Synopsis: Important: policycoreutils security update Advisory ID: SLSA-2016:2702-1 Issue Date: 2016-11-14 CVE Numbers: CVE-2016-7545 -- Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545) -- SL6 x86_64 policycoreutils-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-gui-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-python-2.0.83-30.1.el6_8.x86_64.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.x86_64.rpm i386 policycoreutils-2.0.83-30.1.el6_8.i686.rpm policycoreutils-debuginfo-2.0.83-30.1.el6_8.i686.rpm policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm policycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm SL7 x86_64 policycoreutils-2.5-9.el7.x86_64.rpm policycoreutils-debuginfo-2.5-9.el7.i686.rpm policycoreutils-debuginfo-2.5-9.el7.x86_64.rpm policycoreutils-devel-2.5-9.el7.i686.rpm policycoreutils-devel-2.5-9.el7.x86_64.rpm policycoreutils-gui-2.5-9.el7.x86_64.rpm policycoreutils-newrole-2.5-9.el7.x86_64.rpm policycoreutils-python-2.5-9.el7.x86_64.rpm policycoreutils-sandbox-2.5-9.el7.x86_64.rpm policycoreutils-restorecond-2.5-9.el7.x86_64.rpm - Scientific Linux Development Team