Lucene search

RedHatRHSA-2019:0734

HistoryApr 09, 2019 - 5:15 p.m.

(RHSA-2019:0734) Important: katello-installer-base security and enhancement update

2019-04-0917:15:39

access.redhat.com

5.2 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:S/C:P/I:P/A:P

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix.

Security Fix(es):

qpid-dispatch-router: QMF methods exposed to goferd via qdrouterd (CVE-2019-3845)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Pavel Moravec (Red Hat).

OSVersionArchitecturePackageVersionFilename
RedHat6noarchsatellite< 6.2.16.1-1.0.el6satsatellite-6.2.16.1-1.0.el6sat.noarch.rpm
RedHat7noarchsatellite-cli< 6.2.16.1-1.0.el7satsatellite-cli-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat7noarchtfm-rubygem-katello_ostree< 3.0.0.171-1.el7sattfm-rubygem-katello_ostree-3.0.0.171-1.el7sat.noarch.rpm
RedHat6x86_64qpid-proton-c< 0.16.0-12.el6satqpid-proton-c-0.16.0-12.el6sat.x86_64.rpm
RedHat7noarchpython-qpid< 1.35.0-5.el7python-qpid-1.35.0-5.el7.noarch.rpm
RedHat7x86_64tfm-rubygem-qpid_messaging-debuginfo< 1.36.0-6.el7sattfm-rubygem-qpid_messaging-debuginfo-1.36.0-6.el7sat.x86_64.rpm
RedHat7x86_64qpid-qmf< 1.36.0-19.el7qpid-qmf-1.36.0-19.el7.x86_64.rpm
RedHat7noarchsatellite-debug-tools< 6.2.16.1-1.0.el7satsatellite-debug-tools-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat7noarchsatellite< 6.2.16.1-1.0.el7satsatellite-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat7x86_64qpid-proton-c< 0.16.0-12.el7satqpid-proton-c-0.16.0-12.el7sat.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	6	noarch	satellite	< 6.2.16.1-1.0.el6sat	satellite-6.2.16.1-1.0.el6sat.noarch.rpm
RedHat	7	noarch	satellite-cli	< 6.2.16.1-1.0.el7sat	satellite-cli-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat	7	noarch	tfm-rubygem-katello_ostree	< 3.0.0.171-1.el7sat	tfm-rubygem-katello_ostree-3.0.0.171-1.el7sat.noarch.rpm
RedHat	6	x86_64	qpid-proton-c	< 0.16.0-12.el6sat	qpid-proton-c-0.16.0-12.el6sat.x86_64.rpm
RedHat	7	noarch	python-qpid	< 1.35.0-5.el7	python-qpid-1.35.0-5.el7.noarch.rpm
RedHat	7	x86_64	tfm-rubygem-qpid_messaging-debuginfo	< 1.36.0-6.el7sat	tfm-rubygem-qpid_messaging-debuginfo-1.36.0-6.el7sat.x86_64.rpm
RedHat	7	x86_64	qpid-qmf	< 1.36.0-19.el7	qpid-qmf-1.36.0-19.el7.x86_64.rpm
RedHat	7	noarch	satellite-debug-tools	< 6.2.16.1-1.0.el7sat	satellite-debug-tools-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat	7	noarch	satellite	< 6.2.16.1-1.0.el7sat	satellite-6.2.16.1-1.0.el7sat.noarch.rpm
RedHat	7	x86_64	qpid-proton-c	< 0.16.0-12.el7sat	qpid-proton-c-0.16.0-12.el7sat.x86_64.rpm

Rows per page:

1-10 of 551

5.2 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:S/C:P/I:P/A:P

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for RHSA-2019:0734