SCIENTIFIC-LINUX-ERRATA Archives

February 2012

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Low: selinux-policy on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
Pat Riehecky <[log in to unmask]>
Date:
Tue, 14 Feb 2012 10:20:17 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (48 lines) 
Synopsis: Low: selinux-policy enhancement update
Issue date: 2012-02-13


The selinux-policy packages contain the rules that govern how confined 
processes
run on the system.

This update fixes the following bug:

* An incorrect SELinux policy prevented the qpidd service from starting. 
These
selinux-policy packages contain updated SELinux rules, which allow the qpidd
service to be started correctly.

* With SELinux in enforcing mode, the ssh-keygen utility was prevented from
access to various applications and thus could not be used to generate 
SSH keys
for these programs. With this update, the "ssh_keygen_t" SELinux domain 
type has
been implemented as unconfined, which ensures the ssh-keygen utility to work
correctly.

All users of selinux-policy are advised to upgrade to these updated 
packages,
which fix these bugs.



SL6.x

SRPMS:
selinux-policy-3.7.19-126.el6_2.6.src.rpm

i386:
selinux-policy-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-doc-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-minimum-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-mls-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-targeted-3.7.19-126.el6_2.6.noarch.rpm

x86_64:
selinux-policy-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-doc-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-minimum-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-mls-3.7.19-126.el6_2.6.noarch.rpm
selinux-policy-targeted-3.7.19-126.el6_2.6.noarch.rpm

ATOM RSS1 RSS2