Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 11 articles for you...
203
security advisorysecurity updatehigh severityMageia 7: MGASA-2021-0032 Critical SELinux Vulnerability Alert
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing) (CVE-2018-1063). . MGASA-2021-0032 - Updated policycoreutils packages fix a security vulnerability Publication date: 17 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0032.html Type: security Affected Mageia releases: 7 CVE: CVE-2018-1063 Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing) (CVE-2018-1063). References: - https://bugs.mageia.org/show_bug.cgi?id=22890 - https://access.redhat.com/errata/RHSA-2018:0913 - https://www.cve.org/CVERecord?id=CVE-2018-1063 SRPMS: - 7/core/policycoreutils-2.5-14.1.mga7 . Mageia 2021-0045 fixes a security flaw related to improper handling of memory in the kernel. Continue reading for further information.. Mageia Security Advisory, SELinux Context, Policycoreutils Update. . Severity: Critical. LinuxSecurity.com Team
Jan 17, 2021
•Critical
Mageia
200
security advisorysecurity fixlow severityScientific Linux 7 SLSA-2018:0913-1 Low Severity: Policycoreutils Issue
policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063) This issue was discovered by Renaud Mtrich (Red Hat). Additional Changes: SL7 x86_64 policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el [More...]. Synopsis: Low: policycoreutils security, bug fix, and enhancement update Advisory ID: SLSA-2018:0913-1 Issue Date: 2018-04-10 CVE Numbers: CVE-2018-1063 -- Security Fix(es): * policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063) This issue was discovered by Renaud Mtrich (Red Hat). Additional Changes: -- SL7 x86_64 policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm policycoreutils-2.5-22.el7.src.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm - Scientific Linux Development Team . Security patch for policycoreutils rectifying minor vulnerabilities related to symbolic link handling on Scientific Linux 7.. Security Update, Policycoreutils, Scientific Linux, Symbolic Links. . Severity: Low. LinuxSecurity.com Team
Apr 30, 2018
•Low
Scientific Linux
98
security advisorybug fixRed Hat Enterprise LinuxRed Hat 7 RHSA-2018-0913 Low: Policycoreutils Security Update
An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Low: policycoreutils security, bug fix, and enhancement update Advisory ID: RHSA-2018:0913-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:0913 Issue date: 2018-04-10 CVE Names: CVE-2018-1063 ==================================================================== 1. Summary: An update for policycoreutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Buildroot (shipped just to git.centos.org) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. SecurityFix(es): * policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Renaud Métrich (Red Hat). Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 974163 - semanage port -l shows a port with multiple types 1260238 - RFE: restorecon should say in verbose mode when it doesn't change a context due to customizable_type 1337192 - semodule: provide better documentation for behavior across operations with modules 1376770 - sealert tracebacks when lithuanian locales are used 1409813 - file context policy does not honor globs for /home based entries 1458831 - '/sbin/fixfiles restore' doesn't relabel all files when run from /.autorelabel or from system when some special files are present in /tmp 1471809 - RFE: backport SELinux/InfiniBand userspace support 1481191 - [policycoreutils] Tier 0 Localization 1499259 - semanage fcontext "-f/--ftype" description is broken 1550122 - CVE-2018-1063 policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead 6. Package List: Red Hat Enterprise Linux Client (v.7): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm Buildroot (shipped just to git.centos.org): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm Buildroot (shipped just to git.centos.org): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: policycoreutils-2.5-22.el7.src.rpm ppc64: policycoreutils-2.5-22.el7.ppc64.rpm policycoreutils-debuginfo-2.5-22.el7.ppc.rpm policycoreutils-debuginfo-2.5-22.el7.ppc64.rpm policycoreutils-devel-2.5-22.el7.ppc.rpm policycoreutils-devel-2.5-22.el7.ppc64.rpm policycoreutils-gui-2.5-22.el7.ppc64.rpm policycoreutils-newrole-2.5-22.el7.ppc64.rpm policycoreutils-python-2.5-22.el7.ppc64.rpm policycoreutils-sandbox-2.5-22.el7.ppc64.rpm ppc64le: policycoreutils-2.5-22.el7.ppc64le.rpm policycoreutils-debuginfo-2.5-22.el7.ppc64le.rpm policycoreutils-devel-2.5-22.el7.ppc64le.rpm policycoreutils-gui-2.5-22.el7.ppc64le.rpm policycoreutils-newrole-2.5-22.el7.ppc64le.rpm policycoreutils-python-2.5-22.el7.ppc64le.rpm policycoreutils-sandbox-2.5-22.el7.ppc64le.rpm s390x: policycoreutils-2.5-22.el7.s390x.rpm policycoreutils-debuginfo-2.5-22.el7.s390.rpm policycoreutils-debuginfo-2.5-22.el7.s390x.rpm policycoreutils-devel-2.5-22.el7.s390.rpm policycoreutils-devel-2.5-22.el7.s390x.rpm policycoreutils-gui-2.5-22.el7.s390x.rpm policycoreutils-newrole-2.5-22.el7.s390x.rpm policycoreutils-python-2.5-22.el7.s390x.rpm policycoreutils-sandbox-2.5-22.el7.s390x.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v.7): Source: policycoreutils-2.5-22.el7.src.rpm aarch64: policycoreutils-2.5-22.el7.aarch64.rpm policycoreutils-debuginfo-2.5-22.el7.aarch64.rpm policycoreutils-devel-2.5-22.el7.aarch64.rpm policycoreutils-gui-2.5-22.el7.aarch64.rpm policycoreutils-newrole-2.5-22.el7.aarch64.rpm policycoreutils-python-2.5-22.el7.aarch64.rpm policycoreutils-sandbox-2.5-22.el7.aarch64.rpm ppc64le: policycoreutils-2.5-22.el7.ppc64le.rpm policycoreutils-debuginfo-2.5-22.el7.ppc64le.rpm policycoreutils-devel-2.5-22.el7.ppc64le.rpm policycoreutils-gui-2.5-22.el7.ppc64le.rpm policycoreutils-newrole-2.5-22.el7.ppc64le.rpm policycoreutils-python-2.5-22.el7.ppc64le.rpm policycoreutils-sandbox-2.5-22.el7.ppc64le.rpm s390x: policycoreutils-2.5-22.el7.s390x.rpm policycoreutils-debuginfo-2.5-22.el7.s390.rpm policycoreutils-debuginfo-2.5-22.el7.s390x.rpm policycoreutils-devel-2.5-22.el7.s390.rpm policycoreutils-devel-2.5-22.el7.s390x.rpm policycoreutils-gui-2.5-22.el7.s390x.rpm policycoreutils-newrole-2.5-22.el7.s390x.rpm policycoreutils-python-2.5-22.el7.s390x.rpm policycoreutils-sandbox-2.5-22.el7.s390x.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: policycoreutils-debuginfo-2.5-22.el7.aarch64.rpm policycoreutils-restorecond-2.5-22.el7.aarch64.rpm ppc64le: policycoreutils-debuginfo-2.5-22.el7.ppc64le.rpm policycoreutils-restorecond-2.5-22.el7.ppc64le.rpm s390x: policycoreutils-debuginfo-2.5-22.el7.s390x.rpm policycoreutils-restorecond-2.5-22.el7.s390x.rpm Buildroot (shipped just to git.centos.org): Source: policycoreutils-2.5-22.el7.src.rpm ppc64: policycoreutils-2.5-22.el7.ppc64.rpm policycoreutils-debuginfo-2.5-22.el7.ppc64.rpm ppc64le: policycoreutils-2.5-22.el7.ppc64le.rpm policycoreutils-debuginfo-2.5-22.el7.ppc64le.rpm s390x: policycoreutils-2.5-22.el7.s390x.rpm policycoreutils-debuginfo-2.5-22.el7.s390x.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: policycoreutils-debuginfo-2.5-22.el7.ppc64.rpm policycoreutils-restorecond-2.5-22.el7.ppc64.rpm ppc64le: policycoreutils-debuginfo-2.5-22.el7.ppc64le.rpm policycoreutils-restorecond-2.5-22.el7.ppc64le.rpm s390x: policycoreutils-debuginfo-2.5-22.el7.s390x.rpm policycoreutils-restorecond-2.5-22.el7.s390x.rpm x86_64: policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.i686.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-devel-2.5-22.el7.i686.rpm policycoreutils-devel-2.5-22.el7.x86_64.rpm policycoreutils-gui-2.5-22.el7.x86_64.rpm policycoreutils-newrole-2.5-22.el7.x86_64.rpm policycoreutils-python-2.5-22.el7.x86_64.rpm policycoreutils-sandbox-2.5-22.el7.x86_64.rpm Buildroot (shipped just to git.centos.org): Source: policycoreutils-2.5-22.el7.src.rpm x86_64: policycoreutils-2.5-22.el7.x86_64.rpm policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-22.el7.x86_64.rpm policycoreutils-restorecond-2.5-22.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-1063 https://access.redhat.com/security/updates/classification/#low https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/html/7.5_release_notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFazHm7XlSAg2UNWIIRAsW7AJwNMvwEDeYhCV8W1mUZjYAtPBx6cgCfUJL7 Bk9p+RFKwkBhodIlcn06UAk=cEf5 -----END PGP SIGNATURE----- -- RHSA-announce mailinglist
