What Are You Looking For?

Sign Up
Synopsis:          Low: policycoreutils security, bug fix, and enhancement update
Advisory ID:       SLSA-2018:0913-1
Issue Date:        2018-04-10
CVE Numbers:       CVE-2018-1063
--

Security Fix(es):

* policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp
change the context of their target instead (CVE-2018-1063)

This issue was discovered by Renaud Mtrich (Red Hat).

Additional Changes:
--

SL7
  x86_64
    policycoreutils-2.5-22.el7.x86_64.rpm
    policycoreutils-debuginfo-2.5-22.el7.i686.rpm
    policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm
    policycoreutils-devel-2.5-22.el7.i686.rpm
    policycoreutils-devel-2.5-22.el7.x86_64.rpm
    policycoreutils-gui-2.5-22.el7.x86_64.rpm
    policycoreutils-newrole-2.5-22.el7.x86_64.rpm
    policycoreutils-python-2.5-22.el7.x86_64.rpm
    policycoreutils-sandbox-2.5-22.el7.x86_64.rpm
    policycoreutils-2.5-22.el7.src.rpm
    policycoreutils-restorecond-2.5-22.el7.x86_64.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2018-0913-1 Low: policycoreutils on SL7.x x86_64

policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063) This issue was discovered by Renaud Mtrich (Red Hat)

Summary

Low: policycoreutils security, bug fix, and enhancement update



Security Fixes

* policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063)
This issue was discovered by Renaud Mtrich (Red Hat).
Additional Changes:
SL7 x86_64 policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm policycoreutils-2.5-22.el7.src.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2018:0913-1
Issued Date: : 2018-04-10
CVE Numbers: CVE-2018-1063

Related News

New BlackCat Hacker Tool Spreads Ransomware to Remote Machines

Oct 20, 2023

Linux Ransomware Poses Significant Threat to Critical Infrastructure

Jul 23, 2023

The Great CentOS Linux Migration: How We Got Here and What’s Next

Sep 9, 2023

Linux kCFI/FineIBT Weaknesses Addressed By Rewriting Some Assembly In C

Jul 17, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo