Headline
RHSA-2022:4866: Red Hat Security Advisory: Satellite Tools 6.10.5 Async Bug Fix Update
Updated Satellite 6.10 Tools packages that fix several bugs are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-27023: puppet: unsafe HTTP redirect
- CVE-2021-27025: puppet: silent configuration failure in agent
Synopsis
Important: Satellite Tools 6.10.5 Async Bug Fix Update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
Updated Satellite 6.10 Tools packages that fix several bugs are now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Bugs Fixed:
2023853 CVE-2021-27025 puppet: silent configuration failure in agent
2023859 CVE-2021-27023 puppet: unsafe HTTP redirect
2027254 CVE-2021-27025 CVE-2021-27023 CVE-2021-27025 puppet: multiple flaws in Satellite Tools [rhn_satellite_6.10]
Security Fix(es):
- Puppet Agent: Unsafe HTTP redirect (CVE-2021-27023)
- Puppet Agent: Silent configuration failure in agent (CVE-2021-27025)
Users of Red Hat Satellite Tools on all Red Hat Enterprise Linux versions are advised to upgrade to these updated packages.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - AUS 7.7 x86_64
- Red Hat Enterprise Linux Server - AUS 7.6 x86_64
- Red Hat Enterprise Linux Server - AUS 7.4 x86_64
- Red Hat Enterprise Linux Server - AUS 7.3 x86_64
- Red Hat Enterprise Linux Server - AUS 7.2 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 7.7 x86_64
- Red Hat Enterprise Linux Server - TUS 7.6 x86_64
- Red Hat Enterprise Linux Server - TUS 7.4 x86_64
- Red Hat Enterprise Linux for ARM 64 7 aarch64
- Red Hat Enterprise Linux for Power 9 7 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4 ppc64le
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4 x86_64
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.2 x86_64
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1 x86_64
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.7 x86_64
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.6 x86_64
- Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.4 x86_64
Fixes
- BZ - 2023853 - CVE-2021-27025 puppet: silent configuration failure in agent
- BZ - 2023859 - CVE-2021-27023 puppet: unsafe HTTP redirect
Red Hat Enterprise Linux for x86_64 8
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.2
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.1
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server - AUS 7.7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - AUS 7.6
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - AUS 7.4
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - AUS 7.3
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - AUS 7.2
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM
puppet-agent-6.26.0-1.el6sat.src.rpm
SHA-256: 62d009f696f01fc2a9033ab10c9d860974b7ec96687a5dc0330a14c29de87c29
x86_64
puppet-agent-6.26.0-1.el6sat.x86_64.rpm
SHA-256: 4f59e59517f5d667d22b1441232dbac7f8b236eb3e2bafcb581f1f43fe334aba
i386
puppet-agent-6.26.0-1.el6sat.i686.rpm
SHA-256: e65275744345b4912fe96bf64a1bd0030201f3dd021c65f74c706d301554a59a
Red Hat Enterprise Linux Workstation 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Desktop 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux for Power, little endian 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
ppc64le
puppet-agent-6.26.0-1.el7sat.ppc64le.rpm
SHA-256: 1fb931dade617d7e0be5e64fb568ed8ecbcc11132f159b4ad6b6f82a19e34de5
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server - TUS 7.7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - TUS 7.6
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server - TUS 7.4
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux for ARM 64 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
aarch64
puppet-agent-6.26.0-1.el7sat.aarch64.rpm
SHA-256: e16fa95ab588605f64527e74a544cd7e5e94d4c07e6c809d266f0d3fac3f9a1e
Red Hat Enterprise Linux for Power 9 7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
ppc64le
puppet-agent-6.26.0-1.el7sat.ppc64le.rpm
SHA-256: 1fb931dade617d7e0be5e64fb568ed8ecbcc11132f159b4ad6b6f82a19e34de5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
ppc64le
puppet-agent-6.26.0-1.el7sat.ppc64le.rpm
SHA-256: 1fb931dade617d7e0be5e64fb568ed8ecbcc11132f159b4ad6b6f82a19e34de5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
ppc64le
puppet-agent-6.26.0-1.el7sat.ppc64le.rpm
SHA-256: 1fb931dade617d7e0be5e64fb568ed8ecbcc11132f159b4ad6b6f82a19e34de5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
ppc64le
puppet-agent-6.26.0-1.el7sat.ppc64le.rpm
SHA-256: 1fb931dade617d7e0be5e64fb568ed8ecbcc11132f159b4ad6b6f82a19e34de5
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.4
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.2
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 8.1
SRPM
puppet-agent-6.26.0-1.el8sat.src.rpm
SHA-256: d5506ab42c4f2ad0f766eacd028d4be7bf5949c9db9c04f80ec44ab954b4aabc
x86_64
puppet-agent-6.26.0-1.el8sat.x86_64.rpm
SHA-256: 7b3f96edf02b0d52d076e4137d48060ac307275222dba68aaa7e9b5bfb99bb92
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.7
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.6
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.4
SRPM
puppet-agent-6.26.0-1.el7sat.src.rpm
SHA-256: 4b54010a91ee8ffafe075b64c4003ad988d42c9316766dddd1fa73fcb4e25bfd
x86_64
puppet-agent-6.26.0-1.el7sat.x86_64.rpm
SHA-256: 6cb336f7438068db6128648f43bf826a8a3b096954f92537d4eaefe286304e06
Related news
Red Hat Security Advisory 2022-8862-01 - An update for puppet is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.
An update for puppet is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27025: puppet: silent configuration failure in agent
An update for puppet is now available for Red Hat OpenStack Platform 16.2.4 (Train). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27025: puppet: silent configuration failure in agent
Red Hat Security Advisory 2022-4866-01 - Updated Satellite 6.10 Tools packages that fix several bugs are now available.
Red Hat Security Advisory 2022-4867-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.
Updated Satellite 6.9 Tools packages that fix several bugs are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect * CVE-2021-27025: puppet: silent configuration failure in agent
Updated Satellite 6.9 Tools packages that fix several bugs are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-27023: puppet: unsafe HTTP redirect * CVE-2021-27025: puppet: silent configuration failure in agent