RLSA-2023:6818

See a problem?
Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2023:6818.json
JSON Data
https://api.osv.dev/v1/vulns/RLSA-2023:6818
Related
Published
2023-11-11T22:58:57.641828Z
Modified
2023-11-11T23:01:08.418270Z
Summary
Important: Satellite 6.14 security and bug fix update
Details

Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.

Security Fix(es):

  • golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325)

  • HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

  • GitPython: Insecure non-multi options in clone and clone_from is not blocked (CVE-2023-40267)

  • kubeclient: kubeconfig parsing error can lead to MITM attacks (CVE-2022-0759)

  • foreman: OS command injection via ctcommand and fcctcommand (CVE-2022-3874)

  • ruby-git: code injection vulnerability (CVE-2022-46648)

  • ruby-git: code injection vulnerability (CVE-2022-47318)

  • Foreman: Arbitrary code execution through templates (CVE-2023-0118)

  • rubygem-activerecord: SQL Injection (CVE-2023-22794)

  • openssl: c_rehash script allows command injection (CVE-2022-1292)

  • openssl: the c_rehash script allows command injection (CVE-2022-2068)

  • Pulp:Tokens stored in plaintext (CVE-2022-3644)

  • satellite: Blind SSRF via Referer header (CVE-2022-4130)

  • python-future: remote attackers can cause denial of service via crafted Set-Cookie header from malicious web server (CVE-2022-40899)

  • golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)

  • rubygem-activerecord: Denial of Service (CVE-2022-44566)

  • rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44570)

  • rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44571)

  • rubygem-rack: denial of service in Content-Disposition parsing (CVE-2022-44572)

  • Foreman: Stored cross-site scripting in host tab (CVE-2023-0119)

  • puppet: Puppet Server ReDoS (CVE-2023-1894)

  • rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22792)

  • rubygem-actionpack: Denial of Service in Action Dispatch (CVE-2023-22795)

  • rubygem-activesupport: Regular Expression Denial of Service (CVE-2023-22796)

  • rubygem-globalid: ReDoS vulnerability (CVE-2023-22799)

  • rubygem-rack: Denial of service in Multipart MIME parsing (CVE-2023-27530)

  • rubygem-rack: denial of service in header parsing (CVE-2023-27539)

  • golang: net/http: insufficient sanitization of Host header (CVE-2023-29406)

  • sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) (CVE-2023-30608)

  • python-django: Potential bypass of validation when uploading multiple files using one form field (CVE-2023-31047)

  • python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)

  • python-django: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator (CVE-2023-36053)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

This update also fixes several bugs and adds various enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.

References
Credits
    • Rocky Enterprise Software Foundation
    • Red Hat

Affected packages