Headline
RHSA-2023:4708: Red Hat Security Advisory: subscription-manager security update
An update for subscription-manager is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.
Synopsis
Important: subscription-manager security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for subscription-manager is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Security Fix(es):
- subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
- Red Hat Enterprise Linux Server - AUS 9.2 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x
Fixes
- BZ - 2225407 - CVE-2023-3899 subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration
Red Hat Enterprise Linux for x86_64 9
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
x86_64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eedce79cac3bfddbf4ebae5e583992a74e3ee309bd24d5be01104cb6a056aeb6
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: b09d1d56ca25180e9e83927ca95780cf44fb0955934d890fefe248b7847b8849
python3-cloud-what-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 8b7bcc56b1717f4d797b6dda5ad81528de94963d6a44da8701dd77c41712a1a9
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 1c4c75fc482772ea01de2c968904594bfa11af5aae4c0513f5cb42587a39608e
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eafae677035e74a6a389813d35a607cc4b000982ab8e8600e8b54f94897acefc
subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 44356bcdfed9967556e649d65c622edf0c4380c82e279c7eaab9c13de00e8c57
subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: c8e02fc577856f7ad8992b9d9f3b5a9926eab61a6f14bc7d5f63db90ad8c3d40
subscription-manager-debugsource-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 78da243077759abbcda6f67a21af8ccdf8c455409e34f462a13635967ac8f857
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 2096fd199be670619b0256038f237c89cb86f68841134880919d1bdef493b49b
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
x86_64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eedce79cac3bfddbf4ebae5e583992a74e3ee309bd24d5be01104cb6a056aeb6
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: b09d1d56ca25180e9e83927ca95780cf44fb0955934d890fefe248b7847b8849
python3-cloud-what-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 8b7bcc56b1717f4d797b6dda5ad81528de94963d6a44da8701dd77c41712a1a9
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 1c4c75fc482772ea01de2c968904594bfa11af5aae4c0513f5cb42587a39608e
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eafae677035e74a6a389813d35a607cc4b000982ab8e8600e8b54f94897acefc
subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 44356bcdfed9967556e649d65c622edf0c4380c82e279c7eaab9c13de00e8c57
subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: c8e02fc577856f7ad8992b9d9f3b5a9926eab61a6f14bc7d5f63db90ad8c3d40
subscription-manager-debugsource-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 78da243077759abbcda6f67a21af8ccdf8c455409e34f462a13635967ac8f857
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 2096fd199be670619b0256038f237c89cb86f68841134880919d1bdef493b49b
Red Hat Enterprise Linux Server - AUS 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
x86_64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eedce79cac3bfddbf4ebae5e583992a74e3ee309bd24d5be01104cb6a056aeb6
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: b09d1d56ca25180e9e83927ca95780cf44fb0955934d890fefe248b7847b8849
python3-cloud-what-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 8b7bcc56b1717f4d797b6dda5ad81528de94963d6a44da8701dd77c41712a1a9
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 1c4c75fc482772ea01de2c968904594bfa11af5aae4c0513f5cb42587a39608e
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eafae677035e74a6a389813d35a607cc4b000982ab8e8600e8b54f94897acefc
subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 44356bcdfed9967556e649d65c622edf0c4380c82e279c7eaab9c13de00e8c57
subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: c8e02fc577856f7ad8992b9d9f3b5a9926eab61a6f14bc7d5f63db90ad8c3d40
subscription-manager-debugsource-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 78da243077759abbcda6f67a21af8ccdf8c455409e34f462a13635967ac8f857
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 2096fd199be670619b0256038f237c89cb86f68841134880919d1bdef493b49b
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
s390x
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f4e3adb8724e12819a985ce75886fedd201c310a2b5d40497e3d49c576add51e
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 87252b1a9d479e611daecec3efabac8ebc548b5a7b918b3a7ac258bac0a9834b
python3-cloud-what-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 82f6554ca32732e39d6bb69138283ca30d71afd288c5f02004f8b243b9c226f1
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8575f73cba0259f69ac2fa93b7b43c1ea1c32f4b420cfd91d4f6c522c1f0f868
