[El-errata] ELSA-2011-0414 Important: Oracle Linux 6 policycoreutils security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Apr 4 22:06:34 PDT 2011


Oracle Linux Security Advisory ELSA-2011-0414

https://rhn.redhat.com/errata/RHSA-2011-0414.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
policycoreutils-2.0.83-19.8.el6_0.i686.rpm
policycoreutils-gui-2.0.83-19.8.el6_0.i686.rpm
policycoreutils-newrole-2.0.83-19.8.el6_0.i686.rpm
policycoreutils-python-2.0.83-19.8.el6_0.i686.rpm
policycoreutils-sandbox-2.0.83-19.8.el6_0.i686.rpm
selinux-policy-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-doc-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-minimum-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-mls-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-targeted-3.7.19-54.0.1.el6_0.5.noarch.rpm

x86_64:
policycoreutils-2.0.83-19.8.el6_0.x86_64.rpm
policycoreutils-gui-2.0.83-19.8.el6_0.x86_64.rpm
policycoreutils-newrole-2.0.83-19.8.el6_0.x86_64.rpm
policycoreutils-python-2.0.83-19.8.el6_0.x86_64.rpm
policycoreutils-sandbox-2.0.83-19.8.el6_0.x86_64.rpm
selinux-policy-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-doc-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-minimum-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-mls-3.7.19-54.0.1.el6_0.5.noarch.rpm
selinux-policy-targeted-3.7.19-54.0.1.el6_0.5.noarch.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/policycoreutils-2.0.83-19.8.el6_0.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/selinux-policy-3.7.19-54.0.1.el6_0.5.src.rpm


Description of changes:

policycoreutils:

[2.0.83-19.8]
- Fix seunshare to work with /tmp content when SELinux context is not 
provided
Resolves: #679689

[2.0.83-19.7]
- put back correct chcon
- Latest fixes for seunshare

[2.0.83-19.6]
- Fix rsync command to work if the directory is old.
- Fix all tests
Resolves: #679689

[2.0.83-19.5]
- Add requires rsync and  fix man page for seunshare

[2.0.83-19.4]
- fix to sandbox
  - Fix seunshare to use more secure handling of /tmp
    - Rewrite seunshare to make sure /tmp is mounted stickybit owned by root
   - Change to allow sandbox to run on nfs homedirs, add start python script
   - change default location of HOMEDIR in sandbox to /tmp/.sandbox_home_*
   - Move seunshare to sandbox package
   - Fix sandbox to show correct types in  usage statement

selinux-policy:

[3.7.19-54.0.1.el6_0.5]
- Allow ocfs2 to be mounted with file_t type.

[3.7.19-54.el6_0.5]
- seunshare needs to be able to mounton nfs/cifs/fusefs homedirs
Resolves: #684918

[3.7.19-54.el6_0.4]
- Fix to sandbox
        * selinux-policy fixes for policycoreutils sandbox changes
                - Fix seunshare to use more secure handling of /tmp
                - Change to allow sandbox to run on nfs homedirs, add 
start python script






More information about the El-errata mailing list