Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Scientific Linux SL6.x: SELinux Low Policy Update Notification 2012-12-18

Scientific Large Esm H446
Low: selinux-policy enhancement update
Date: Tue, 11 Dec 2012 09:05:51 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: FASTBUGS for SL 5x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
kmod-bnx2-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2i-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2i-PAE-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2i-xen-2.7.2.2-1.el5_8.i686.rpm
kmod-bnx2-PAE-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2x-1.72.51_0-1.el5_8.i686.rpm
kmod-bnx2-xen-2.1.11.346-1.el5_8.i686.rpm
kmod-bnx2x-PAE-1.72.51_0-1.el5_8.i686.rpm
kmod-bnx2x-xen-1.72.51_0-1.el5_8.i686.rpm
kmod-cnic-2.5.12-1.el5_8.i686.rpm
kmod-cnic-PAE-2.5.12-1.el5_8.i686.rpm
kmod-cnic-xen-2.5.12-1.el5_8.i686.rpm

x86_64:
kmod-bnx2-2.1.11.346-1.el5_8.x86_64.rpm
kmod-bnx2i-2.7.2.2-1.el5_8.x86_64.rpm
kmod-bnx2i-xen-2.7.2.2-1.el5_8.x86_64.rpm
kmod-bnx2x-1.72.51_0-1.el5_8.x86_64.rpm
kmod-bnx2-xen-2.1.11.346-1.el5_8.x86_64.rpm
kmod-bnx2x-xen-1.72.51_0-1.el5_8.x86_64.rpm
kmod-cnic-2.5.12-1.el5_8.x86_64.rpm
kmod-cnic-xen-2.5.12-1.el5_8.x86_64.rpm
Date: Tue, 18 Dec 2012 09:05:55 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Low: selinux-policy enhancement update on SL6.x
 i386/x86_64
MIME-Version: 1.0

Synopsis: Low: selinux-policy enhancement update
Issue date: 2012-12-18

This update adds the following bugfixes:

* Due to a bug in the SELinux policy, it was not possible to run a cron
job with
a valid MLS (Multi Level Security) context for the sysadm_u SELinux
user. This
update fixes relevant SELinux policy rules and cron now works as
expected in the
described scenario.

* Previously, SELinux prevented "rhevm-guest-agent-gdm-plugin" to
connect to the
SO_PASSCRED UNIX domain socket. Consequently, Single Sign-On (SSO) did
not work
because the access to the credential socket was blocked. This update
fixes the
relevant policy and SSO now works as expected in the described scenario.

This update has been placed in the security tree to avoid selinux bugs.

SL6.x

SRPMS:
selinux-policy-3.7.19-155.el6_3.13.src.rpm

i386:
selinux-policy-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-doc-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-minimum-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-mls-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-targeted-3.7.19-155.el6_3.13.noarch.rpm

x86_64:
selinux-policy-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-doc-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-minimum-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-mls-3.7.19-155.el6_3.13.noarch.rpm
selinux-policy-targeted-3.7.19-155.el6_3.13.noarch.rpm
Your message here