet-foreman_scap_client-0.3.16-1.el7sat.src.rpm python-zope-interface-4.0.5-4.el7.src.rpm redhat-access-insights-puppet-0.0.9-2.el7sat.src.rpm rubygem-foreman_scap_client-0.3.0-2.el7sat.src.rpm rubygem-kafo-2.0.2-1.el7sat.src.rpm rubygem-kafo_parsers-0.1.6-1.el7sat.src.rpm rubygem-kafo_wizards-0.0.1-2.el7sat.src.rpm rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.src.rpm rubygem-smart_proxy_discovery-1.0.4-3.el7sat.src.rpm rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.src.rpm rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.src.rpm rubygem-smart_proxy_openscap-0.6.9-1.el7sat.src.rpm rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.src.rpm rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.src.rpm rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.src.rpm satellite-6.3.0-23.0.el7sat.src.rpm satellite-installer-6.3.0.12-1.el7sat.src.rpm tfm-rubygem-bastion-5.1.1.4-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman-redhat_access-2.0.13-1.el7sat.src.rpm tfm-rubygem-foreman-tasks-0.9.6.4-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_bootdisk-10.0.2.2-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_discovery-9.1.5.3-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_docker-3.1.0.3-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_hooks-0.3.14-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_openscap-0.7.11-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_remote_execution-1.3.7.2-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_templates-5.0.1-1.fm1_15.el7sat.src.rpm tfm-rubygem-foreman_theme_satellite-1.0.4.16-1.el7sat.src.rpm tfm-rubygem-foreman_virt_who_configure-0.1.9-1.fm1_15.el7sat.src.rpm tfm-rubygem-hammer_cli-0.11.0.1-1.el7sat.src.rpm tfm-rubygem-hammer_cli_csv-2.3.0-1.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman-0.11.0.5-1.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_admin-0.0.8-1.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3.3-2.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_discovery-1.0.0-1.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_docker-0.0.6-2.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_openscap-0.1.5-1.fm1_15.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_remote_execution-0.0.6-1.fm1_15.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_tasks-0.0.12-1.fm1_15.el7sat.src.rpm tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.3-1.el7sat.src.rpm tfm-rubygem-hammer_cli_katello-0.11.3.5-1.el7sat.src.rpm tfm-rubygem-katello-3.4.5.58-1.el7sat.src.rpm tfm-rubygem-ovirt_provision_plugin-1.0.2-1.fm1_15.el7sat.src.rpm tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.src.rpm noarch: candlepin-2.1.14-1.el7.noarch.rpm candlepin-selinux-2.1.14-1.el7.noarch.rpm foreman-1.15.6.34-1.el7sat.noarch.rpm foreman-bootloaders-redhat-201801241201-2.el7sat.noarch.rpm foreman-bootloaders-redhat-tftpboot-201801241201-2.el7sat.noarch.rpm foreman-cli-1.15.6.34-1.el7sat.noarch.rpm foreman-compute-1.15.6.34-1.el7sat.noarch.rpm foreman-debug-1.15.6.34-1.el7sat.noarch.rpm foreman-discovery-image-3.4.4-1.el7sat.noarch.rpm foreman-ec2-1.15.6.34-1.el7sat.noarch.rpm foreman-gce-1.15.6.34-1.el7sat.noarch.rpm foreman-installer-1.15.6.8-1.el7sat.noarch.rpm foreman-installer-katello-3.4.5.26-1.el7sat.noarch.rpm foreman-libvirt-1.15.6.34-1.el7sat.noarch.rpm foreman-openstack-1.15.6.34-1.el7sat.noarch.rpm foreman-ovirt-1.15.6.34-1.el7sat.noarch.rpm foreman-postgresql-1.15.6.34-1.el7sat.noarch.rpm foreman-proxy-1.15.6.4-1.el7sat.noarch.rpm foreman-proxy-content-3.4.5-15.el7sat.noarch.rpm foreman-rackspace-1.15.6.34-1.el7sat.noarch.rpm foreman-selinux-1.15.6.2-1.el7sat.noarch.rpm foreman-vmware-1.15.6.34-1.el7sat.noarch.rpm hiera-1.3.1-2.el7sat.noarch.rpm katello-3.4.5-15.el7sat.noarch.rpm katello-certs-tools-2.4.0-1.el7sat.noarch.rpm katello-client-bootstrap-1.5.1-1.el7sat.noarch.rpm katello-common-3.4.5-15.el7sat.noarch.rpm katello-debug-3.4.5-15.el7sat.noarch.rpm katello-installer-base-3.4.5.26-1.el7sat.noarch.rpm katello-selinux-3.0.2-1.el7sat.noarch.rpm katello-service-3.4.5-15.el7sat.noarch.rpm kobo-0.5.1-1.el7sat.noarch.rpm pulp-admin-client-2.13.4.6-1.el7sat.noarch.rpm pulp-docker-admin-extensions-2.4.1-2.el7sat.noarch.rpm pulp-docker-plugins-2.4.1-2.el7sat.noarch.rpm pulp-katello-1.0.2-1.el7sat.noarch.rpm pulp-ostree-admin-extensions-1.2.1.1-1.el7sat.noarch.rpm pulp-ostree-plugins-1.2.1.1-1.el7sat.noarch.rpm pulp-puppet-admin-extensions-2.13.4-3.el7sat.noarch.rpm pulp-puppet-plugins-2.13.4-3.el7sat.noarch.rpm pulp-puppet-tools-2.13.4-3.el7sat.noarch.rpm pulp-rpm-admin-extensions-2.13.4.8-1.el7sat.noarch.rpm pulp-rpm-plugins-2.13.4.8-1.el7sat.noarch.rpm pulp-selinux-2.13.4.6-1.el7sat.noarch.rpm pulp-server-2.13.4.6-1.el7sat.noarch.rpm puppet-foreman_scap_client-0.3.16-1.el7sat.noarch.rpm