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: b8625f7b79de144e66eda45197b8f879a75024197381949a8f648389b61b07fa
subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 9cabe3de2ffcb0222e11297e422f8640d60d563a4a89ae234da3172a88279e22
subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8c6b7782200d9b70a9cbb86638b461248cc8d7d46f54dfb2a75913f0a552bbdf
subscription-manager-debugsource-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 15c41f195c7f875e0af9a7b7b78e359e319363e784052820ce0885444a930e20
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f690047f7b36d984cd0bd90acb8669c858254964565cae214ffa5b62487c3a42
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
s390x
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f4e3adb8724e12819a985ce75886fedd201c310a2b5d40497e3d49c576add51e
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 87252b1a9d479e611daecec3efabac8ebc548b5a7b918b3a7ac258bac0a9834b
python3-cloud-what-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 82f6554ca32732e39d6bb69138283ca30d71afd288c5f02004f8b243b9c226f1
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8575f73cba0259f69ac2fa93b7b43c1ea1c32f4b420cfd91d4f6c522c1f0f868
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: b8625f7b79de144e66eda45197b8f879a75024197381949a8f648389b61b07fa
subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 9cabe3de2ffcb0222e11297e422f8640d60d563a4a89ae234da3172a88279e22
subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8c6b7782200d9b70a9cbb86638b461248cc8d7d46f54dfb2a75913f0a552bbdf
subscription-manager-debugsource-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 15c41f195c7f875e0af9a7b7b78e359e319363e784052820ce0885444a930e20
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f690047f7b36d984cd0bd90acb8669c858254964565cae214ffa5b62487c3a42
Red Hat Enterprise Linux for Power, little endian 9
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
ppc64le
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 12e98863491b16fcd1d582bc45f3f4cbbbf73612b5ecb2fcf97cacd681e3f6c8
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 7a30c264e55e0d62550d5c143fdce048b58e1587b36b31105a2c587d6bcf6459
python3-cloud-what-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 9731ea205dba8be3454483e40428a037747095baafeb5def67f40f23f7521b61
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e9384741b9627f182b10def3ea7098b5bdcfd9256a574e0bf1f1d9d8bc9a45d4
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 27e7b18d4f5061156ac77213925173a2d3fc4c8461ab8f71c4952db1a2712e02
subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: d2f08e8c669fd73f7af98da697a8d16bf64652525f22fc02fd2449dd28c39805
subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: fdc5e5392f95bd5019051ac43bb968cef847953c1b98610e07b945d980c25e7d
subscription-manager-debugsource-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e28950579fbf808f84dc5b9f57b188743d00182c7b6a46bf160cc971b85c0d38
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: b496c795dbf5a5b66066f8aa38bbc4d959de5e834a9d7df3b9f3f9f26b5786c1
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
ppc64le
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 12e98863491b16fcd1d582bc45f3f4cbbbf73612b5ecb2fcf97cacd681e3f6c8
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 7a30c264e55e0d62550d5c143fdce048b58e1587b36b31105a2c587d6bcf6459
python3-cloud-what-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 9731ea205dba8be3454483e40428a037747095baafeb5def67f40f23f7521b61
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e9384741b9627f182b10def3ea7098b5bdcfd9256a574e0bf1f1d9d8bc9a45d4
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 27e7b18d4f5061156ac77213925173a2d3fc4c8461ab8f71c4952db1a2712e02
subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: d2f08e8c669fd73f7af98da697a8d16bf64652525f22fc02fd2449dd28c39805
subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: fdc5e5392f95bd5019051ac43bb968cef847953c1b98610e07b945d980c25e7d
subscription-manager-debugsource-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e28950579fbf808f84dc5b9f57b188743d00182c7b6a46bf160cc971b85c0d38
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: b496c795dbf5a5b66066f8aa38bbc4d959de5e834a9d7df3b9f3f9f26b5786c1
Red Hat Enterprise Linux for ARM 64 9
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
aarch64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 91e34cb96766b95d2c986f8156a119fffe3e090a1587cdd0cb0544ad69f8696b
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 3728da48afe3727c602d3f5e7b0726d07924fb94cc8f499ac6860c8dbac77eca
python3-cloud-what-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5c637ed59222acf4bcab6e3aa57de885c1c12b4b4bd5f60d950a8afb86cf7021
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 0d3a0ec5ff85bc07ff080469015f4afb3c1743e7099bf2d5bfc29c61c7df5f06
