-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.0754
 Moderate: subscription-manager security, bug fix, and enhancement update
                               22 March 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           subscription-manager
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 6
                   Red Hat Enterprise Linux WS/Desktop 6
Impact/Access:     Access Confidential Data -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-4455  

Reference:         ESB-2016.2616

Original Bulletin: 
   https://rhn.redhat.com/errata/RHSA-2017-0698.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: subscription-manager security, bug fix, and enhancement update
Advisory ID:       RHSA-2017:0698-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2017-0698.html
Issue date:        2017-03-21
CVE Names:         CVE-2016-4455 
=====================================================================

1. Summary:

An update for subscription-manager, subscription-manager-migration-data,
and python-rhsm is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The subscription-manager packages provide programs and libraries to allow
users to manage subscriptions and yum repositories from the Red Hat
entitlement platform.

The subscription-manager-migration-data package provides certificates for
migrating a system from the legacy Red Hat Network Classic (RHN) to Red Hat
Subscription Management (RHSM).

The python-rhsm packages provide a library for communicating with the
representational state transfer (REST) interface of a Red Hat Unified
Entitlement Platform. The Subscription Management tools use this interface
to manage system entitlements, certificates, and access to content.

The following packages have been upgraded to a later upstream version:
subscription-manager (1.18.10), python-rhsm (1.18.6),
subscription-manager-migration-data (2.0.34). (BZ#1383475, BZ#1385446,
BZ#1385382)

Security Fix(es):

* It was found that subscription-manager set weak permissions on files in
/var/lib/rhsm/, causing an information disclosure. A local, unprivileged
user could use this flaw to access sensitive data that could potentially be
used in a social engineering attack. (CVE-2016-4455)

Red Hat would like to thank Robert Scheck for reporting this issue.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9
Technical Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1176219 - subscription-manager repos --list with bad proxy options is silently using cache
1185914 - [RFE] rhn-migrate-classic-to-rhsm should give the option to remove RHN Classic related packages / daemons
1232472 - rhel-x86_64-server-sap-hana-6 channel maps are missing from channel-cert-mapping.txt
1283749 - Some GUI dialogs which should be error dialogs are information dialogs, breaking automated testing
1286842 - 'rhel-x86_64-server-6-rh-gluster-3-samba-debuginfo' channel map is missing from channel-cert-mapping.txt
1287925 - /bin/sh /etc/cron.daily/rhsmd does not stop.
1298140 - There is no proper icon in license window nor in date selection window for subscription-manager-gui
1301215 - The cmd "repos --list --proxy" with a fake proxy server url will not stop running.
1315591 - GUI : No network is thrown when you try to remove a subscription on the system with no network
1317613 - typo in src/subscription_manager/gui/data/ui/selectsla.ui
1320507 - Wrong prefix prompts when register using serverurl without prefix
1320597 - rhel-x86_64-server-hpn-fastrack-6 channel maps are absent from channel-cert-mapping.txt
1320607 - rhel-x86_64-server-hpn-6 channel maps are absent from channel-cert-mapping.txt
1320647 - rhn channels 'rhel-ARCH-workstation-6-thirdparty-oracle-java-beta' should maps to the Beta product cert, not the GA cert.
1321831 - When consumer ID has been deleted, the Back button and Next button should be disabled in Attaching window.
1323276 - Proxy dialog displays None:{None,3128} in field "Proxy Location" in some cases
1327179 - Subscription Manager cannot start when entitlement server is unreachable in case a proxy connection is used
1337817 - The 'Start-End Date' of expired subscription is not in red status when the subscription expired.
1340525 - CVE-2016-4455 subscription-manager: sensitive world readable files in /var/lib/rhsm/
1351009 - Error when disable all repos by 'subscription-manager repos --disable=*'
1367128 - [RFE] upload FQDN with facts
1382355 - CLI Does Not Display Error Message When Auto-Attach has Failure
1383475 - Rebase subscription-manager component to the latest upstream branch for RHEL 6.9
1385382 - Rebase python-rhsm component to the latest upstream branch for RHEL 6.9
1385446 - Rebase subscription-manager-migration-data component to the latest upstream branch for RHEL 6.9
1389559 - logging to /var/log/rhsm/rhsm.log ceases after upgrade from rhel6.8 to rhel6.9
1390258 - rhn-migrate-classic-to-rhsm --keep --remove-rhn-packages should error out due to conflicting options
1390341 - rhn-migrate-classic-to-rhsm is failing to stop and disable services
1390688 - global name 'socket' is not defined
1390712 - man page for rhn-migrate-classic-to-rhsm needs a description for new option --remove-rhn-packages
1391681 - Zanata translations for subscription-manager 1.18 are not 100%
1393573 - subscription-manager-migration-data for RHEL6.9 needs RHEL6.9 product certs
1394351 - 'module' object has no attribute 'PROXY_AUTHENTICATION_REQUIRED'
1394776 - Registration fails with RemoteServerException: Server error attempting a GET to /subscription/users/stage_test_rhel69/owners returned status 404
1395659 - Firstboot : Exception occurs while trying to register via auth proxy with invalid credentials
1395662 - Firstboot: Exception occured while trying to register the system using activation-key with  org and activation-key field empty
1395684 - GUI: No error dialogue when you try to register via auth proxy without selecting "Use Authentication with http proxy" option
1395794 - /usr/libexec/rhsmd is failing with ImportError: No module named decorator
1396405 - Message "an integer is required" is displayed when tired to list release versions against stage server
1397201 - AttributeError: 'module' object has no attribute 'BadStatusLine'
1400719 - AttributeError: 'ContentConnection' object has no attribute 'proxy_host'
1401078 - unrepeatable "BadStatusLine" tracebacks are silently encountered when stage testing
1402009 - subscription-manager stdout contains ESC[?1034h
1403387 - there is an error in processing the specified proxy arguments versus proxy configurations
1404930 - Unable to launch subscription-manager gui when configure invalid proxy in proxy url
1417731 - [ko][pt_BR] pofilter endwhitespace test fails for subscription-manager 1.18.X
1417736 - [pt_BR][fr][ja] pofilter accelerators test fails for subscription-manager 1.18.X
1417740 - [ko] pofilter startwhitespace test fails for subscription-manager 1.18.X
1417746 - [it][fr][es_ES][pt_BR] pofilter unchanged test fails for subscription-manager 1.18.X

6. Package List:

Red Hat Enterprise Linux Desktop (v. 6):

Source:
python-rhsm-1.18.6-1.el6.src.rpm
subscription-manager-1.18.10-1.el6.src.rpm
subscription-manager-migration-data-2.0.34-1.el6.src.rpm

i386:
python-rhsm-1.18.6-1.el6.i686.rpm
python-rhsm-certificates-1.18.6-1.el6.i686.rpm
python-rhsm-debuginfo-1.18.6-1.el6.i686.rpm
subscription-manager-1.18.10-1.el6.i686.rpm
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-firstboot-1.18.10-1.el6.i686.rpm
subscription-manager-gui-1.18.10-1.el6.i686.rpm
subscription-manager-migration-1.18.10-1.el6.i686.rpm

noarch:
subscription-manager-migration-data-2.0.34-1.el6.noarch.rpm

x86_64:
python-rhsm-1.18.6-1.el6.x86_64.rpm
python-rhsm-certificates-1.18.6-1.el6.x86_64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.x86_64.rpm
subscription-manager-1.18.10-1.el6.x86_64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-firstboot-1.18.10-1.el6.x86_64.rpm
subscription-manager-gui-1.18.10-1.el6.x86_64.rpm
subscription-manager-migration-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux Desktop Optional (v. 6):

i386:
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-plugin-container-1.18.10-1.el6.i686.rpm

x86_64:
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node (v. 6):

Source:
python-rhsm-1.18.6-1.el6.src.rpm
subscription-manager-1.18.10-1.el6.src.rpm
subscription-manager-migration-data-2.0.34-1.el6.src.rpm

noarch:
subscription-manager-migration-data-2.0.34-1.el6.noarch.rpm

x86_64:
python-rhsm-1.18.6-1.el6.x86_64.rpm
python-rhsm-certificates-1.18.6-1.el6.x86_64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.x86_64.rpm
subscription-manager-1.18.10-1.el6.x86_64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-migration-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux HPC Node Optional (v. 6):

x86_64:
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-firstboot-1.18.10-1.el6.x86_64.rpm
subscription-manager-gui-1.18.10-1.el6.x86_64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux Server (v. 6):

Source:
python-rhsm-1.18.6-1.el6.src.rpm
subscription-manager-1.18.10-1.el6.src.rpm
subscription-manager-migration-data-2.0.34-1.el6.src.rpm

i386:
python-rhsm-1.18.6-1.el6.i686.rpm
python-rhsm-certificates-1.18.6-1.el6.i686.rpm
python-rhsm-debuginfo-1.18.6-1.el6.i686.rpm
subscription-manager-1.18.10-1.el6.i686.rpm
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-firstboot-1.18.10-1.el6.i686.rpm
subscription-manager-gui-1.18.10-1.el6.i686.rpm
subscription-manager-migration-1.18.10-1.el6.i686.rpm

noarch:
subscription-manager-migration-data-2.0.34-1.el6.noarch.rpm

ppc64:
python-rhsm-1.18.6-1.el6.ppc64.rpm
python-rhsm-certificates-1.18.6-1.el6.ppc64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.ppc64.rpm
subscription-manager-1.18.10-1.el6.ppc64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.ppc64.rpm
subscription-manager-firstboot-1.18.10-1.el6.ppc64.rpm
subscription-manager-gui-1.18.10-1.el6.ppc64.rpm
subscription-manager-migration-1.18.10-1.el6.ppc64.rpm

