{"id":"RHSA-2026:14874","summary":"Red Hat Security Advisory: Satellite 6.16.8 Async Update","modified":"2026-05-19T10:05:30Z","published":"2026-05-08T10:05:29Z","upstream":["CVE-2025-69534","CVE-2026-25990","CVE-2026-27459","CVE-2026-27727","CVE-2026-33176"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:14874"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439170"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2442671"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2444839"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448503"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450551"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-43834"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44030"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44031"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44032"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44033"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44034"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44035"},{"type":"ARTICLE","url":"https://issues.redhat.com/browse/SAT-44036"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14874.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-69534"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-69534"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-69534"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown/actions/runs/15736122892"},{"type":"ARTICLE","url":"https://github.com/Python-Markdown/markdown/issues/1534"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-25990"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-25990"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25990"},{"type":"ARTICLE","url":"https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa"},{"type":"ARTICLE","url":"https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-27459"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-27459"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27459"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/blob/358cbf29c4e364c59930e53a270116249581eaa3/CHANGELOG.rst"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408"},{"type":"ARTICLE","url":"https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-27727"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-27727"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-27727"},{"type":"ARTICLE","url":"https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44"},{"type":"ARTICLE","url":"https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal"},{"type":"ARTICLE","url":"https://www.mchange.com/projects/c3p0/#configuring_security"},{"type":"ARTICLE","url":"https://www.mchange.com/projects/c3p0/#security-note"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2026-33176"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2026-33176"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33176"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/19dbab51ca086a657bb86458042bc44314916bcb"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/ebd6be18120d1136511eb516338e27af25ac0a1a"},{"type":"ARTICLE","url":"https://github.com/rails/rails/commit/ee2c59e730e5b8faed502cd2c573109df093f856"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v7.2.3.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v8.0.4.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/releases/tag/v8.1.2.1"},{"type":"ARTICLE","url":"https://github.com/rails/rails/security/advisories/GHSA-2j26-frm8-cmj9"}],"affected":[{"package":{"name":"python-markdown","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-markdown","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python3.11-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-markdown","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-markdown","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python3.11-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-markdown","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-markdown","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python3.11-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-markdown","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-markdown","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python3.11-markdown"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.2-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow-debugsource","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python-pillow-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow-debuginfo","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pillow-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow-debugsource","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python-pillow-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow-debuginfo","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pillow-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow-debugsource","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python-pillow-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow-debuginfo","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pillow-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pillow-debugsource","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python-pillow-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pillow"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pillow-debuginfo","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pillow-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:12.1.1-1.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pyOpenSSL","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pyOpenSSL","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pyOpenSSL","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pyOpenSSL","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/python3.11-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el8pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pyOpenSSL","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pyOpenSSL","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python-pyOpenSSL","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"python3.11-pyOpenSSL","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/python3.11-pyOpenSSL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:24.1.0-2.el9pc"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"candlepin","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/candlepin"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.25-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"candlepin-selinux","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/candlepin-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.25-1.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"candlepin","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/candlepin"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.25-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"candlepin-selinux","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/candlepin-selinux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.25-1.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite_capsule:6.16::el8","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.1.7.8-2.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite:6.16::el8","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.1.7.8-2.el8sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite_capsule:6.16::el9","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.1.7.8-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}},{"package":{"name":"rubygem-activesupport","ecosystem":"Red Hat:satellite:6.16::el9","purl":"pkg:rpm/redhat/rubygem-activesupport"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:6.1.7.8-2.el9sat"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:14874.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}]}