{ "schema_version": "1.7.0", "id": "RHSA-2026:14873", "related": [], "upstream": [ "CVE-2025-69534", "CVE-2026-25990", "CVE-2026-27459", "CVE-2026-27727", "CVE-2026-33176" ], "published": "2026-05-08T10:05:28Z", "modified": "2026-05-12T10:06:17Z", "summary": "Red Hat Security Advisory: Satellite 6.17.8 Async Update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "affected": [ { "package": { "name": "python-markdown", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python-markdown" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:3.8.2-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-markdown", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-markdown" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:3.8.2-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-markdown", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python-markdown" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:3.8.2-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-markdown", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-markdown" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:3.8.2-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pillow", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python-pillow" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pillow-debugsource", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python-pillow-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pillow", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pillow" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pillow-debuginfo", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pillow", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python-pillow" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pillow-debugsource", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python-pillow-debugsource" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pillow", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pillow" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pillow-debuginfo", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pillow-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:12.1.1-1.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pyOpenSSL", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python-pyOpenSSL" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:25.1.0-0.3.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pyOpenSSL", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pyOpenSSL" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:25.1.0-0.3.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python-pyOpenSSL", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python-pyOpenSSL" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:25.1.0-0.3.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "python3.11-pyOpenSSL", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/python3.11-pyOpenSSL" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:25.1.0-0.3.el9pc" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "candlepin", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/candlepin" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:4.4.25-1.el9sat" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "candlepin-selinux", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/candlepin-selinux" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:4.4.25-1.el9sat" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "rubygem-activesupport", "ecosystem": "Red Hat:satellite_capsule:6.17::el9", "purl": "pkg:rpm/redhat/rubygem-activesupport" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.0.8.7-2.el9sat" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "rubygem-activesupport", "ecosystem": "Red Hat:satellite:6.17::el9", "purl": "pkg:rpm/redhat/rubygem-activesupport" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.0.8.7-2.el9sat" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2026:14873" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439170" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448503" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450551" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43920" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43921" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43922" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43923" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43925" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43926" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43928" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43929" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-43931" }, { "type": "ARTICLE", "url": "https://issues.redhat.com/browse/SAT-44039" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14873.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2025-69534" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2025-69534" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534" }, { "type": "ARTICLE", "url": "https://github.com/Python-Markdown/markdown" }, { "type": "ARTICLE", "url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892" }, { "type": "ARTICLE", "url": "https://github.com/Python-Markdown/markdown/issues/1534" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-25990" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-25990" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25990" }, { "type": "ARTICLE", "url": "https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa" }, { "type": "ARTICLE", "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27459" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27459" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27459" }, { "type": "ARTICLE", "url": "https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst" }, { "type": "ARTICLE", "url": "https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408" }, { "type": "ARTICLE", "url": "https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-27727" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-27727" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727" }, { "type": "ARTICLE", "url": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44" }, { "type": "ARTICLE", "url": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal" }, { "type": "ARTICLE", "url": "https://www.mchange.com/projects/c3p0/#configuring_security" }, { "type": "ARTICLE", "url": "https://www.mchange.com/projects/c3p0/#security-note" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2026-33176" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2026-33176" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33176" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/releases/tag/v7.2.3.1" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/releases/tag/v8.0.4.1" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/releases/tag/v8.1.2.1" }, { "type": "ARTICLE", "url": "https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9" } ] }