ID CVE-2020-7942
Summary Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19
References
Vulnerable Configurations
  • cpe:2.3:a:puppet:puppet:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.11:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:5.5.13:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:5.5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet:6.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet:6.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
    cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 30-12-2021 - 13:33)
Impact:
Exploitability:
CWE CWE-295
CAPEC
  • Creating a Rogue Certification Authority Certificate
    An adversary exploits a weakness in the MD5 hash algorithm (weak collision resistance) to generate a certificate signing request (CSR) that contains collision blocks in the "to be signed" part. The adversary specially crafts two different, but valid X.509 certificates that when hashed with the MD5 algorithm would yield the same value. The adversary then sends the CSR for one of the certificates to the Certification Authority which uses the MD5 hashing algorithm. That request is completely valid and the Certificate Authority issues an X.509 certificate to the adversary which is signed with its private key. An adversary then takes that signed blob and inserts it into another X.509 certificate that the attacker generated. Due to the MD5 collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority. To make the attack more interesting, the second certificate could be not just a regular certificate, but rather itself a signing certificate. Thus the adversary is able to start their own Certification Authority that is anchored in its root of trust in the legitimate Certification Authority that has signed the attackers' first X.509 certificate. If the original Certificate Authority was accepted by default by browsers, so will now the Certificate Authority set up by the adversary and of course any certificates that it signs. So the adversary is now able to generate any SSL certificates to impersonate any web server, and the user's browser will not issue any warning to the victim. This can be used to compromise HTTPS communications and other types of systems where PKI and X.509 certificates may be used (e.g., VPN, IPSec).
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:N/A:N
redhat via4
rpms
  • ansible-collection-redhat-satellite-0:1.3.0-1.el7sat
  • ansible-runner-0:1.4.6-1.el7ar
  • ansiblerole-foreman_scap_client-0:0.0.5-1.el7sat
  • ansiblerole-insights-client-0:1.7.1-1.el7sat
  • ansiblerole-satellite-receptor-installer-0:0.6.13-1.el7sat
  • candlepin-0:3.1.21-1.el7sat
  • candlepin-selinux-0:3.1.21-1.el7sat
  • crane-selinux-0:3.4.0-1.el7sat
  • createrepo_c-0:0.7.4-1.el7sat
  • createrepo_c-debuginfo-0:0.7.4-1.el7sat
  • createrepo_c-libs-0:0.7.4-1.el7sat
  • foreman-0:2.1.2.19-1.el7sat
  • foreman-bootloaders-redhat-0:202005201200-1.el7sat
  • foreman-bootloaders-redhat-tftpboot-0:202005201200-1.el7sat
  • foreman-cli-0:2.1.2.19-1.el7sat
  • foreman-debug-0:2.1.2.19-1.el7sat
  • foreman-discovery-image-1:3.6.7-1.el7sat
  • foreman-discovery-image-service-0:1.0.0-3.el7sat
  • foreman-discovery-image-service-tui-0:1.0.0-3.el7sat
  • foreman-dynflow-sidekiq-0:2.1.2.19-1.el7sat
  • foreman-ec2-0:2.1.2.19-1.el7sat
  • foreman-gce-0:2.1.2.19-1.el7sat
  • foreman-installer-1:2.1.2.8-1.el7sat
  • foreman-installer-katello-1:2.1.2.8-1.el7sat
  • foreman-journald-0:2.1.2.19-1.el7sat
  • foreman-libvirt-0:2.1.2.19-1.el7sat
  • foreman-openstack-0:2.1.2.19-1.el7sat
  • foreman-ovirt-0:2.1.2.19-1.el7sat
  • foreman-postgresql-0:2.1.2.19-1.el7sat
  • foreman-proxy-0:2.1.2-2.el7sat
  • foreman-proxy-content-0:3.16.0-1.el7sat
  • foreman-proxy-journald-0:2.1.2-2.el7sat
  • foreman-selinux-0:2.1.2.3-1.el7sat
  • foreman-service-0:2.1.2.19-1.el7sat
  • foreman-telemetry-0:2.1.2.19-1.el7sat
  • foreman-vmware-0:2.1.2.19-1.el7sat
  • hfsplus-tools-0:332.14-12.el7
  • hfsplus-tools-debuginfo-0:332.14-12.el7
  • katello-0:3.16.0-1.el7sat
  • katello-certs-tools-0:2.7.1-1.el7sat
  • katello-client-bootstrap-0:1.7.5-1.el7sat
  • katello-common-0:3.16.0-1.el7sat
  • katello-debug-0:3.16.0-1.el7sat
  • katello-selinux-0:3.4.0-1.el7sat
  • keycloak-httpd-client-install-0:1.2.2-1.el7sat
  • kobo-0:0.5.1-1.el7sat
  • libmodulemd-0:1.7.0-1.pulp.el7sat
  • libmodulemd-debuginfo-0:1.7.0-1.pulp.el7sat
  • libsolv-0:0.7.4-4.pulp.el7sat
  • libsolv-debuginfo-0:0.7.4-4.pulp.el7sat
  • libwebsockets-0:2.4.2-2.el7
  • libwebsockets-debuginfo-0:2.4.2-2.el7
  • livecd-tools-1:20.4-1.6.el7sat
  • mod_passenger-0:4.0.18-24.el7sat
  • mod_xsendfile-0:0.12-11.el7sat
  • mod_xsendfile-debuginfo-0:0.12-11.el7sat
  • ostree-0:2017.1-2.atomic.el7
  • ostree-debuginfo-0:2017.1-2.atomic.el7
  • pcp-mmvstatsd-0:0.4-2.el7sat
  • pulp-admin-client-0:2.21.3-1.el7sat
  • pulp-docker-admin-extensions-0:3.2.7-1.el7sat
  • pulp-docker-plugins-0:3.2.7-1.el7sat
  • pulp-katello-0:1.0.3-1.el7sat
  • pulp-maintenance-0:2.21.3-1.el7sat
  • pulp-nodes-child-0:2.21.3-1.el7sat
  • pulp-nodes-common-0:2.21.3-1.el7sat
  • pulp-nodes-parent-0:2.21.3-1.el7sat
  • pulp-ostree-admin-extensions-0:1.3.1-2.el7sat
  • pulp-ostree-plugins-0:1.3.1-2.el7sat
  • pulp-puppet-admin-extensions-0:2.21.3-2.el7sat
  • pulp-puppet-plugins-0:2.21.3-2.el7sat
  • pulp-puppet-tools-0:2.21.3-2.el7sat
  • pulp-rpm-admin-extensions-0:2.21.3-2.el7sat
  • pulp-rpm-plugins-0:2.21.3-2.el7sat
  • pulp-selinux-0:2.21.3-1.el7sat
  • pulp-server-0:2.21.3-1.el7sat
  • puppet-agent-0:6.14.0-2.el7sat
  • puppet-agent-oauth-0:0.5.1-3.el7sat
  • puppet-foreman_scap_client-0:0.4.0-1.el7sat
  • puppetlabs-stdlib-0:4.25.1-2.el7sat
  • puppetserver-0:6.13.0-1.el7sat
  • pycairo-0:1.16.3-9.el7sat
  • pycairo-debuginfo-0:1.16.3-9.el7sat
  • pygobject3-debuginfo-0:3.28.3-2.el7sat
  • python-aiohttp-debuginfo-0:3.6.2-4.el7ar
  • python-billiard-debuginfo-1:3.5.0.3-3.el7sat
  • python-blinker-0:1.3-2.el7sat
  • python-bson-0:3.2-2.el7sat
  • python-gnupg-0:0.3.7-1.el7ui
  • python-gofer-0:2.12.5-7.el7sat
  • python-gofer-qpid-0:2.12.5-7.el7sat
  • python-imgcreate-1:20.4-1.6.el7sat
  • python-kid-0:0.9.6-11.el7sat
  • python-markupsafe-debuginfo-0:0.23-21.el7sat
  • python-mongoengine-0:0.10.5-2.el7sat
  • python-multidict-debuginfo-0:4.7.4-2.el7ar
  • python-nectar-0:1.6.2-1.el7sat
  • python-oauth2-0:1.5.211-8.el7sat
  • python-psutil-0:5.0.1-3.el7sat
  • python-psutil-debuginfo-0:5.0.1-3.el7sat
  • python-pulp-agent-lib-0:2.21.3-1.el7sat
  • python-pulp-bindings-0:2.21.3-1.el7sat
  • python-pulp-client-lib-0:2.21.3-1.el7sat
  • python-pulp-common-0:2.21.3-1.el7sat
  • python-pulp-docker-common-0:3.2.7-1.el7sat
  • python-pulp-integrity-0:2.21.3-2.el7sat
  • python-pulp-oid_validation-0:2.21.3-1.el7sat
  • python-pulp-ostree-common-0:1.3.1-2.el7sat
  • python-pulp-puppet-common-0:2.21.3-2.el7sat
  • python-pulp-repoauth-0:2.21.3-1.el7sat
  • python-pulp-rpm-common-0:2.21.3-2.el7sat
  • python-pulp-streamer-0:2.21.3-1.el7sat
  • python-pycurl-debuginfo-0:7.43.0.2-4.el7sat
  • python-pymongo-0:3.2-2.el7sat
  • python-pymongo-debuginfo-0:3.2-2.el7sat
  • python-pymongo-gridfs-0:3.2-2.el7sat
  • python-qpid-0:1.35.0-5.el7
  • python-qpid-proton-0:0.28.0-3.el7
  • python-qpid-qmf-0:1.36.0-28.el7amq
  • python-saslwrapper-0:0.22-5.el7sat
  • python-semantic_version-0:2.2.0-6.el7sat
  • python-simplejson-0:3.2.0-1.el7sat
  • python-simplejson-debuginfo-0:3.2.0-1.el7sat
  • python-twisted-debuginfo-0:16.4.1-12.el7sat
  • python-yarl-debuginfo-0:1.4.2-2.el7ar
  • python-zope-interface-0:4.0.5-4.el7
  • python-zope-interface-debuginfo-0:4.0.5-4.el7
  • python2-amqp-0:2.2.2-5.el7sat
  • python2-ansible-runner-0:1.4.6-1.el7ar
  • python2-anyjson-0:0.3.3-11.el7sat
  • python2-apypie-0:0.2.2-1.el7sat
  • python2-billiard-1:3.5.0.3-3.el7sat
  • python2-celery-0:4.0.2-9.el7sat
  • python2-click-0:6.7-9.el7sat
  • python2-crane-0:3.3.1-9.el7sat
  • python2-daemon-0:2.1.2-7.el7at
  • python2-django-0:1.11.29-1.el7sat
  • python2-flask-1:0.12.2-4.el7sat
  • python2-future-0:0.16.0-11.el7sat
  • python2-gobject-0:3.28.3-2.el7sat
  • python2-gobject-base-0:3.28.3-2.el7sat
  • python2-isodate-0:0.5.4-12.el7sat
  • python2-itsdangerous-0:0.24-15.el7sat
  • python2-jinja2-0:2.10-10.el7sat
  • python2-jmespath-0:0.9.0-6.el7_7
  • python2-keycloak-httpd-client-install-0:1.2.2-1.el7sat
  • python2-kombu-10:4.0.2-13.el7sat
  • python2-lockfile-1:0.11.0-10.el7ar
  • python2-markupsafe-0:0.23-21.el7sat
  • python2-okaara-0:1.0.37-2.el7sat
  • python2-pexpect-0:4.6-1.el7at
  • python2-ptyprocess-0:0.5.2-3.el7at
  • python2-pycurl-0:7.43.0.2-4.el7sat
  • python2-solv-0:0.7.4-4.pulp.el7sat
  • python2-twisted-0:16.4.1-12.el7sat
  • python2-vine-10:1.1.3-6.el7sat
  • python2-werkzeug-0:0.12.2-5.el7sat
  • python3-aiohttp-0:3.6.2-4.el7ar
  • python3-async-timeout-0:3.0.1-2.el7ar
  • python3-attrs-0:19.3.0-3.el7ar
  • python3-chardet-0:3.0.4-10.el7ar
  • python3-dateutil-0:2.8.1-2.el7ar
  • python3-idna-0:2.4-2.el7ar
  • python3-idna-ssl-0:1.1.0-2.el7ar
  • python3-multidict-0:4.7.4-2.el7ar
  • python3-prometheus-client-0:0.7.1-2.el7ar
  • python3-receptor-satellite-0:1.2.0-1.el7sat
  • python3-six-0:1.11.0-8.el7ar
  • python3-typing-extensions-0:3.7.4.1-2.el7ar
  • python3-yarl-0:1.4.2-2.el7ar
  • qpid-cpp-client-0:1.36.0-28.el7amq
  • qpid-cpp-client-devel-0:1.36.0-28.el7amq
  • qpid-cpp-debuginfo-0:1.36.0-28.el7amq
  • qpid-cpp-server-0:1.36.0-28.el7amq
  • qpid-cpp-server-linearstore-0:1.36.0-28.el7amq
  • qpid-dispatch-debuginfo-0:1.5.0-4.el7
  • qpid-dispatch-router-0:1.5.0-4.el7
  • qpid-dispatch-tools-0:1.5.0-4.el7
  • qpid-proton-c-0:0.28.0-3.el7
  • qpid-proton-debuginfo-0:0.28.0-3.el7
  • qpid-qmf-0:1.36.0-28.el7amq
  • qpid-tools-0:1.36.0-28.el7amq
  • receptor-0:0.6.3-1.el7ar
  • redhat-access-insights-puppet-0:1.0.1-1.el7sat
  • repoview-0:0.6.6-11.el7sat
  • rh-postgresql12-postgresql-evr-0:0.0.2-1.el7sat
  • rhel8-kickstart-setup-0:0.0.2-1.el7sat
  • rubygem-facter-0:2.4.1-2.el7sat
  • rubygem-fast_gettext-0:1.1.0-4.el7sat
  • rubygem-foreman_scap_client-0:0.4.6-1.el7sat
  • rubygem-highline-0:1.7.8-3.el7sat
  • rubygem-newt-0:0.9.6-3.el7sat
  • rubygem-newt-debuginfo-0:0.9.6-3.el7sat
  • rubygem-oauth-0:0.5.4-2.el7sat
  • rubygem-passenger-0:4.0.18-24.el7sat
  • rubygem-passenger-debuginfo-0:4.0.18-24.el7sat
  • rubygem-passenger-native-0:4.0.18-24.el7sat
  • rubygem-passenger-native-libs-0:4.0.18-24.el7sat
  • rubygem-rack-1:1.6.12-1.el7sat
  • rubygem-rake-0:0.9.2.2-41.el7sat
  • saslwrapper-0:0.22-5.el7sat
  • saslwrapper-debuginfo-0:0.22-5.el7sat
  • satellite-0:6.8.0-1.el7sat
  • satellite-capsule-0:6.8.0-1.el7sat
  • satellite-cli-0:6.8.0-1.el7sat
  • satellite-common-0:6.8.0-1.el7sat
  • satellite-debug-tools-0:6.8.0-1.el7sat
  • satellite-installer-0:6.8.0.11-1.el7sat
  • tfm-rubygem-actioncable-0:6.0.3.1-1.el7sat
  • tfm-rubygem-actionmailbox-0:6.0.3.1-1.el7sat
  • tfm-rubygem-actionmailer-0:6.0.3.1-1.el7sat
  • tfm-rubygem-actionpack-0:6.0.3.1-1.el7sat
  • tfm-rubygem-actiontext-0:6.0.3.1-1.el7sat
  • tfm-rubygem-actionview-0:6.0.3.1-1.el7sat
  • tfm-rubygem-activejob-0:6.0.3.1-1.el7sat
  • tfm-rubygem-activemodel-0:6.0.3.1-1.el7sat
  • tfm-rubygem-activerecord-0:6.0.3.1-1.el7sat
  • tfm-rubygem-activerecord-import-0:1.0.0-6.el7sat
  • tfm-rubygem-activerecord-session_store-0:1.1.1-4.el7sat
  • tfm-rubygem-activestorage-0:6.0.3.1-1.el7sat
  • tfm-rubygem-activesupport-0:6.0.3.1-1.el7sat
  • tfm-rubygem-addressable-0:2.6.0-1.el7sat
  • tfm-rubygem-algebrick-0:0.7.3-6.el7sat
  • tfm-rubygem-amazing_print-0:1.1.0-1.el7sat
  • tfm-rubygem-ancestry-0:3.0.7-1.el7sat
  • tfm-rubygem-anemone-0:0.7.2-22.el7sat
  • tfm-rubygem-angular-rails-templates-1:1.1.0-1.el7sat
  • tfm-rubygem-ansi-0:1.5.0-2.el7sat
  • tfm-rubygem-apipie-bindings-0:0.3.0-1.el7sat
  • tfm-rubygem-apipie-dsl-0:2.2.2-2.el7sat
  • tfm-rubygem-apipie-params-0:0.0.5-5.el7sat
  • tfm-rubygem-apipie-rails-0:0.5.17-3.el7sat
  • tfm-rubygem-audited-0:4.9.0-3.el7sat
  • tfm-rubygem-azure_mgmt_compute-0:0.18.7-1.el7sat
  • tfm-rubygem-azure_mgmt_network-0:0.19.0-1.el7sat
  • tfm-rubygem-azure_mgmt_resources-0:0.17.6-1.el7sat
  • tfm-rubygem-azure_mgmt_storage-0:0.17.10-1.el7sat
  • tfm-rubygem-azure_mgmt_subscriptions-0:0.18.2-1.el7sat
  • tfm-rubygem-bcrypt-0:3.1.12-1.el7sat
  • tfm-rubygem-bcrypt-debuginfo-0:3.1.12-1.el7sat
  • tfm-rubygem-builder-0:3.2.4-1.el7sat
  • tfm-rubygem-bundler_ext-0:0.4.1-4.el7sat
  • tfm-rubygem-clamp-0:1.1.2-5.el7sat
  • tfm-rubygem-coffee-rails-0:5.0.0-1.el7sat
  • tfm-rubygem-coffee-script-0:2.4.1-4.el7sat
  • tfm-rubygem-coffee-script-source-0:1.12.2-4.el7sat
  • tfm-rubygem-concurrent-ruby-1:1.1.6-2.el7sat
  • tfm-rubygem-concurrent-ruby-edge-1:0.6.0-2.el7sat
  • tfm-rubygem-connection_pool-0:2.2.2-2.el7sat
  • tfm-rubygem-crass-0:1.0.6-1.el7sat
  • tfm-rubygem-css_parser-0:1.4.7-3.el7sat
  • tfm-rubygem-daemons-0:1.2.3-7.el7sat
  • tfm-rubygem-deacon-0:1.0.0-4.el7sat
  • tfm-rubygem-declarative-0:0.0.10-1.el7sat
  • tfm-rubygem-declarative-option-0:0.1.0-1.el7sat
  • tfm-rubygem-deep_cloneable-0:3.0.0-3.el7sat
  • tfm-rubygem-deface-0:1.5.3-2.el7sat
  • tfm-rubygem-diffy-0:3.0.1-6.el7sat
  • tfm-rubygem-domain_name-0:0.5.20160310-4.el7sat
  • tfm-rubygem-dynflow-0:1.4.7-1.fm2_1.el7sat
  • tfm-rubygem-erubi-0:1.9.0-1.el7sat
  • tfm-rubygem-excon-0:0.58.0-3.el7sat
  • tfm-rubygem-execjs-0:2.7.0-4.el7sat
  • tfm-rubygem-facter-0:2.4.0-6.el7sat
  • tfm-rubygem-faraday-0:0.15.4-1.el7sat
  • tfm-rubygem-faraday-cookie_jar-0:0.0.6-1.el7sat
  • tfm-rubygem-faraday_middleware-0:0.13.1-2.el7sat
  • tfm-rubygem-fast_gettext-0:1.4.1-3.el7sat
  • tfm-rubygem-ffi-0:1.12.2-1.el7sat
  • tfm-rubygem-ffi-debuginfo-0:1.12.2-1.el7sat
  • tfm-rubygem-fog-aws-0:3.6.5-1.el7sat
  • tfm-rubygem-fog-core-0:2.1.0-3.el7sat
  • tfm-rubygem-fog-google-0:1.8.2-1.el7sat
  • tfm-rubygem-fog-json-0:1.2.0-3.el7sat
  • tfm-rubygem-fog-kubevirt-0:1.3.3-1.el7sat
  • tfm-rubygem-fog-libvirt-0:0.7.0-1.el7sat
  • tfm-rubygem-fog-openstack-0:1.0.8-2.el7sat
  • tfm-rubygem-fog-ovirt-0:1.2.5-1.el7sat
  • tfm-rubygem-fog-vsphere-0:3.3.1-1.el7sat
  • tfm-rubygem-fog-xml-0:0.1.2-8.el7sat
  • tfm-rubygem-foreman-tasks-0:2.0.2-1.fm2_1.el7sat
  • tfm-rubygem-foreman-tasks-core-0:0.3.4-1.el7sat
  • tfm-rubygem-foreman_ansible-0:5.1.3-1.el7sat
  • tfm-rubygem-foreman_ansible_core-0:3.0.4-1.el7sat
  • tfm-rubygem-foreman_azure_rm-0:2.1.2-1.fm2_1.el7sat
  • tfm-rubygem-foreman_bootdisk-0:17.0.2-2.fm2_1.el7sat
  • tfm-rubygem-foreman_discovery-0:16.1.2-1.el7sat
  • tfm-rubygem-foreman_hooks-0:0.3.16-2.el7sat
  • tfm-rubygem-foreman_kubevirt-0:0.1.7-1.el7sat
  • tfm-rubygem-foreman_leapp-0:0.1.6-1.el7sat
  • tfm-rubygem-foreman_openscap-0:4.0.3-1.fm2_1.el7sat
  • tfm-rubygem-foreman_remote_execution-0:3.3.7-1.el7sat
  • tfm-rubygem-foreman_remote_execution-cockpit-0:3.3.7-1.el7sat
  • tfm-rubygem-foreman_remote_execution_core-0:1.3.0-1.el7sat
  • tfm-rubygem-foreman_rh_cloud-0:2.0.12-1.el7sat
  • tfm-rubygem-foreman_templates-0:9.0.1-1.fm2_1.el7sat
  • tfm-rubygem-foreman_theme_satellite-0:6.0.1.7-1.el7sat
  • tfm-rubygem-foreman_virt_who_configure-0:0.5.2-1.el7sat
  • tfm-rubygem-formatador-0:0.2.1-11.el7sat
  • tfm-rubygem-friendly_id-0:5.3.0-1.el7sat
  • tfm-rubygem-fx-0:0.5.0-1.el7sat
  • tfm-rubygem-get_process_mem-0:0.2.1-3.el7sat
  • tfm-rubygem-gettext-0:3.1.4-10.el7sat
  • tfm-rubygem-gettext_i18n_rails-0:1.8.0-1.el7sat
  • tfm-rubygem-git-0:1.5.0-1.el7sat
  • tfm-rubygem-gitlab-sidekiq-fetcher-0:0.5.2-2.el7sat
  • tfm-rubygem-globalid-0:0.4.2-1.el7sat
  • tfm-rubygem-google-api-client-0:0.23.9-3.el7sat
  • tfm-rubygem-googleauth-0:0.6.7-3.el7sat
  • tfm-rubygem-graphql-0:1.8.14-1.el7sat
  • tfm-rubygem-graphql-batch-0:0.3.10-1.el7sat
  • tfm-rubygem-gssapi-0:1.2.0-6.el7sat
  • tfm-rubygem-hammer_cli-0:2.1.2-1.el7sat
  • tfm-rubygem-hammer_cli_foreman-0:2.1.2.1-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_admin-0:0.0.9-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_ansible-0:0.3.2-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_azure_rm-0:0.2.0-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_bootdisk-0:0.3.0-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_discovery-0:1.0.2-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_docker-0:0.0.6.4-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_kubevirt-0:0.1.4-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_leapp-0:0.1.0-2.fm2_1.el7sat
  • tfm-rubygem-hammer_cli_foreman_openscap-0:0.1.11-1.fm2_1.el7sat
  • tfm-rubygem-hammer_cli_foreman_remote_execution-0:0.1.2-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_tasks-0:0.0.14-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_templates-0:0.2.0-1.el7sat
  • tfm-rubygem-hammer_cli_foreman_virt_who_configure-0:0.0.6-1.el7sat
  • tfm-rubygem-hammer_cli_katello-0:0.22.2.2-1.el7sat
  • tfm-rubygem-hashie-0:3.6.0-1.el7sat
  • tfm-rubygem-highline-0:1.7.8-4.el7sat
  • tfm-rubygem-http-0:3.3.0-1.el7sat
  • tfm-rubygem-http-cookie-0:1.0.2-5.el7sat
  • tfm-rubygem-http-form_data-0:2.1.1-1.el7sat
  • tfm-rubygem-http_parser.rb-0:0.6.0-1.el7sat
  • tfm-rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el7sat
  • tfm-rubygem-httpclient-0:2.8.3-1.el7sat
  • tfm-rubygem-i18n-0:1.8.2-1.el7sat
  • tfm-rubygem-infoblox-0:3.0.0-3.el7sat
  • tfm-rubygem-ipaddress-0:0.8.0-11.el7sat
  • tfm-rubygem-jgrep-0:1.3.3-12.el7sat
  • tfm-rubygem-journald-logger-0:2.0.4-2.el7sat
  • tfm-rubygem-journald-native-0:1.0.11-2.el7sat
  • tfm-rubygem-journald-native-debuginfo-0:1.0.11-2.el7sat
  • tfm-rubygem-jwt-0:2.2.1-1.el7sat
  • tfm-rubygem-kafo-0:4.1.0-3.el7sat
  • tfm-rubygem-kafo_parsers-0:1.1.0-3.el7sat
  • tfm-rubygem-kafo_wizards-0:0.0.1-4.el7sat
  • tfm-rubygem-katello-0:3.16.0.11-1.el7sat
  • tfm-rubygem-kubeclient-0:4.3.0-1.el7sat
  • tfm-rubygem-ldap_fluff-0:0.4.7-5.el7sat
  • tfm-rubygem-little-plugger-0:1.1.4-1.el7sat
  • tfm-rubygem-locale-0:2.0.9-13.el7sat
  • tfm-rubygem-logging-0:2.2.2-6.el7sat
  • tfm-rubygem-logging-journald-0:2.0.0-2.el7sat
  • tfm-rubygem-loofah-0:2.4.0-1.el7sat
  • tfm-rubygem-mail-0:2.7.1-1.el7sat
  • tfm-rubygem-marcel-0:0.3.3-1.el7sat
  • tfm-rubygem-memoist-0:0.16.0-1.el7sat
  • tfm-rubygem-method_source-0:0.9.2-2.el7sat
  • tfm-rubygem-mime-types-0:3.2.2-4.el7sat
  • tfm-rubygem-mime-types-data-0:3.2018.0812-4.el7sat
  • tfm-rubygem-mimemagic-0:0.3.5-1.el7sat
  • tfm-rubygem-mini_mime-0:1.0.2-1.el7sat
  • tfm-rubygem-mini_portile2-0:2.4.0-1.el7sat
  • tfm-rubygem-ms_rest-0:0.7.4-2.el7sat
  • tfm-rubygem-ms_rest_azure-0:0.11.1-2.el7sat
  • tfm-rubygem-multi_json-0:1.14.1-1.el7sat
  • tfm-rubygem-multipart-post-0:2.0.0-1.el7sat
  • tfm-rubygem-mustermann-0:1.0.2-4.el7sat
  • tfm-rubygem-net-ldap-0:0.16.1-1.el7sat
  • tfm-rubygem-net-ping-0:2.0.1-3.el7sat
  • tfm-rubygem-net-scp-0:1.2.1-3.el7sat
  • tfm-rubygem-net-ssh-0:4.2.0-1.el7sat
  • tfm-rubygem-net-ssh-krb-0:0.4.0-3.el7sat
  • tfm-rubygem-netrc-0:0.11.0-3.el7sat
  • tfm-rubygem-nio4r-0:2.5.2-2.el7sat
  • tfm-rubygem-nio4r-debuginfo-0:2.5.2-2.el7sat
  • tfm-rubygem-nokogiri-0:1.10.9-1.el7sat
  • tfm-rubygem-nokogiri-debuginfo-0:1.10.9-1.el7sat
  • tfm-rubygem-oauth-0:0.5.4-3.el7sat
  • tfm-rubygem-openscap-0:0.4.9-3.el7sat
  • tfm-rubygem-optimist-0:3.0.0-1.el7sat
  • tfm-rubygem-os-0:1.0.0-1.el7sat
  • tfm-rubygem-ovirt-engine-sdk-0:4.2.3-3.el7sat
  • tfm-rubygem-ovirt-engine-sdk-debuginfo-0:4.2.3-3.el7sat
  • tfm-rubygem-ovirt_provision_plugin-0:2.0.3-1.el7sat
  • tfm-rubygem-parse-cron-0:0.1.4-4.el7sat
  • tfm-rubygem-passenger-0:4.0.18-26.el7sat
  • tfm-rubygem-passenger-debuginfo-0:4.0.18-26.el7sat
  • tfm-rubygem-passenger-native-0:4.0.18-26.el7sat
  • tfm-rubygem-passenger-native-libs-0:4.0.18-26.el7sat
  • tfm-rubygem-pg-0:1.1.4-2.el7sat
  • tfm-rubygem-polyglot-0:0.3.5-3.el7sat
  • tfm-rubygem-powerbar-0:2.0.1-2.el7sat
  • tfm-rubygem-prometheus-client-0:1.0.0-1.el7sat
  • tfm-rubygem-promise.rb-0:0.7.4-1.el7sat
  • tfm-rubygem-public_suffix-0:3.0.3-1.el7sat
  • tfm-rubygem-pulp_2to3_migration_client-1:0.2.0-0.1.b6.el7sat
  • tfm-rubygem-pulp_ansible_client-0:0.2.0b13.dev01588546902-1.el7sat
  • tfm-rubygem-pulp_certguard_client-0:0.1.0rc5-1.el7sat
  • tfm-rubygem-pulp_container_client-0:1.4.1-1.el7sat
  • tfm-rubygem-pulp_file_client-0:1.0.1-1.el7sat
  • tfm-rubygem-pulp_rpm_client-0:3.5.0-1.el7sat
  • tfm-rubygem-pulpcore_client-1:3.4.1-1.el7sat
  • tfm-rubygem-puma-0:4.3.3-4.el7sat
  • tfm-rubygem-puma-debuginfo-0:4.3.3-4.el7sat
  • tfm-rubygem-puma-plugin-systemd-0:0.1.5-1.el7sat
  • tfm-rubygem-quantile-0:0.2.0-3.el7sat
  • tfm-rubygem-rabl-0:0.14.3-1.el7sat
  • tfm-rubygem-rack-0:2.2.3-1.el7sat
  • tfm-rubygem-rack-cors-0:1.0.2-1.el7sat
  • tfm-rubygem-rack-jsonp-0:1.3.1-9.el7sat
  • tfm-rubygem-rack-protection-0:2.0.3-4.el7sat
  • tfm-rubygem-rack-test-0:1.1.0-4.el7sat
  • tfm-rubygem-rails-0:6.0.3.1-1.el7sat
  • tfm-rubygem-rails-dom-testing-0:2.0.3-6.el7sat
  • tfm-rubygem-rails-html-sanitizer-0:1.3.0-1.el7sat
  • tfm-rubygem-rails-i18n-0:6.0.0-2.el7sat
  • tfm-rubygem-railties-0:6.0.3.1-1.el7sat
  • tfm-rubygem-rainbow-0:2.2.1-5.el7sat
  • tfm-rubygem-rb-inotify-0:0.9.7-5.el7sat
  • tfm-rubygem-rbovirt-0:0.1.7-4.el7sat
  • tfm-rubygem-rbvmomi-0:2.2.0-3.el7sat
  • tfm-rubygem-record_tag_helper-0:1.0.1-3.el7sat
  • tfm-rubygem-recursive-open-struct-0:1.1.0-1.el7sat
  • tfm-rubygem-redhat_access-0:2.2.18-1.el7sat
  • tfm-rubygem-redhat_access_lib-0:1.1.5-1.el7sat
  • tfm-rubygem-redis-0:4.1.2-2.el7sat
  • tfm-rubygem-representable-0:3.0.4-1.el7sat
  • tfm-rubygem-responders-0:3.0.0-3.el7sat
  • tfm-rubygem-rest-client-0:2.0.2-3.el7sat
  • tfm-rubygem-retriable-0:3.1.2-1.el7sat
  • tfm-rubygem-rkerberos-0:0.1.5-18.el7sat
  • tfm-rubygem-rkerberos-debuginfo-0:0.1.5-18.el7sat
  • tfm-rubygem-roadie-0:3.4.0-3.el7sat
  • tfm-rubygem-roadie-rails-0:2.1.1-2.el7sat
  • tfm-rubygem-robotex-0:1.0.0-21.el7sat
  • tfm-rubygem-rsec-0:0.4.3-4.el7sat
  • tfm-rubygem-ruby-libvirt-0:0.7.0-4.el7sat
  • tfm-rubygem-ruby-libvirt-debuginfo-0:0.7.0-4.el7sat
  • tfm-rubygem-ruby2ruby-0:2.4.2-3.el7sat
  • tfm-rubygem-ruby_parser-0:3.10.1-2.el7sat
  • tfm-rubygem-rubyipmi-0:0.10.0-6.el7sat
  • tfm-rubygem-runcible-0:2.13.0-2.el7sat
  • tfm-rubygem-safemode-0:1.3.5-2.el7sat
  • tfm-rubygem-scoped_search-0:4.1.9-1.el7sat
  • tfm-rubygem-secure_headers-0:6.3.0-2.el7sat
  • tfm-rubygem-sequel-0:5.7.1-2.el7sat
  • tfm-rubygem-sexp_processor-0:4.10.0-5.el7sat
  • tfm-rubygem-sidekiq-0:5.2.7-3.el7sat
  • tfm-rubygem-signet-0:0.11.0-3.el7sat
  • tfm-rubygem-sinatra-0:2.0.3-4.el7sat
  • tfm-rubygem-smart_proxy_ansible-0:3.0.1-5.el7sat
  • tfm-rubygem-smart_proxy_dhcp_infoblox-0:0.0.16-3.el7sat
  • tfm-rubygem-smart_proxy_dhcp_remote_isc-0:0.0.5-2.el7sat
  • tfm-rubygem-smart_proxy_discovery-0:1.0.5-5.el7sat
  • tfm-rubygem-smart_proxy_discovery_image-0:1.2.1-1.fm2_1.el7sat
  • tfm-rubygem-smart_proxy_dns_infoblox-0:1.0.0-7.fm2_1.el7sat
  • tfm-rubygem-smart_proxy_dynflow-0:0.2.4-5.el7sat
  • tfm-rubygem-smart_proxy_dynflow_core-0:0.2.6-1.fm2_1.el7sat
  • tfm-rubygem-smart_proxy_openscap-0:0.7.3-1.fm2_1.el7sat
  • tfm-rubygem-smart_proxy_pulp-0:2.1.0-2.el7sat
  • tfm-rubygem-smart_proxy_remote_execution_ssh-0:0.3.0-3.el7sat
  • tfm-rubygem-sprockets-0:3.7.2-6.el7sat
  • tfm-rubygem-sprockets-rails-0:3.2.1-6.el7sat
  • tfm-rubygem-sqlite3-0:1.3.13-5.el7sat
  • tfm-rubygem-sqlite3-debuginfo-0:1.3.13-5.el7sat
  • tfm-rubygem-sshkey-0:1.9.0-3.el7sat
  • tfm-rubygem-statsd-instrument-0:2.1.4-2.el7sat
  • tfm-rubygem-stomp-0:1.4.9-1.el7sat
  • tfm-rubygem-text-0:1.3.0-7.el7sat
  • tfm-rubygem-thor-0:1.0.1-2.el7sat
  • tfm-rubygem-thread_safe-0:0.3.6-5.el7sat
  • tfm-rubygem-tilt-0:2.0.8-4.el7sat
  • tfm-rubygem-timeliness-0:0.3.10-1.el7sat
  • tfm-rubygem-tzinfo-0:1.2.6-1.el7sat
  • tfm-rubygem-uber-0:0.1.0-1.el7sat
  • tfm-rubygem-unf-0:0.1.3-7.el7sat
  • tfm-rubygem-unf_ext-0:0.0.7.2-1.el7sat
  • tfm-rubygem-unf_ext-debuginfo-0:0.0.7.2-1.el7sat
  • tfm-rubygem-unicode-0:0.4.4.4-1.el7sat
  • tfm-rubygem-unicode-debuginfo-0:0.4.4.4-1.el7sat
  • tfm-rubygem-unicode-display_width-0:1.0.5-5.el7sat
  • tfm-rubygem-validates_lengths_from_database-0:0.5.0-7.el7sat
  • tfm-rubygem-webpack-rails-0:0.9.8-6.el7sat
  • tfm-rubygem-websocket-driver-0:0.7.1-1.el7sat
  • tfm-rubygem-websocket-driver-debuginfo-0:0.7.1-1.el7sat
  • tfm-rubygem-websocket-extensions-0:0.1.5-1.el7sat
  • tfm-rubygem-will_paginate-0:3.1.7-3.el7sat
  • tfm-rubygem-x-editable-rails-0:1.5.5-5.el7sat
  • tfm-rubygem-xmlrpc-0:0.3.0-2.el7sat
  • tfm-rubygem-zeitwerk-0:2.2.2-1.el7sat
  • tfm-runtime-0:6.1-1.el7sat
refmap via4
confirm https://puppet.com/security/cve/CVE-2020-7942/
Last major update 30-12-2021 - 13:33
Published 19-02-2020 - 21:15
Last modified 30-12-2021 - 13:33
Back to Top