RHSA-2022:6078: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.1.3 security and bug fix update

Skip to navigation Skip to main content

Utilities

• Subscriptions
• Downloads
• Containers
• Support Cases

Infrastructure and Management

• Red Hat Enterprise Linux
• Red Hat Virtualization
• Red Hat Identity Management
• Red Hat Directory Server
• Red Hat Certificate System
• Red Hat Satellite
• Red Hat Subscription Management
• Red Hat Update Infrastructure
• Red Hat Insights
• Red Hat Ansible Automation Platform

Cloud Computing

• Red Hat OpenShift
• Red Hat CloudForms
• Red Hat OpenStack Platform
• Red Hat OpenShift Container Platform
• Red Hat OpenShift Data Science
• Red Hat OpenShift Online
• Red Hat OpenShift Dedicated
• Red Hat Advanced Cluster Security for Kubernetes
• Red Hat Advanced Cluster Management for Kubernetes
• Red Hat Quay
• Red Hat CodeReady Workspaces
• Red Hat OpenShift Service on AWS

Storage

• Red Hat Gluster Storage
• Red Hat Hyperconverged Infrastructure
• Red Hat Ceph Storage
• Red Hat OpenShift Data Foundation

Runtimes

• Red Hat Runtimes
• Red Hat JBoss Enterprise Application Platform
• Red Hat Data Grid
• Red Hat JBoss Web Server
• Red Hat Single Sign On
• Red Hat support for Spring Boot
• Red Hat build of Node.js
• Red Hat build of Thorntail
• Red Hat build of Eclipse Vert.x
• Red Hat build of OpenJDK
• Red Hat build of Quarkus

Integration and Automation

• Red Hat Process Automation
• Red Hat Process Automation Manager
• Red Hat Decision Manager

All Products

Issued:

2022-08-16

Updated:

2022-08-16

RHSA-2022:6078 - Security Advisory

• Overview
• Updated Packages

Synopsis

Important: Red Hat Ansible Automation Platform 2.1.3 security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Ansible Automation Platform 2.1

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Security Fix(es):

• automation hub: Ansible: Logic flaw leads to privilege escalation (CVE-2022-2568)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Red Hat Ansible Automation Platform

Affected Products

• Red Hat Ansible Automation Platform 2.1 x86_64

Fixes

• BZ - 2108653 - CVE-2022-2568 Ansible: Logic flaw leads to privilage escalation

Red Hat Ansible Automation Platform 2.1

SRPM

ansible-core-2.12.7-2.el8ap.src.rpm

SHA-256: c9cbfc1252fb1627c371195228c385392c0d9c9d7d0f5e929c439b9e59e838a9

automation-controller-4.1.3-2.el8ap.src.rpm

SHA-256: 2b47d0ab5b916630ed5b85234160570f09a54742f60011a1796eee7f194f8916

automation-hub-4.4.4-1.el8pc.src.rpm

SHA-256: 571c40c2c8b198c2a1c987d00b7e6adc68187ab91a60d0d7990aed3680af8f15

openshift-clients-4.10.0-202206211856.p0.g45460a5.assembly.stream.el8.src.rpm

SHA-256: d801285630d3d9c9c34cf6d3cebe9bf451edbea2eba95facca7c9ffe573d603b

pulpcore-selinux-1.3.2-1.el8ap.src.rpm

SHA-256: 691fafb3511c5e7534bd05ba765d709f04c446dac83e95f30d29db0ce0cf3593

python-galaxy-ng-4.4.4-1.el8pc.src.rpm

SHA-256: a0cc4f83061ed17f8bd65c2473b3de8c3aa973bcc891f6e62842a8df5fbd2573

x86_64

ansible-core-2.12.7-2.el8ap.x86_64.rpm

SHA-256: 79b39addc5d15319699994a131fbab90d2fb01eac5dcce0f19f968fe36bb1d80

ansible-test-2.12.7-2.el8ap.x86_64.rpm

SHA-256: 9992765e41e96a3e59a68c0cf4fb3955406ef03d6a78e63bc9f960731a533cbe

automation-controller-4.1.3-2.el8ap.x86_64.rpm

SHA-256: dd2d405537f071a216d008d15e12bb9e650d6b7b1dea38e8f90b41d17005851e

automation-controller-cli-4.1.3-2.el8ap.x86_64.rpm

SHA-256: efe38be351a52ec6481d43770b3b6c494e30ba8aebd35feb3f5f325f1039ba09

automation-controller-server-4.1.3-2.el8ap.x86_64.rpm

SHA-256: 6e193c163e6dad9c9928326fed6dec311de08dbc9c83ec06124a916711865d69

automation-controller-ui-4.1.3-2.el8ap.x86_64.rpm

SHA-256: c0ab525a487a27a39bc2ba4161f2a40b433c1cc4d9c63663a086e6ee96ba6443

automation-controller-venv-tower-4.1.3-2.el8ap.x86_64.rpm

SHA-256: 28201ce93bf103c3c7476f5557b46f2449048288c0cc5874497e7895f6d85787

automation-hub-4.4.4-1.el8pc.noarch.rpm

SHA-256: d12661e4d246daec671c4a2bf9565a6cb45eae730c31c30c1923ac6ae92449d8

openshift-clients-4.10.0-202206211856.p0.g45460a5.assembly.stream.el8.x86_64.rpm

SHA-256: aa0534f3fc81ce6de08210f495a83a04f442b47b06fcc0677fcca119a300c460

pulpcore-selinux-1.3.2-1.el8ap.x86_64.rpm

SHA-256: d4010a06b1f036fb51883caf09f4ca10efaf115ed63f2df31fcbd7e92f27fa21

python38-galaxy-ng-4.4.4-1.el8pc.noarch.rpm

SHA-256: 735195bca3b9049d52399ac6bee09ab3c3f293234f95293b58f6695fd7c600dc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.