RHSA-2023:1630: Important: Satellite 6.12.3 Async Security Update

Published Apr 4, 2023
·
Updated

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.Security fix(es): Candlepin: PreparedStatement.setText(int, InputStream) will create a temporary file if the InputStream is larger than 2k (CVE-2022-41946) This update fixes the following bugs:2163538 - Pages Blank2174984 - Getting 'null value in column \"imagemanifestid\" violates not-null constraint' when syncing openstack container repos2174987 - (Regression of 2033940) Error: AttributeError: 'NoneType' object has no attribute 'cast' thrown while listing repository versions2174994 - VMware Image based Provisioning fails with error- : Could not find virtual machine network interface matching <IP>2174997 - Package and Errata actions on content hosts selected using the "select all hosts" option fails.2174998 - Subscription can't be blank, A Pool and its Subscription cannot belong to different organizations2175002 - Getting "undefined method schemaversion' for nil:NilClass" while syncing from quay.io2175005 - New kickstartkerneloptions snippet breaks UEFI (Grub2) PXE provisioning when bootmode is static2175008 - RHEL 9 as Guest OS is not available on Satellite 6.11 2174995 - Health check should use hostname -f2175007 - [regression] data.yml is referring to old sync plain id which does not exist in katellosyncplans2176272 - new wait task introduced by rhcloud 6.0.44 is not recognized by maintain as OK to interrupt 2175010 - Some custom repositories are failing to synchorize with error "This field may not be blank" after upgrading to Red Hat Satellite 6.112176922 - [RFE] Need syncable yum-format repository imports 2175003 - Can't perform incremental content exports in syncable format Users of Red Hat Satellite are advised to upgrade to these updated packages, which fix these bugs.

Affected Software

30 affected componentsFixes available
redhat/candlepin<4.1.20-1.el8
4.1.20-1.el8
redhat/foreman<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/python-django<3.2.16-1.el8
3.2.16-1.el8
redhat/python-pulp-container<2.10.12-1.el8
2.10.12-1.el8
redhat/python-pulpcore<3.18.16-1.el8
3.18.16-1.el8
redhat/rubygem-fog-vsphere<3.6.0-1.el8
3.6.0-1.el8
redhat/rubygem-katello<4.5.0.32-1.el8
4.5.0.32-1.el8
redhat/rubygem-optimist<3.0.1-1.el8
3.0.1-1.el8
redhat/rubygem-rbvmomi2<3.6.0-2.el8
3.6.0-2.el8
redhat/satellite<6.12.3-1.el8
6.12.3-1.el8
redhat/candlepin-selinux<4.1.20-1.el8
4.1.20-1.el8
redhat/foreman-cli<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-debug<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-dynflow-sidekiq<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-ec2<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-gce<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-journald<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-libvirt<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-openstack<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-ovirt<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-postgresql<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-service<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-telemetry<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/foreman-vmware<3.3.0.21-2.el8
3.3.0.21-2.el8
redhat/python39-django<3.2.16-1.el8
3.2.16-1.el8
redhat/python39-pulp-container<2.10.12-1.el8
2.10.12-1.el8
redhat/python39-pulpcore<3.18.16-1.el8
3.18.16-1.el8
redhat/satellite-cli<6.12.3-1.el8
6.12.3-1.el8
redhat/satellite-common<6.12.3-1.el8
6.12.3-1.el8
redhat/satellite-capsule<6.12.3-1.el8
6.12.3-1.el8

Remediation

Event History

Feb 16, 2026
Advisory Published
via Red Hat·07:51 PM
Data Sourced
via Red Hat·07:51 PM
RemedyDescriptionAffected Software
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of RHSA-2023:1630?

The severity of RHSA-2023:1630 is classified as important.

2

How do I fix RHSA-2023:1630?

To fix RHSA-2023:1630, update the affected packages to their recommended versions provided in the advisory.

3

Which packages are affected by RHSA-2023:1630?

RHSA-2023:1630 affects several packages including candlepin, foreman, python-django, and satellite among others.

4

Is RHSA-2023:1630 a critical vulnerability?

No, RHSA-2023:1630 is categorized as important but not critical.

5

When was the RHSA-2023:1630 advisory released?

The RHSA-2023:1630 advisory was released in 2023, specifically the details can be found in Red Hat's official advisory.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203