python-pulp-bindings-2.13.4.6-1.el7sat.noarch.rpm python-pulp-client-lib-2.13.4.6-1.el7sat.noarch.rpm python-pulp-common-2.13.4.6-1.el7sat.noarch.rpm python-pulp-docker-common-2.4.1-2.el7sat.noarch.rpm python-pulp-oid_validation-2.13.4.6-1.el7sat.noarch.rpm python-pulp-ostree-common-1.2.1.1-1.el7sat.noarch.rpm python-pulp-puppet-common-2.13.4-3.el7sat.noarch.rpm python-pulp-repoauth-2.13.4.6-1.el7sat.noarch.rpm python-pulp-rpm-common-2.13.4.8-1.el7sat.noarch.rpm python-pulp-streamer-2.13.4.6-1.el7sat.noarch.rpm redhat-access-insights-puppet-0.0.9-2.el7sat.noarch.rpm rubygem-foreman_scap_client-0.3.0-2.el7sat.noarch.rpm rubygem-kafo-2.0.2-1.el7sat.noarch.rpm rubygem-kafo_parsers-0.1.6-1.el7sat.noarch.rpm rubygem-kafo_wizards-0.0.1-2.el7sat.noarch.rpm rubygem-smart_proxy_dhcp_remote_isc-0.0.2.1-1.fm1_15.el7sat.noarch.rpm rubygem-smart_proxy_discovery-1.0.4-3.el7sat.noarch.rpm rubygem-smart_proxy_discovery_image-1.0.9-1.el7sat.noarch.rpm rubygem-smart_proxy_dynflow-0.1.10-1.el7sat.noarch.rpm rubygem-smart_proxy_openscap-0.6.9-1.el7sat.noarch.rpm rubygem-smart_proxy_pulp-1.3.0-1.git.0.b5c2768.el7sat.noarch.rpm rubygem-smart_proxy_remote_execution_ssh-0.1.6-1.el7sat.noarch.rpm rubygem-tilt-1.3.7-2.git.0.3b416c9.el7sat.noarch.rpm satellite-6.3.0-23.0.el7sat.noarch.rpm satellite-capsule-6.3.0-23.0.el7sat.noarch.rpm satellite-cli-6.3.0-23.0.el7sat.noarch.rpm satellite-common-6.3.0-23.0.el7sat.noarch.rpm satellite-debug-tools-6.3.0-23.0.el7sat.noarch.rpm satellite-installer-6.3.0.12-1.el7sat.noarch.rpm tfm-rubygem-bastion-5.1.1.4-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman-redhat_access-2.0.13-1.el7sat.noarch.rpm tfm-rubygem-foreman-tasks-0.9.6.4-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman-tasks-core-0.1.8-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_bootdisk-10.0.2.2-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_discovery-9.1.5.3-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_docker-3.1.0.3-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_hooks-0.3.14-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_openscap-0.7.11-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_remote_execution-1.3.7.2-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_remote_execution_core-1.0.6-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_templates-5.0.1-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-foreman_theme_satellite-1.0.4.16-1.el7sat.noarch.rpm tfm-rubygem-foreman_virt_who_configure-0.1.9-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-hammer_cli-0.11.0.1-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_csv-2.3.0-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman-0.11.0.5-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_admin-0.0.8-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_bootdisk-0.1.3.3-2.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_discovery-1.0.0-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_docker-0.0.6-2.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_openscap-0.1.5-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_remote_execution-0.0.6-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_tasks-0.0.12-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-hammer_cli_foreman_virt_who_configure-0.0.3-1.el7sat.noarch.rpm tfm-rubygem-hammer_cli_katello-0.11.3.5-1.el7sat.noarch.rpm tfm-rubygem-katello-3.4.5.58-1.el7sat.noarch.rpm tfm-rubygem-katello_ostree-3.4.5.58-1.el7sat.noarch.rpm tfm-rubygem-ovirt_provision_plugin-1.0.2-1.fm1_15.el7sat.noarch.rpm tfm-rubygem-smart_proxy_dynflow_core-0.1.10-1.fm1_15.el7sat.noarch.rpm x86_64: python-zope-interface-4.0.5-4.el7.x86_64.rpm python-zope-interface-debuginfo-4.0.5-4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-6459 https://access.redhat.com/security/cve/CVE-2014-8183 https://access.redhat.com/security/cve/CVE-2016-1669 https://access.redhat.com/security/cve/CVE-2016-3693 https://access.redhat.com/security/cve/CVE-2016-3696 https://access.redhat.com/security/cve/CVE-2016-3704 https://access.redhat.com/security/cve/CVE-2016-4451 https://access.redhat.com/security/cve/CVE-2016-4995 https://access.redhat.com/security/cve/CVE-2016-4996 https://access.redhat.com/security/cve/CVE-2016-6319 https://access.redhat.com/security/cve/CVE-2016-8639 https://access.redhat.com/security/cve/CVE-2016-9593 https://access.redhat.com/security/cve/CVE-2016-9595 https://access.redhat.com/security/cve/CVE-2017-2667 https://access.redhat.com/security/cve/CVE-2017-2672 https://access.redhat.com/documentation/en-us/red_hat_satellite/6.3/html/release_notes/ https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD4DBQFajWeIXlSAg2UNWIIRAouJAJwLI5jDnwjjh/YkDnJr5isfv4XalgCYmy9X 5E6G5050kzOcXtMs4tVO/g== =7PmO -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce