{"id":"RHSA-2026:14835","summary":"Red Hat Security Advisory: Satellite 6.18.5 Async Update","modified":"2026-05-09T10:04:17Z","published":"2026-05-08T10:05:25Z","upstream":["CVE-2025-14550","CVE-2025-69534","CVE-2026-1207","CVE-2026-1285","CVE-2026-1287","CVE-2026-1312","CVE-2026-27459","CVE-2026-33176"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:14835"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_satellite/6.18/html/updating_red_hat_satellite/index"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-37836"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43946"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43947"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43948"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43949"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43950"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43951"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43952"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43953"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43954"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43955"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43956"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43958"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43959"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43960"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43962"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43963"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44062"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44760"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44761"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44762"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14835.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-14550"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436341"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-14550"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14550"},{"type":"ARTICLE","url":"https://docs.djangoproject.com/en/dev/releases/security/"},{"type":"ARTICLE","url":"https://groups.google.com/g/django-announce"},{"type":"ARTICLE","url":"https://www.djangoproject.com/weblog/2026/feb/03/security-releases/"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-69534"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444839"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-69534"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69534"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown/actions/runs/15736122892"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown/issues/1534"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1207"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436338"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-1207"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1207"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1285"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436340"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-1285"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1285"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1287"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436339"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-1287"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1287"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-1312"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2436342"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-1312"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1312"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-27459"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448503"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-27459"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27459"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33176"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450551"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33176"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33176"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v7.2.3.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v8.0.4.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v8.1.2.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9"}],"affected":[{"package":{"name":"python3.12-django","ecosystem":"Red Hat:satellite_capsule:6.18::el9","purl":"pkg:rpm/redhat/python3.12-django"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.30-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"python3.12-django","ecosystem":"Red Hat:satellite:6.18::el9","purl":"pkg:rpm/redhat/python3.12-django"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.2.30-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"python3.12-markdown","ecosystem":"Red Hat:satellite_capsule:6.18::el9","purl":"pkg:rpm/redhat/python3.12-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"python3.12-markdown","ecosystem":"Red Hat:satellite:6.18::el9","purl":"pkg:rpm/redhat/python3.12-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"python3.12-pyOpenSSL","ecosystem":"Red Hat:satellite_capsule:6.18::el9","purl":"pkg:rpm/redhat/python3.12-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:26.0.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"python3.12-pyOpenSSL","ecosystem":"Red Hat:satellite:6.18::el9","purl":"pkg:rpm/redhat/python3.12-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:26.0.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite_capsule:6.18::el9","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.8.7-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite:6.18::el9","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:7.0.8.7-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14835.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}