Apr 10, 2018
•Low
Red Hat
98
security advisoryred hatimportantRed Hat 7.1: RHSA-2017-0536-01 Important: Policycoreutils Sandbox Escape
An update for policycoreutils is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: policycoreutils security update Advisory ID: RHSA-2017:0536-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0536.html Issue date: 2017-03-15 CVE Names: CVE-2016-7545 ==================================================================== 1. Summary: An update for policycoreutils is now available for Red Hat Enterprise Linux 7.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64 3. Description: The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1378577 - CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.1): Source: policycoreutils-2.2.5-16.el7_1.src.rpm x86_64: policycoreutils-2.2.5-16.el7_1.x86_64.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm policycoreutils-newrole-2.2.5-16.el7_1.x86_64.rpm policycoreutils-python-2.2.5-16.el7_1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1): x86_64: policycoreutils-debuginfo-2.2.5-16.el7_1.i686.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm policycoreutils-devel-2.2.5-16.el7_1.i686.rpm policycoreutils-devel-2.2.5-16.el7_1.x86_64.rpm policycoreutils-gui-2.2.5-16.el7_1.x86_64.rpm policycoreutils-restorecond-2.2.5-16.el7_1.x86_64.rpm policycoreutils-sandbox-2.2.5-16.el7_1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.1): Source: policycoreutils-2.2.5-16.el7_1.src.rpm ppc64: policycoreutils-2.2.5-16.el7_1.ppc64.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.ppc.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.ppc64.rpm policycoreutils-devel-2.2.5-16.el7_1.ppc.rpm policycoreutils-devel-2.2.5-16.el7_1.ppc64.rpm policycoreutils-gui-2.2.5-16.el7_1.ppc64.rpm policycoreutils-newrole-2.2.5-16.el7_1.ppc64.rpm policycoreutils-python-2.2.5-16.el7_1.ppc64.rpm policycoreutils-sandbox-2.2.5-16.el7_1.ppc64.rpm s390x: policycoreutils-2.2.5-16.el7_1.s390x.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.s390.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.s390x.rpm policycoreutils-devel-2.2.5-16.el7_1.s390.rpm policycoreutils-devel-2.2.5-16.el7_1.s390x.rpm policycoreutils-gui-2.2.5-16.el7_1.s390x.rpm policycoreutils-newrole-2.2.5-16.el7_1.s390x.rpm policycoreutils-python-2.2.5-16.el7_1.s390x.rpm policycoreutils-sandbox-2.2.5-16.el7_1.s390x.rpm x86_64: policycoreutils-2.2.5-16.el7_1.x86_64.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.i686.rpm policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm policycoreutils-devel-2.2.5-16.el7_1.i686.rpm policycoreutils-devel-2.2.5-16.el7_1.x86_64.rpm policycoreutils-gui-2.2.5-16.el7_1.x86_64.rpm policycoreutils-newrole-2.2.5-16.el7_1.x86_64.rpm policycoreutils-python-2.2.5-16.el7_1.x86_64.rpm policycoreutils-sandbox-2.2.5-16.el7_1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.1): Source: policycoreutils-2.2.5-16.ael7b_1.src.rpm ppc64le: policycoreutils-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-debuginfo-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-devel-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-gui-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-newrole-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-python-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-sandbox-2.2.5-16.ael7b_1.ppc64le.rpm Red Hat Enterprise Linux Server Optional EUS (v.7.1): ppc64: policycoreutils-debuginfo-2.2.5-16.el7_1.ppc64.rpm policycoreutils-restorecond-2.2.5-16.el7_1.ppc64.rpm s390x: policycoreutils-debuginfo-2.2.5-16.el7_1.s390x.rpm policycoreutils-restorecond-2.2.5-16.el7_1.s390x.rpm x86_64: policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm policycoreutils-restorecond-2.2.5-16.el7_1.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.1): ppc64le: policycoreutils-debuginfo-2.2.5-16.ael7b_1.ppc64le.rpm policycoreutils-restorecond-2.2.5-16.ael7b_1.ppc64le.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7545 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYyUnEXlSAg2UNWIIRAon4AKCgxQUpVa9MI+Lfg2nkNvQxAZMz7QCgwyr7 GjOwIm9OkFYG6Qg45YRBDWM=Vwr4 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Mar 15, 2017
•Important
Red Hat
98
security advisoryRed Hat Enterprise LinuxpolicycoreutilsRed Hat: RHSA-2017:0535-01 Important: SELinux Sandbox Escape
An update for policycoreutils is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: policycoreutils security update Advisory ID: RHSA-2017:0535-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0535.html Issue date: 2017-03-15 CVE Names: CVE-2016-7545 ==================================================================== 1. Summary: An update for policycoreutils is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64 3. Description: The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1378577 - CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2): Source: policycoreutils-2.2.5-21.el7_2.src.rpm x86_64: policycoreutils-2.2.5-21.el7_2.x86_64.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm policycoreutils-newrole-2.2.5-21.el7_2.x86_64.rpm policycoreutils-python-2.2.5-21.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2): x86_64: policycoreutils-debuginfo-2.2.5-21.el7_2.i686.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm policycoreutils-devel-2.2.5-21.el7_2.i686.rpm policycoreutils-devel-2.2.5-21.el7_2.x86_64.rpm policycoreutils-gui-2.2.5-21.el7_2.x86_64.rpm policycoreutils-restorecond-2.2.5-21.el7_2.x86_64.rpm policycoreutils-sandbox-2.2.5-21.el7_2.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.7.2): Source: policycoreutils-2.2.5-21.el7_2.src.rpm ppc64: policycoreutils-2.2.5-21.el7_2.ppc64.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.ppc.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64.rpm policycoreutils-devel-2.2.5-21.el7_2.ppc.rpm policycoreutils-devel-2.2.5-21.el7_2.ppc64.rpm policycoreutils-gui-2.2.5-21.el7_2.ppc64.rpm policycoreutils-newrole-2.2.5-21.el7_2.ppc64.rpm policycoreutils-python-2.2.5-21.el7_2.ppc64.rpm policycoreutils-sandbox-2.2.5-21.el7_2.ppc64.rpm ppc64le: policycoreutils-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-devel-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-gui-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-newrole-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-python-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-sandbox-2.2.5-21.el7_2.ppc64le.rpm s390x: policycoreutils-2.2.5-21.el7_2.s390x.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.s390.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.s390x.rpm policycoreutils-devel-2.2.5-21.el7_2.s390.rpm policycoreutils-devel-2.2.5-21.el7_2.s390x.rpm policycoreutils-gui-2.2.5-21.el7_2.s390x.rpm policycoreutils-newrole-2.2.5-21.el7_2.s390x.rpm policycoreutils-python-2.2.5-21.el7_2.s390x.rpm policycoreutils-sandbox-2.2.5-21.el7_2.s390x.rpm x86_64: policycoreutils-2.2.5-21.el7_2.x86_64.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.i686.rpm policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm policycoreutils-devel-2.2.5-21.el7_2.i686.rpm policycoreutils-devel-2.2.5-21.el7_2.x86_64.rpm policycoreutils-gui-2.2.5-21.el7_2.x86_64.rpm policycoreutils-newrole-2.2.5-21.el7_2.x86_64.rpm policycoreutils-python-2.2.5-21.el7_2.x86_64.rpm policycoreutils-sandbox-2.2.5-21.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v.7.2): ppc64: policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64.rpm policycoreutils-restorecond-2.2.5-21.el7_2.ppc64.rpm ppc64le: policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64le.rpm policycoreutils-restorecond-2.2.5-21.el7_2.ppc64le.rpm s390x: policycoreutils-debuginfo-2.2.5-21.el7_2.s390x.rpm policycoreutils-restorecond-2.2.5-21.el7_2.s390x.rpm x86_64: policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm policycoreutils-restorecond-2.2.5-21.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7545 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYyUm2XlSAg2UNWIIRAgmuAJ0ZFvl6kYTuFqzVDBe3YT5vZIMnQQCgtqDI DMt+NnX2qyM13MAkwgIOZVA=dbZF -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Mar 15, 2017
•Important
Red Hat
200
security advisorysecurity updateimportantScience Linux 6: SLSA-2016:2702-1 Critical: policycoreutils TIOCSTI Risk
Important: policycoreutils security update. Date: Mon, 21 Nov 2016 18:20:08 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: policycoreutils on SL6.x, SL7.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Important: policycoreutils security update Advisory ID: SLSA-2016:2702-1 Issue Date: 2016-11-14 CVE Numbers: CVE-2016-7545 -- Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545) -- SL6 x86_64 policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm i386 policycoreutils-2.0.83-30.1.el6_8.i686.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.i686.rpm policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm SL7 x86_64 policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm - Scientific Linux Development Team . Crucial policycoreutils upgrade for Scientific Linux resolves TIOCSTI vulnerability issue.. policycoreutils Update, Scientific Linux Security, TIOCSTI Fix. .Severity: Important. LinuxSecurity.com Team
Nov 21, 2016
•Important
Scientific Linux
98
security advisoryRed HatimportantRed Hat Enterprise Linux: RHSA-2016-2702-01 Important Sandbox Escape
An update for policycoreutils is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: policycoreutils security update Advisory ID: RHSA-2016:2702-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:2702.html Issue date: 2016-11-14 CVE Names: CVE-2016-7545 ==================================================================== 1. Summary: An update for policycoreutils is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The policycoreutils packagescontain the core policy utilities required to manage a SELinux environment. Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1378577 - CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: policycoreutils-2.0.83-30.1.el6_8.src.rpm i386: policycoreutils-2.0.83-30.1.el6_8.i686.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.i686.rpm policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm x86_64: policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: policycoreutils-2.0.83-30.1.el6_8.src.rpm x86_64: policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: policycoreutils-2.0.83-30.1.el6_8.src.rpm i386: policycoreutils-2.0.83-30.1.el6_8.i686.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.i686.rpm policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm ppc64: policycoreutils-2.0.83-30.1.el6_8.ppc64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.ppc64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.ppc64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.ppc64.rpm policycoreutils-python-2.0.83-30.1.el6_8.ppc64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.ppc64.rpm s390x: policycoreutils-2.0.83-30.1.el6_8.s390x.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.s390x.rpm policycoreutils-gui-2.0.83-30.1.el6_8.s390x.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.s390x.rpm policycoreutils-python-2.0.83-30.1.el6_8.s390x.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.s390x.rpm x86_64: policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: policycoreutils-2.0.83-30.1.el6_8.src.rpm i386: policycoreutils-2.0.83-30.1.el6_8.i686.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.i686.rpm policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm x86_64: policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v.7): Source: policycoreutils-2.5-9.el7.src.rpm x86_64: policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: policycoreutils-2.5-9.el7.src.rpm x86_64: policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: policycoreutils-2.5-9.el7.src.rpm aarch64: policycoreutils-2.5-9.el7.aarch64.rpm policycoreutils-debuginfo-2.5-9.el7.aarch64.rpm policycoreutils-devel-2.5-9.el7.aarch64.rpm policycoreutils-gui-2.5-9.el7.aarch64.rpm policycoreutils-newrole-2.5-9.el7.aarch64.rpm policycoreutils-python-2.5-9.el7.aarch64.rpm policycoreutils-sandbox-2.5-9.el7.aarch64.rpm ppc64: policycoreutils-2.5-9.el7.ppc64.rpm policycoreutils-debuginfo-2.5-9.el7.ppc.rpm policycoreutils-debuginfo-2.5-9.el7.ppc64.rpm policycoreutils-devel-2.5-9.el7.ppc.rpm policycoreutils-devel-2.5-9.el7.ppc64.rpm policycoreutils-gui-2.5-9.el7.ppc64.rpm policycoreutils-newrole-2.5-9.el7.ppc64.rpm policycoreutils-python-2.5-9.el7.ppc64.rpm policycoreutils-sandbox-2.5-9.el7.ppc64.rpm ppc64le: policycoreutils-2.5-9.el7.ppc64le.rpm policycoreutils-debuginfo-2.5-9.el7.ppc64le.rpm policycoreutils-devel-2.5-9.el7.ppc64le.rpm policycoreutils-gui-2.5-9.el7.ppc64le.rpm policycoreutils-newrole-2.5-9.el7.ppc64le.rpm policycoreutils-python-2.5-9.el7.ppc64le.rpm policycoreutils-sandbox-2.5-9.el7.ppc64le.rpm s390x: policycoreutils-2.5-9.el7.s390x.rpm policycoreutils-debuginfo-2.5-9.el7.s390.rpm policycoreutils-debuginfo-2.5-9.el7.s390x.rpm policycoreutils-devel-2.5-9.el7.s390.rpm policycoreutils-devel-2.5-9.el7.s390x.rpm policycoreutils-gui-2.5-9.el7.s390x.rpm policycoreutils-newrole-2.5-9.el7.s390x.rpm policycoreutils-python-2.5-9.el7.s390x.rpm policycoreutils-sandbox-2.5-9.el7.s390x.rpm x86_64: policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): aarch64: policycoreutils-debuginfo-2.5-9.el7.aarch64.rpm policycoreutils-restorecond-2.5-9.el7.aarch64.rpm ppc64: policycoreutils-debuginfo-2.5-9.el7.ppc64.rpm policycoreutils-restorecond-2.5-9.el7.ppc64.rpm ppc64le: policycoreutils-debuginfo-2.5-9.el7.ppc64le.rpm policycoreutils-restorecond-2.5-9.el7.ppc64le.rpm s390x: policycoreutils-debuginfo-2.5-9.el7.s390x.rpm policycoreutils-restorecond-2.5-9.el7.s390x.rpm x86_64: policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: policycoreutils-2.5-9.el7.src.rpm x86_64: policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2016-7545 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYKax8XlSAg2UNWIIRAt0iAJ9I8pA0Ln24HUHIJ+Nhs+F2ySmwsgCgnVgY 6sqdO8JJgx/voNWZz7iRw48=QwoP -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Nov 14, 2016
•Important
Red Hat
91
security advisoryhigh severitygentooGentoo: GLSA-202310-58 Critical: OpenSSL Cryptographic Flaw Alert
A vulnerability in policycoreutils could lead to local privilege escalation.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-44 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: policycoreutils: Privilege escalation Date: December 26, 2014 Bugs: #509896 ID: 201412-44 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A vulnerability in policycoreutils could lead to local privilege escalation. Background ========= policycoreutils is a collection of SELinux policy utilities. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/policycoreutils < 2.2.5-r4 > = 2.2.5-r4 Description ========== The seunshare utility is owned by root with 4755 permissions which can be exploited by a setuid system call. Impact ===== A local attacker may be able to gain escalated privileges. Workaround ========= There is no known workaround at this time. Resolution ========= All policycoreutils users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v "> =sys-apps/policycoreutils-2.2.5-r4" References ========= [ 1 ] CVE-2014-3215 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-3215 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201412-44 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.Any security concerns should be addressed to
Dec 26, 2014
•Critical
Gentoo
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!