Site icon API Security Blog

(RHSA-2022:6268) Moderate: convert2rhel security, bug fix, and enhancement update

The convert2rhel package provides the Convert2RHEL utility, which performs operating system conversion. During the conversion process, Convert2RHEL replaces all RPM packages from the original Linux distribution with their Red Hat Enteprise Linux versions.

Security Fix(es):

* convert2rhel: Activation key passed via command line by code (CVE-2022-0851)

Bug Fix(es):

* Conversion fails due to gnome-documents-libs conflict (BZ#2043724)
* Using dbus API for RHSM registration to safely pass the activation key
* Verifying GPG key for UBI repositories

Deprecation:

* Deprecated `-f|–password-from-file` parameter option

Enhancement(s):

* Checking if a new version of convert2rhel is available
* Warning if multiple authentication sources are specified
* Fixed logging error with unavailable RHSM certificate
* Fixed gnome-documents-libs package conflict
* Fixed handling shim-x64 package protection on non-UEFI systems

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Read More

Exit mobile version