Low: selinux-policy enhancement update
Date: Tue, 11 Dec 2012 09:05:51 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Organization: Fermilab
Subject: FASTBUGS for SL 5x i386, x86_64 now available
MIME-Version: 1.0
The following FASTBUGS have been uploaded to
i386:
kmod-bnx2-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2i-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2i-PAE-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2i-xen-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2-PAE-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2x-1.72.51_0-1.el5_8.i686.rpm
kmod-bnx2-xen-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2x-PAE-1.72.51_0-1.el5_8.i686.rpm
kmod-bnx2x-xen-1.72.51_0-1.el5_8.i686.rpm
kmod-cnic-2.5.12-1.el5_8.i686.rpm
kmod-cnic-PAE-2.5.12-1.el5_8.i686.rpm
kmod-cnic-xen-2.5.12-1.el5_8.i686.rpm
x86_64:
kmod-bnx2-2.1.11.346-1.el5_8.x86_64.rpm
kmod-bnx2i-2.7.2.2-1.el5_8.x86_64.rpm
kmod-bnx2i-xen-2.7.2.2-1.el5_8.x86_64.rpm
kmod-bnx2x-1.72.51_0-1.el5_8.x86_64.rpm
kmod-bnx2-xen-2.1.11.346-1.el5_8.x86_64.rpm
kmod-bnx2x-xen-1.72.51_0-1.el5_8.x86_64.rpm
kmod-cnic-2.5.12-1.el5_8.x86_64.rpm
kmod-cnic-xen-2.5.12-1.el5_8.x86_64.rpm
Date: Tue, 18 Dec 2012 09:05:55 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Organization: Fermilab
Subject: Security ERRATA Low: selinux-policy enhancement update on SL6.x
i386/x86_64
MIME-Version: 1.0
Synopsis: Low: selinux-policy enhancement update
Issue date: 2012-12-18
This update adds the following bugfixes:
* Due to a bug in the SELinux policy, it was not possible to run a cron
job with
a valid MLS (Multi Level Security) context for the sysadm_u SELinux
user. This
update fixes relevant SELinux policy rules and cron now works as
expected in the
described scenario.
* Previously, SELinux prevented "rhevm-guest-agent-gdm-plugin" to
connect to the
SO_PASSCRED UNIX domain socket. Consequently, Single Sign-On (SSO) did
not work
because the access to the credential socket was blocked. This update
fixes the
relevant policy and SSO now works as expected in the described scenario.
This update has been placed in the security tree to avoid selinux bugs.
SL6.x
SRPMS:
selinux-policy-3.7.19-155.el6_3.13.src.rpm
i386:
selinux-policy-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-doc-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-minimum-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-mls-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-targeted-3.7.19-155.el6_3.13.noarch.rpm
x86_64:
selinux-policy-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-doc-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-minimum-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-mls-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-targeted-3.7.19-155.el6_3.13.noarch.rpm