Fedora 20: setroubleshoot Security Update

    Date08 Apr 2015
    CategoryFedora
    75
    Posted ByLinuxSecurity Advisories
    Security fix for CVE-2015-1815
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2015-4833
    2015-03-28 23:41:04
    --------------------------------------------------------------------------------
    
    Name        : setroubleshoot
    Product     : Fedora 20
    Version     : 3.2.17
    Release     : 2.fc20
    URL         : https://fedorahosted.org/setroubleshoot
    Summary     : Helps troubleshoot SELinux problems
    Description :
    setroubleshoot GUI. Application that allows you to view setroubleshoot-server
    messages.
    Provides tools to help diagnose SELinux problems. When AVC messages
    are generated an alert can be generated that will give information
    about the problem and help track its resolution. Alerts can be configured
    to user preference. The same tools can be run on existing log files.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Security fix for CVE-2015-1815
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Thu Mar 26 2015 Petr Lautrbach  3.2.17-2
    - Fix get_rpm_nvr_*_temporary functions - CVE-2015-1815 (#1203352)
    * Mon Jan 20 2014 Dan Walsh  - 3.2.17-1
    - Fix unicode settings
    * Tue Jan  7 2014 Dan Walsh  - 3.2.16-2
    - Remove requires for notify-python and yum
    * Thu Jan  2 2014 Dan Walsh  - 3.2.16-1
    - Don't error out on no policy installed
    - Update translations.
    * Thu Jan  2 2014 Dan Walsh  - 3.2.15-2
    - Eliminate requirement on service script.
    * Tue Dec  3 2013 Dan Walsh  - 3.2.15-1
    - Update Lanquages
    - Use setup.py in Makefile for setroubleshoot dir
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1203352 - CVE-2015-1815 setroubleshoot: command injection via crafted file name
            https://bugzilla.redhat.com/show_bug.cgi?id=1203352
    --------------------------------------------------------------------------------
    
    This update can be installed with the "yum" update program.  Use
    su -c 'yum update setroubleshoot' at the command line.
    For more information, refer to "Managing Software with yum",
    available at http://docs.fedoraproject.org/yum/.
    
    All packages are signed with the Fedora Project GPG key.  More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://admin.fedoraproject.org/mailman/listinfo/package-announce
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.