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: a67f0bdd9d44e827cb36b0bb16e83ced34dfabb65977ecd5990aca1c899e19ad
subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5036b4173447119516da763c719607d0952056ae42e031464fa38a2ee9bafb56
subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: aef367f237ac9b9ea53f1743bf7c7f85acc776f7746abf04188c22930f27fca1
subscription-manager-debugsource-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 055663d57e42d2076c255a146bb26303fc3e7bb1795318b8c1fae4500be2b120
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: ce510f6f162dee0e6c21447589a0683060f4a7268e557ddb408c58a2ab709a05
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
aarch64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 91e34cb96766b95d2c986f8156a119fffe3e090a1587cdd0cb0544ad69f8696b
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 3728da48afe3727c602d3f5e7b0726d07924fb94cc8f499ac6860c8dbac77eca
python3-cloud-what-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5c637ed59222acf4bcab6e3aa57de885c1c12b4b4bd5f60d950a8afb86cf7021
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 0d3a0ec5ff85bc07ff080469015f4afb3c1743e7099bf2d5bfc29c61c7df5f06
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: a67f0bdd9d44e827cb36b0bb16e83ced34dfabb65977ecd5990aca1c899e19ad
subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5036b4173447119516da763c719607d0952056ae42e031464fa38a2ee9bafb56
subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: aef367f237ac9b9ea53f1743bf7c7f85acc776f7746abf04188c22930f27fca1
subscription-manager-debugsource-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 055663d57e42d2076c255a146bb26303fc3e7bb1795318b8c1fae4500be2b120
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: ce510f6f162dee0e6c21447589a0683060f4a7268e557ddb408c58a2ab709a05
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
ppc64le
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 12e98863491b16fcd1d582bc45f3f4cbbbf73612b5ecb2fcf97cacd681e3f6c8
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 7a30c264e55e0d62550d5c143fdce048b58e1587b36b31105a2c587d6bcf6459
python3-cloud-what-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 9731ea205dba8be3454483e40428a037747095baafeb5def67f40f23f7521b61
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e9384741b9627f182b10def3ea7098b5bdcfd9256a574e0bf1f1d9d8bc9a45d4
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: 27e7b18d4f5061156ac77213925173a2d3fc4c8461ab8f71c4952db1a2712e02
subscription-manager-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: d2f08e8c669fd73f7af98da697a8d16bf64652525f22fc02fd2449dd28c39805
subscription-manager-debuginfo-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: fdc5e5392f95bd5019051ac43bb968cef847953c1b98610e07b945d980c25e7d
subscription-manager-debugsource-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: e28950579fbf808f84dc5b9f57b188743d00182c7b6a46bf160cc971b85c0d38
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.ppc64le.rpm
SHA-256: b496c795dbf5a5b66066f8aa38bbc4d959de5e834a9d7df3b9f3f9f26b5786c1
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
x86_64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eedce79cac3bfddbf4ebae5e583992a74e3ee309bd24d5be01104cb6a056aeb6
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: b09d1d56ca25180e9e83927ca95780cf44fb0955934d890fefe248b7847b8849
python3-cloud-what-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 8b7bcc56b1717f4d797b6dda5ad81528de94963d6a44da8701dd77c41712a1a9
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 1c4c75fc482772ea01de2c968904594bfa11af5aae4c0513f5cb42587a39608e
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: eafae677035e74a6a389813d35a607cc4b000982ab8e8600e8b54f94897acefc
subscription-manager-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 44356bcdfed9967556e649d65c622edf0c4380c82e279c7eaab9c13de00e8c57
subscription-manager-debuginfo-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: c8e02fc577856f7ad8992b9d9f3b5a9926eab61a6f14bc7d5f63db90ad8c3d40
subscription-manager-debugsource-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 78da243077759abbcda6f67a21af8ccdf8c455409e34f462a13635967ac8f857
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.x86_64.rpm
SHA-256: 2096fd199be670619b0256038f237c89cb86f68841134880919d1bdef493b49b
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
aarch64
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 91e34cb96766b95d2c986f8156a119fffe3e090a1587cdd0cb0544ad69f8696b
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 3728da48afe3727c602d3f5e7b0726d07924fb94cc8f499ac6860c8dbac77eca
python3-cloud-what-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5c637ed59222acf4bcab6e3aa57de885c1c12b4b4bd5f60d950a8afb86cf7021
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 0d3a0ec5ff85bc07ff080469015f4afb3c1743e7099bf2d5bfc29c61c7df5f06
