policycoreutils-2.5-22.el7

エラータID: AXSA:2018-2922:01

Release date: 
Wednesday, April 18, 2018 - 11:50
Subject: 
policycoreutils-2.5-22.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

The policycoreutils packages contain the core policy utilities required to manage a SELinux environment.

Security Fix(es):

* policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead (CVE-2018-1063)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

This issue was discovered by Renaud Métrich (Asianux).

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.5 Release Notes linked from the References section.

CVE-2018-1063
Context relabeling of filesystems is vulnerable to symbolic link
attack, allowing a local, unprivileged malicious entity to change the
SELinux context of an arbitrary file to a context with few
restrictions. This only happens when the relabeling process is done,
usually when taking SELinux state from disabled to enable (permissive
or enforcing). The issue was found in policycoreutils 2.5-11.

Solution: 

Update packages.

CVEs: 
CVE-2018-1063
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.
Additional Info: 

N/A

Download: 

SRPMS
  1. policycoreutils-2.5-22.el7.src.rpm
    MD5: cf98317fb17bfe05bcd4efd8d74b420f
    SHA-256: ba875186ba333d1d4c8372b4a5c966a91aaf3c0f3a3d119650401d1f5b5f291a
    Size: 8.66 MB

Asianux Server 7 for x86_64
  1. policycoreutils-2.5-22.el7.x86_64.rpm
    MD5: 3a7a125e6181d0c324839ad1c943129f
    SHA-256: 607af357aa34c4cbd69e6d49387b8ea62589f821a00e12a75ceb535bc8e989b1
    Size: 865.76 kB
  2. policycoreutils-devel-2.5-22.el7.x86_64.rpm
    MD5: 2ce3c39e17580017c03103f8cf6e9ff9
    SHA-256: 1bf4a1b9debd8501378ef25e59751b2c980e336664dedd9940e350b88cb85a2e
    Size: 331.86 kB
  3. policycoreutils-gui-2.5-22.el7.x86_64.rpm
    MD5: 748f28de6f06eec83c865b02c0d162e1
    SHA-256: 96c7936958c9be4a5f4c6f4ee9d948718bb8cd69f598559ee9386623eb1fc82a
    Size: 1.70 MB
  4. policycoreutils-newrole-2.5-22.el7.x86_64.rpm
    MD5: 8149de4aa8594190bf16308f9d36da24
    SHA-256: 5e5837c98884ad9abef927f81ed1cadbf40461144e12f4159eee752d232f299f
    Size: 168.47 kB
  5. policycoreutils-python-2.5-22.el7.x86_64.rpm
    MD5: c4e37179db4dd58bb31266e785ea1c52
    SHA-256: f12e38284080b8f3080879ff4d045c057bdaf1c575a9e9ae5d1fc6cf3cd10b73
    Size: 453.17 kB
  6. policycoreutils-sandbox-2.5-22.el7.x86_64.rpm
    MD5: aa3cc00fe8cbee741a20885386a1ba6e
    SHA-256: c215574caf183b87179ded2794dd747877a668bc843e3885377db2474fad75a6
    Size: 168.54 kB
  7. policycoreutils-devel-2.5-22.el7.i686.rpm
    MD5: 38959007053d0bfd78a990d0955a5774
    SHA-256: 7bdbb1d8ffebf3243460b589ff03c9c7ddb249e4221c2feda45335517199e562
    Size: 326.18 kB