Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
217

Oracle Linux 8 ELSA-2024-5291 Moderate: Grafana Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-5291 http://linux.oracle.com/errata/ELSA-2024-5291.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-9.2.10-17.el8_10.x86_64.rpm grafana-selinux-9.2.10-17.el8_10.x86_64.rpm aarch64: grafana-9.2.10-17.el8_10.aarch64.rpm grafana-selinux-9.2.10-17.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//grafana-9.2.10-17.el8_10.src.rpm Related CVEs: CVE-2024-24788 CVE-2024-24789 CVE-2024-24790 Description of changes: [9.2.10-17] - Allow for mssql datasource in selinux policy - Resolves RHEL-43435 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Update ELSA-2024-5300 for grafana and selinux package updates has been released. Check the site for further information.. Oracle Linux Updates,Grafana Security Patch,Linux Security Advisory. . LinuxSecurity.com Team

Calendar%202 Aug 15, 2024 Oracle
89

Fedora 35: FEDORA-2022-5df8b52ba4 Moderate: Snapd 2.54.3 Fixes

Update to 2.54.3. Cherry pick misc SELinux policy fixes. Fixes for CVE-2021-44731, CVE-2021-44730, CVE-2021-4120.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-5df8b52ba4 2022-02-20 01:08:12.119349 --------------------------------------------------------------------------------Name : snapd Product : Fedora 35 Version : 2.54.3 Release : 1.fc35 URL : https://github.com/canonical/snapd Summary : A transactional software package manager Description : Snappy is a modern, cross-distribution, transactional package manager designed for working with self-contained, immutable packages. --------------------------------------------------------------------------------Update Information: Update to 2.54.3. Cherry pick misc SELinux policy fixes. Fixes for CVE-2021-44731, CVE-2021-44730, CVE-2021-4120. --------------------------------------------------------------------------------ChangeLog: * Thu Feb 17 2022 Maciek Borzecki - 2.54.3-1 - Release 2.54.3 to Fedora - Cherry pick SELinux policy fixes for RHBZ#1944390, RHBZ#2043160, RHBZ#2043161, RHBZ#2046358, RHBZ#2046363, RHBZ#2046361, RHBZ#2046364, RHBZ#2046365, RHBZ#2051594, RHBZ#2043902, RHBZ#1944390 * Tue Feb 15 2022 Michael Vogt - New upstream release 2.54.3 - bugfixes --------------------------------------------------------------------------------References: [ 1 ] Bug #2056058 - CVE-2021-44731 snapd: Race condition in snap-confine's setup_private_mount() https://bugzilla.redhat.com/show_bug.cgi?id=2056058 [ 2 ] Bug #2056061 - CVE-2021-44730 snapd: Hardlink attack in snap-confine's sc_open_snapd_tool() https://bugzilla.redhat.com/show_bug.cgi?id=2056061 [ 3 ] Bug #2056065 - CVE-2021-4120 snapd: Insufficient validation of snap content interface and layout paths https://bugzilla.redhat.com/show_bug.cgi?id=2056065 --------------------------------------------------------------------------------Thisupdate can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-5df8b52ba4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . New release for Fedora 35: snapd 2.54.3 addresses security vulnerabilities by implementing SELinux policy enhancements and other improvements.. Fedora Snapd SELinux Updates Security Fixes. . LinuxSecurity.com Team

Calendar%202 Feb 19, 2022 Fedora
203

Mageia 7: MGASA-2021-0032 Critical SELinux Vulnerability Alert

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing) (CVE-2018-1063). . MGASA-2021-0032 - Updated policycoreutils packages fix a security vulnerability Publication date: 17 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0032.html Type: security Affected Mageia releases: 7 CVE: CVE-2018-1063 Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing) (CVE-2018-1063). References: - https://bugs.mageia.org/show_bug.cgi?id=22890 - https://access.redhat.com/errata/RHSA-2018:0913 - https://www.cve.org/CVERecord?id=CVE-2018-1063 SRPMS: - 7/core/policycoreutils-2.5-14.1.mga7 . Mageia 2021-0045 fixes a security flaw related to improper handling of memory in the kernel. Continue reading for further information.. Mageia Security Advisory, SELinux Context, Policycoreutils Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jan 17, 2021 Critical Mageia
98

Red Hat OpenShift 4.2 RHSA-2019:4074-01 Moderate: runc Security Update

An update for runc is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: OpenShift Container Platform 4.2 runc security update Advisory ID: RHSA-2019:4074-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2019:4074 Issue date: 2019-12-03 CVE Names: CVE-2019-16884 ==================================================================== 1. Summary: An update for runc is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.2 - x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the runc RPM package for Red Hat OpenShift Container Platform 4.2.9. The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides a container runtime. Security Fix(es): * runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For OpenShift Container Platform 4.2 see the following documentation, which will be updated shortlyfor release 4.2.9, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.redhat.com/en/documentation/openshift_container_platform/4.2/html/release_notes/ocp-4-2-release-notes Details on how to access this content are available at - -cli.html. 5. Bugs fixed (https://bugzilla.redhat.com/): 1757214 - CVE-2019-16884 runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc 6. Package List: Red Hat OpenShift Container Platform 4.2: Source: runc-1.0.0-63.rc8.el8.src.rpm x86_64: runc-1.0.0-63.rc8.el8.x86_64.rpm runc-debuginfo-1.0.0-63.rc8.el8.x86_64.rpm runc-debugsource-1.0.0-63.rc8.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2019-16884 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXebOP9zjgjWX9erEAQiRbBAAmnkcx9NyiCrPQujU3aA1UKX0STZ58q9r gIrqnYHCk1YbZBttq2qgxEog9yw77+29EZo6hf4itjD2FE1Clk6XJTJRv6B36j9o B3GTF4jAOBcl9OxehKSSRJOEHlMxown24wyD3YSvGET85phmxb/OvRZP9GQoPQRw evYCjNszkgjmPeBrL17nIC5aQvsuHr07ErINF7uXy6q/spDaoMMjYLsGb9CEETGi lEpnjRmdCRAPkL+EGpQX4Sx6Bqyf/sIoczFxt6+l86Fu2r6ompVkWo/4MPiE1YI8 2fon1uPBfxOeL66xGyhhzbO+Y1kU2p4wEwRW8fRKNEgnWEJZS0jUm2j44GzmwVaO ZQbbdLw6Bc6PT38R7W3UqGAolSfF6MwQdcYvzDBDsmXJiMbNsjKuyLd8Zgr5/GJ1 CDCMNaPdqUJ6o92TAggVr5Vqx6HPpx9hrrGpyy4EY0Wz1lqpqzW2h7bdJeSNktSb m6jOsiLOvrxz6ecyP3FayGtPV9gASsRc/EXrufIExi87YKrK/P8PFv3LSBFasm2y G7Izevx4GCnik0HJybfzya16Q6VAUOP1OXlLRKUIuxC9wfEGgWUvcydHEm8tlxyv WnxvFZGEFGVH/ieZYF4D/IzgrseAguJHPZojVDCCzKOqCVNtp7LkVBK5a+bOvwPS Lrz6NUyONRM=TC9T -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A recent update toOpenShift Container enhances security measures against identified vulnerabilities of moderate severity, bolstering defense mechanisms against potential risks.. OpenShift Container Update, Runc Security Advisory, Moderate Impact, SELinux Bypass. . LinuxSecurity.com Team

Calendar%202 Dec 03, 2019 Red Hat
197

Debian 9: DLA-1478-1 Urgent: NetworkManager Credentials Leak Patch

CVE-2018-10906 This is a fix for a restriction bypass of the "allow_other" option when SELinux is active. . Package : fuse Version : 2.9.3-15+deb8u3 CVE ID : CVE-2018-10906 CVE-2018-10906 This is a fix for a restriction bypass of the "allow_other" option when SELinux is active. For Debian 8 "Jessie", this problem has been fixed in version 2.9.3-15+deb8u3. We recommend that you upgrade your fuse packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . This announcement resolves an issue concerning the evasion of limitations associated with the allow_other flag in SELinux within the fuse component of Debian.. Debian Fuse Update, SELinux Security Fix, Security Advisory DLA-1468-1. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Aug 15, 2018 Critical Debian LTS
200

Scientific Linux: Low SELinux-Policy Enhancement Update Errata 08-50-55

Low: selinux-policy enhancement update. Date: Tue, 11 Sep 2012 08:47:10 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: FASTBUGS for SL 5x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploadedto i386: cyrus-sasl-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-devel-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-gssapi-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-ldap-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-lib-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-md5-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-ntlm-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-plain-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-sql-2.1.22-7.el5_8.1.i386.rpm gimp-2.2.13-2.0.10.el5.i386.rpm gimp-devel-2.2.13-2.0.10.el5.i386.rpm gimp-libs-2.2.13-2.0.10.el5.i386.rpm gnome-session-2.16.0-10.el5.i386.rpm ipsec-tools-0.6.5-14.el5_8.5.i386.rpm logwatch-7.3-10.el5.noarch.rpm rgmanager-2.0.52-28.el5_8.4.i386.rpm sysstat-7.0.2-12.el5.i386.rpm x86_64: cyrus-sasl-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-devel-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-devel-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-gssapi-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-gssapi-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-ldap-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-ldap-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-lib-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-lib-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-md5-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-md5-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-ntlm-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-ntlm-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-plain-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-plain-2.1.22-7.el5_8.1.x86_64.rpm cyrus-sasl-sql-2.1.22-7.el5_8.1.i386.rpm cyrus-sasl-sql-2.1.22-7.el5_8.1.x86_64.rpm gimp-2.2.13-2.0.10.el5.x86_64.rpm gimp-devel-2.2.13-2.0.10.el5.i386.rpm gimp-devel-2.2.13-2.0.10.el5.x86_64.rpm gimp-libs-2.2.13-2.0.10.el5.i386.rpm gimp-libs-2.2.13-2.0.10.el5.x86_64.rpm gnome-session-2.16.0-10.el5.x86_64.rpm ipsec-tools-0.6.5-14.el5_8.5.x86_64.rpm logwatch-7.3-10.el5.noarch.rpm rgmanager-2.0.52-28.el5_8.4.x86_64.rpm sysstat-7.0.2-12.el5.x86_64.rpm Date: Tue, 11 Sep 2012 08:50:55 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Organization: Fermilab Subject: Security ERRATA Low:selinux-policy enhancement update on SL5.x, SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Low: selinux-policy enhancement update Issue date: 2012-09-11 This update adds the following enhancements: * Previously, with the MLS policy activated, a user created with a MLS level was not able to log into the system using the ssh utility because an appropriate MLS policy rule was missing. This update adds the MLS rule and users can now log into the system as expected in the described scenario. * When OpenMPI (Open Message Passing Interface) was configured to use the parallel universe environment in the Condor server, a large number of AVC messages was returned when an OpenMPI job was submitted. Consequently, the job failed. This update fixes the appropriate SELinux policy and OpenMPI jobs now pass successfully and no longer cause AVC messages to be returned. This update has been placed in the security tree to avoid selinux bugs. SL6.x SRPMS: selinux-policy-3.7.19-155.el6_3.4.src.rpm i386: selinux-policy-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-doc-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-minimum-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-mls-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-targeted-3.7.19-155.el6_3.4.noarch.rpm x86_64: selinux-policy-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-doc-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-minimum-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-mls-3.7.19-155.el6_3.4.noarch.rpm selinux-policy-targeted-3.7.19-155.el6_3.4.noarch.rpm . Date: Tue, 11 Sep 2012 08:47:10 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific . selinux-policy, enhancement, update, reply-to, riehecky. . Severity: Low. LinuxSecurity.com Team

Calendar%202 Sep 11, 2012 Low Scientific Linux
89

Fedora 8 SELinux Policy Update 3.0.8-58 Critical Access Control

Some of the updates are, Allow nmbd to list inotifyfs_t, Dontaudit consolekit access to user homedir, dontaudit nscd getserv and shmemserv, Allow rsync_t dac overrides, Allow xfs_t to listen to sockets, Allow lvm to search mnt, Add booleans for xguest account.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2007-3547 2007-11-29 01:48:17.783142 --------------------------------------------------------------------------------Name : selinux-policy Product : Fedora 8 Version : 3.0.8 Release : 58.fc8 URL : Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2393. --------------------------------------------------------------------------------ChangeLog: * Fri Nov 16 2007 Dan Walsh 3.0.8-58 - Allow nmbd to list inotifyfs_t - Dontaudit consolekit access to user homedir - dontaudit nscd getserv and shmemserv - Allow rsync_t dac overrides - Allow xfs_t to listen to sockets * Fri Nov 16 2007 Dan Walsh 3.0.8-57 - Allow lvm to search mnt - Add booleans for xguest account xguest_mount_media xguest_connect_network xguest_use_bluetooth * Thu Nov 15 2007 Dan Walsh 3.0.8-56 - Remove /usr/sbin/gdm label - Label gstreamer codecs in homedir as textrel_shlib_t * Wed Nov 14 2007 Dan Walsh 3.0.8-55 - Allow spamd to manage razor files * Mon Nov 12 2007 Dan Walsh 3.0.8-54 - Allow cyrus to authenticate via sasl - Allow sshd to work in tunnel mode - Allow sshd to use -R - Allow ssh to read user homedirs - Add /var/lib/tftp to tftp.fc - Add labels for /dev/dmmdi and /dev/admmdi - Allow postmap to be run by unconfined_t - Allow dictd to write pid file - Allow bluetooth to connectto unix_stream_sockets * Mon Nov 12 2007 Dan Walsh 3.0.8-53 - Allow bugzilla policy to connect to postgresql and mysql on other machines * Mon Nov 12 2007 Dan Walsh 3.0.8-52 - Allow apache to readunconfined users content * Sat Nov 10 2007 Dan Walsh 3.0.8-51 - Allow login programs to run mount - Dontaudit writes to user_home_t for semanage - Allow sendmail to write to cyrus_stream - Define /dev/dmmidi1 as a sound_device_t - Allow saslauthd to use nis_authentication * Fri Nov 9 2007 Dan Walsh 3.0.8-50 - Allow login programs to delete user temp files * Thu Nov 8 2007 Dan Walsh 3.0.8-49 - Separate xguest from guest - Allow confined domains to output to rpm pipes * Wed Nov 7 2007 Dan Walsh 3.0.8-48 - Add obsoletes selinux-policy-strict - Run inetd unconfined - dontaudit loadkeys looking at homedir * Tue Nov 6 2007 Dan Walsh 3.0.8-47 - Allow all dns_resolves to use avahi stream - Don't transition from unconfined_t to ping_t * Tue Nov 6 2007 Dan Walsh 3.0.8-46 - Allow sendmail to interact with winbind - Allow dovecot to write log files * Fri Nov 2 2007 Dan Walsh 3.0.8-45 - Allow system_mail_t to domtrans to exim_t --------------------------------------------------------------------------------Updated packages: e301b608c32fd3468b1be5cacb7a5779851ab38f selinux-policy-mls-3.0.8-58.fc8.noarch.rpm 0cfd8add130581f1a5871f1b00486b742eba2222 selinux-policy-devel-3.0.8-58.fc8.noarch.rpm de6c03233d228c2d88498236b4c13746919154a0 selinux-policy-targeted-3.0.8-58.fc8.noarch.rpm cb5cc93fd932af2175c8a20f6c66a4cd2ec9a5c7 selinux-policy-3.0.8-58.fc8.noarch.rpm e246ba5e11336b8cfee322fcb08028e6a8a2d776 selinux-policy-3.0.8-58.fc8.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at . --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The revision of SELinux policy forFedora 8 encompasses improvements in access rights management and enhancements to security settings.. SELinux Policy, Fedora Update, Security Enhancement. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 28, 2007 Critical Fedora
89

Fedora Core 5 SELinux Policy Update: Security Fix for Multiple Issues

Update SELinux policy to current rawhide to fix many policy problems. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-271 2006-04-11 ---------------------------------------------------------------------Product : Fedora Core 5 Name : checkpolicy Version : 1.30.3 Release : 1.fc5 Summary : SELinux policy compiler Description : Security-enhanced Linux is a feature of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. This package contains checkpolicy, the SELinux policy compiler. Only required for building policies. ---------------------------------------------------------------------Update Information: Update SELinux policy to current rawhide to fix many policy problems ---------------------------------------------------------------------* Tue Apr 4 2006 Dan Walsh - 1.30.3-1.fc5 - Bump for FC-5 * Tue Mar 28 2006 Dan Walsh - 1.30.3-1 - Latest upgrade from NSA * Fixed checkmodule to call link_modules prior to expand_module to handle optionals. * Fixed require_class to avoid shadowing permissions already defined in an inherited common definition. * Mon Mar 27 2006 Dan Walsh - 1.30.1-2 - Rebuild with new libsepol * Thu Mar 23 2006 Dan Walsh - 1.30.1-1 - Latest upgrade from NSA * Moved processing of role and user require statements to 2nd pass. ---------------------------------------------------------------------This update can be downloaded from: 7898c324c55af7cdef2f3a74773c6b70adb497bb SRPMS/checkpolicy-1.30.3-1.fc5.src.rpm b485bd9121e4f4415e2f17b0e37ce7303ac0cd16 ppc/checkpolicy-1.30.3-1.fc5.ppc.rpm 35f483301ba44238d70cd3bcb669d358d698e3cb ppc/debug/checkpolicy-debuginfo-1.30.3-1.fc5.ppc.rpm 37cda38df6eb6a8c03494159989dd85d68fba2e2 x86_64/checkpolicy-1.30.3-1.fc5.x86_64.rpm 54d3ec7cf1e2f9fb271a2c6400a8ebd6f73b0b0c x86_64/debug/checkpolicy-debuginfo-1.30.3-1.fc5.x86_64.rpm 452461559e1afd7744c11a9036c51d33f5a15b22 i386/checkpolicy-1.30.3-1.fc5.i386.rpm 65374698d63d2bb5b14793d415dc91ab1372aed8 i386/debug/checkpolicy-debuginfo-1.30.3-1.fc5.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance the SELinux policy framework on Fedora Core 5 to address various ongoing policy challenges and optimize overall security effectiveness.. SELinux Update, Fedora Security Fix, Policy Management, Checkpolicy Tool. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 11, 2006 Important Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200