- Issued:
- 2016-05-10
- Updated:
- 2016-05-10
RHBA-2016:0763 - Bug Fix Advisory
Synopsis
selinux-policy bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for selinux-policy is now available for Red Hat Enterprise Linux 6.
Description
The selinux-policy packages contain the rules that govern how confined processes run on the system.
For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.8 Release Notes and Red Hat Enterprise Linux 6.8 Technical Notes linked from the References section.
Users of selinux-policy are advised to upgrade to these updated packages.
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
Fixes
- BZ - 1213539 - [RHEL6] New cobbler dir definitions needed in /var/lib/tftpboot
- BZ - 1221934 - [rhel6] graphite-web needs type "httpd_sys_rw_content_t" for files in "/var/lib/graphite-web(/.*)?"
- BZ - 1235573 - /dev/mpt2ctl does not have a specific SELinux label
- BZ - 1235636 - [SELinux] SMB: SELinux policy to be set for /usr/sbin/ctdbd_wrapper - RHEL-6.7
- BZ - 1240583 - [SELinux] SElinux prevents Gluster/NFS from connecting to RPC services on NFS-clients (RHEL-6)
- BZ - 1240793 - The latest selinux-policy-targeted-3.7.19-260.el6_6.5 update broke nrpe scripts which calls sudo
- BZ - 1241360 - [SELinux]: Issues in setting up Windows Active directory with samba and access of share denied using domain users (RHEL-6.7)
- BZ - 1241386 - [SELinux] [nfs-ganesha]: seeing avc denied error message for showmount, while doing a volume start - Rhel6.7
- BZ - 1244274 - [SELinux] nfs-ganesha: AVC denied for nfs-ganesha.service , ganesha cluster setup fails in Rhel6.7
- BZ - 1247278 - [linearstore] Symlink creation fails when running broker as a service
- BZ - 1250066 - SELinux:AVC's related to sshd and samba when ssh to server
- BZ - 1251584 - SELinux prevents qpidd from starting after update MRGM 3.1 to MRGM 3.2
- BZ - 1251991 - SELinux is preventing Chromium from using the setcap access on a process
- BZ - 1260471 - SELinux policy (daemons) changes required for package: libreswan
- BZ - 1261145 - jabberd daemons hit into SELinux when reading SSL certificates
- BZ - 1271211 - add file context for /usr/libexec/mock/mock
- BZ - 1271996 - No SELinux boolean to allow tmpwatch on samba_share_t or nfs_t
- BZ - 1275744 - SELinux prevents oddjobd from communicating with SSSD
- BZ - 1277199 - SELinux denials appear when the asterisk service is started
- BZ - 1278747 - SELinux file context pattern for /var/run/qga.state is incorrect
- BZ - 1278771 - invalid filename is used in file context pattern for pegasus configuration file
- BZ - 1285674 - SELinux prevents httpd (started by piranha-gui) from accessing /var/lib/net-snmp
- BZ - 1286007 - SELinux prevents dspam web UI from working
- BZ - 1286030 - restorecon sets an incorrect label on /var/lock/LCK.. (created by apcupsd)
- BZ - 1286052 - SELinux prevents munin-cgi-graph from creating its log file
- BZ - 1287182 - SELinux policy (daemons) changes required for package: libreswan
- BZ - 1290310 - SELinux policy (daemons) changes required for package: chrony
- BZ - 1290565 - /usr/share/conman/exec/ipmitool.exp needs a new selinux type
- BZ - 1290705 - SELinux prevents ipset from creating a netlink socket
- BZ - 1291164 - SELinux policy (daemons) changes required for package: squid34
- BZ - 1292514 - SELinux policy (daemons) changes required for package: libreswan
- BZ - 1293787 - [SELinux] CTDB: SELinux: ctdb disablescript fails to execute because of SELinux avc's
- BZ - 1296238 - Correct selinux context for stunnel logging
- BZ - 1296693 - sssd_ifp process is not allowed to send the message back when selinux is in enforcing mode
- BZ - 1298514 - netutils_t policy prevents tcpdump from calling chown/setattr
- BZ - 1299066 - smartcard login does not prompt for pin when ocsp checking is enabled (default config)
- BZ - 1308911 - adcli fails to update /etc/krb5.keytab for keytab renewal
CVEs
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
| i386 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| i386 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux Workstation 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
| i386 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux Desktop 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
| i386 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux for IBM z Systems 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| s390x | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux for Power, big endian 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| ppc64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux for Scientific Computing 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux Server from RHUI 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| x86_64 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
| i386 | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
| SRPM | |
|---|---|
| selinux-policy-3.7.19-292.el6.src.rpm | SHA-256: 3f9eeb8a1887ac7e7b36bf406e165c74d566884bab7e9564639683a4301e2c50 |
| s390x | |
| selinux-policy-3.7.19-292.el6.noarch.rpm | SHA-256: 22a8025954b7a5ac8ca99c51c7811145146ff9ef464f327568a8f2a69c36ccf1 |
| selinux-policy-doc-3.7.19-292.el6.noarch.rpm | SHA-256: 355e2f96794c205ab9338ff51ebed7d7bf69a2b8975a7a8239660eaf3e8096ed |
| selinux-policy-minimum-3.7.19-292.el6.noarch.rpm | SHA-256: 17ca956c64858c04e3de73eb540ba92d4dd8fe7515ab37e38787c904c876c529 |
| selinux-policy-mls-3.7.19-292.el6.noarch.rpm | SHA-256: ecb00ef5a5fb7672dd8aba935ff7844acf40ccbde612e533df91e30815a97d7f |
| selinux-policy-targeted-3.7.19-292.el6.noarch.rpm | SHA-256: 52317e2539990e2589f2a5bf9927e5f4cf7b62553cb347171db3df1e1e804d9a |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.