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: a67f0bdd9d44e827cb36b0bb16e83ced34dfabb65977ecd5990aca1c899e19ad
subscription-manager-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 5036b4173447119516da763c719607d0952056ae42e031464fa38a2ee9bafb56
subscription-manager-debuginfo-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: aef367f237ac9b9ea53f1743bf7c7f85acc776f7746abf04188c22930f27fca1
subscription-manager-debugsource-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: 055663d57e42d2076c255a146bb26303fc3e7bb1795318b8c1fae4500be2b120
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.aarch64.rpm
SHA-256: ce510f6f162dee0e6c21447589a0683060f4a7268e557ddb408c58a2ab709a05
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2
SRPM
subscription-manager-1.29.33.1-2.el9_2.src.rpm
SHA-256: b25f9add75d71d05b18b0127082abaa302a79f1b8af8445ba5373d81ea966e16
s390x
libdnf-plugin-subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f4e3adb8724e12819a985ce75886fedd201c310a2b5d40497e3d49c576add51e
libdnf-plugin-subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 87252b1a9d479e611daecec3efabac8ebc548b5a7b918b3a7ac258bac0a9834b
python3-cloud-what-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 82f6554ca32732e39d6bb69138283ca30d71afd288c5f02004f8b243b9c226f1
python3-subscription-manager-rhsm-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8575f73cba0259f69ac2fa93b7b43c1ea1c32f4b420cfd91d4f6c522c1f0f868
python3-subscription-manager-rhsm-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: b8625f7b79de144e66eda45197b8f879a75024197381949a8f648389b61b07fa
subscription-manager-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 9cabe3de2ffcb0222e11297e422f8640d60d563a4a89ae234da3172a88279e22
subscription-manager-debuginfo-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 8c6b7782200d9b70a9cbb86638b461248cc8d7d46f54dfb2a75913f0a552bbdf
subscription-manager-debugsource-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: 15c41f195c7f875e0af9a7b7b78e359e319363e784052820ce0885444a930e20
subscription-manager-plugin-ostree-1.29.33.1-2.el9_2.s390x.rpm
SHA-256: f690047f7b36d984cd0bd90acb8669c858254964565cae214ffa5b62487c3a42
Related news
Red Hat Security Advisory 2023-5421-01 - Multicluster Engine for Kubernetes 2.3.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.
Red Hat Security Advisory 2023-5095-01 - Logging Subsystem 5.6.11 - Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.
Red Hat Security Advisory 2023-5096-01 - Logging Subsystem 5.5.16 - Red Hat OpenShift security update. Red Hat Product Security has rated this update as having a security impact of Moderate.
Red Hat Security Advisory 2023-5175-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2023-5174-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.
Red Hat Security Advisory 2023-4933-01 - Logging Subsystem 5.7.6 addresses an issues where LokiStack authorization is cached too broadly.
Logging Subsystem 5.7.6 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4456: A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.
Red Hat OpenShift Container Platform release 4.11.49 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-46146: A flaw was found in exporter-toolkit. A request can be forged by an attacker to poison the internal cache used to cache hashes and make subsequent successful requests. This cache is ...
Red Hat Security Advisory 2023-5029-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4980-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.7 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-4731-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.10.
Red Hat Security Advisory 2023-4730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.10.
Red Hat Security Advisory 2023-4706-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4705-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4702-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4708-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4701-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4707-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
Red Hat Security Advisory 2023-4704-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.
A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.
An update for subscription-manager is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() me...
An update for subscription-manager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged loca...
An update for subscription-manager is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 e...
An update for subscription-manager is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a signific...
An update for subscription-manager is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3899: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.S...