s390x:
python-rhsm-1.18.6-1.el6.s390x.rpm
python-rhsm-certificates-1.18.6-1.el6.s390x.rpm
python-rhsm-debuginfo-1.18.6-1.el6.s390x.rpm
subscription-manager-1.18.10-1.el6.s390x.rpm
subscription-manager-debuginfo-1.18.10-1.el6.s390x.rpm
subscription-manager-firstboot-1.18.10-1.el6.s390x.rpm
subscription-manager-gui-1.18.10-1.el6.s390x.rpm
subscription-manager-migration-1.18.10-1.el6.s390x.rpm

x86_64:
python-rhsm-1.18.6-1.el6.x86_64.rpm
python-rhsm-certificates-1.18.6-1.el6.x86_64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.x86_64.rpm
subscription-manager-1.18.10-1.el6.x86_64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-firstboot-1.18.10-1.el6.x86_64.rpm
subscription-manager-gui-1.18.10-1.el6.x86_64.rpm
subscription-manager-migration-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 6):

i386:
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-plugin-container-1.18.10-1.el6.i686.rpm

ppc64:
subscription-manager-debuginfo-1.18.10-1.el6.ppc64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.ppc64.rpm

s390x:
subscription-manager-debuginfo-1.18.10-1.el6.s390x.rpm
subscription-manager-plugin-container-1.18.10-1.el6.s390x.rpm

x86_64:
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 6):

Source:
python-rhsm-1.18.6-1.el6.src.rpm
subscription-manager-1.18.10-1.el6.src.rpm
subscription-manager-migration-data-2.0.34-1.el6.src.rpm

i386:
python-rhsm-1.18.6-1.el6.i686.rpm
python-rhsm-certificates-1.18.6-1.el6.i686.rpm
python-rhsm-debuginfo-1.18.6-1.el6.i686.rpm
subscription-manager-1.18.10-1.el6.i686.rpm
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-firstboot-1.18.10-1.el6.i686.rpm
subscription-manager-gui-1.18.10-1.el6.i686.rpm
subscription-manager-migration-1.18.10-1.el6.i686.rpm

noarch:
subscription-manager-migration-data-2.0.34-1.el6.noarch.rpm

x86_64:
python-rhsm-1.18.6-1.el6.x86_64.rpm
python-rhsm-certificates-1.18.6-1.el6.x86_64.rpm
python-rhsm-debuginfo-1.18.6-1.el6.x86_64.rpm
subscription-manager-1.18.10-1.el6.x86_64.rpm
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-firstboot-1.18.10-1.el6.x86_64.rpm
subscription-manager-gui-1.18.10-1.el6.x86_64.rpm
subscription-manager-migration-1.18.10-1.el6.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 6):

i386:
subscription-manager-debuginfo-1.18.10-1.el6.i686.rpm
subscription-manager-plugin-container-1.18.10-1.el6.i686.rpm

x86_64:
subscription-manager-debuginfo-1.18.10-1.el6.x86_64.rpm
subscription-manager-plugin-container-1.18.10-1.el6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2016-4455
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFY0PVPXlSAg2UNWIIRArMdAJ9xIj8PVV0ztHRNuAakmN1xLVLhswCZAWNa
nAPD+QePV0XBb9YPxXYETC0=
=IVQw
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWNHGhox+lLeg9Ub1AQhx4w/+MbF7cKkjPZdD2R0BISIJc9V+T8ThYXMt
0SrJg5S6XkKnt6QW5kVgbZDUmmgQNg48AMHsWo9OHnhmZtkfUCTP94ZF/LNKZ8Uk
sGlb6olc1y7J7uyf7TIz6DYKyI8faTyfrQiP7fgjS49AKOfXARahp6kRhCk/axEl
P3czqRbMdAixx0fJfdg57bHUEEOuGu+SnMbk3GDewzJbHDnQK+prBV+wiO20vOlC
+NZoYj7UxiP0K9CybhnPFk6ZM3I7p+PEzxGmasFdVKnedjcBCO/p55T3KAAW1tzm
jwBRYjfgcmIBSZxB/cWrO7Iwfs+1AYvPg6pl0o3fmNUW4SyyqCwt3z70fhRtKMRH
lUvjIS0PRUYws5llPLLbPu1pf6GG/zZZxYI3DOaa5AdhZUWkSQkRFhZCk3Ocyb1Z
htBxFKLyf1Q3ROxCNNWW79yjXhw9adC4ggopRivtXG0lfxZnYKH6gRXTzD1TJ0ew
mo4DsrFC6HbPVLZw6U6KXbz9MXDZlQCv0jaCRp9An0mWxdB1kBnWaNKt+6nq4Rk9
FyK+cQZpECzeSw2fBKvx0OVGJknDgOXOpgENvd3n01sa0d52gjTocQgVe+TkL74D
iG0LWq4H06dlD6HqwLGIuifBuKfgbh1076ittqGxUjCO3l+8VSXPNKt4A42cd6+b
z33jE5w9z3M=
=smSI
-----END PGP SIGNATURE-----