- Issued:
- 2006-08-09
- Updated:
- 2006-08-09
RHBA-2006:0373 - Bug Fix Advisory
Synopsis
selinux-policy bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated selinux-policy packages are now available that include policy
changes to allow applications to communicate with each other.
Description
Security-enhanced Linux is a patch of the Linux kernel and a number of
utilities with enhanced security functionality designed to add mandatory
access controls to Linux. This package contains the SELinux example policy
configuration along with the Flask configuration information and the
application configuration files.
The previous SELinux policy prevented several applications from running
properly. This update introduces the following policy changes:
- Allow syslogd write and append access to /dev/console for logging
emergency messages and for syslog configuration that directs certain
messages to the console.
- Allow the dhcp server to bind to TCP ports 519 and 520 as well as 647
and 847 for failover. Note that ports 519 and 520 are temporary ports,
in Red Hat Enterprise Linux 5 only the RFC specified ports 647 and 847
will be supported.
- Allow snmpd to report device information from /proc/sys/dev.
- Allow pegasus testsuite to complete successfully.
- Allow unconfined_t to transition to pegasus_t
- Allow ntlm_auth to output to screen
Users of selinux-policy should upgrade to these updated packages, which
resolve these issues.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 174434 - xterm -C gives cannot open console : Operation not permited
- BZ - 182290 - "ntlm_auth --help" blocked by selinux-policy-targeted
- BZ - 185296 - snmpd generates avc: denied messages
- BZ - 186258 - start of caching name server triggers selinux errors
- BZ - 186582 - DHCP failover is denied by SELinux
- BZ - 189584 - Not able to create new namespaces with selinux set to enforced on RHEL 4 U2
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
selinux-policy-targeted-1.17.30-2.140.src.rpm | SHA-256: f22070d942985db0dc72dbadcb38048ce0b2217c8904f94ee1d2e49587bb7d6d |
x86_64 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
ia64 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
i386 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
selinux-policy-targeted-1.17.30-2.140.src.rpm | SHA-256: f22070d942985db0dc72dbadcb38048ce0b2217c8904f94ee1d2e49587bb7d6d |
x86_64 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
ia64 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
i386 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
selinux-policy-targeted-1.17.30-2.140.src.rpm | SHA-256: f22070d942985db0dc72dbadcb38048ce0b2217c8904f94ee1d2e49587bb7d6d |
x86_64 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
i386 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
selinux-policy-targeted-1.17.30-2.140.src.rpm | SHA-256: f22070d942985db0dc72dbadcb38048ce0b2217c8904f94ee1d2e49587bb7d6d |
s390x | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
s390 | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
selinux-policy-targeted-1.17.30-2.140.src.rpm | SHA-256: f22070d942985db0dc72dbadcb38048ce0b2217c8904f94ee1d2e49587bb7d6d |
ppc | |
selinux-policy-targeted-1.17.30-2.140.noarch.rpm | SHA-256: e619ac6de65f9adc2afad7ed4ac76a3736bee8ab88790785777bb5e7e8e6bbf8 |
selinux-policy-targeted-sources-1.17.30-2.140.noarch.rpm | SHA-256: 4c1aece4c3b3549ecee722759bd42955c6fd0ee596fa684879fbf00fe84b40ab |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.