- Issued:
- 2017-05-26
- Updated:
- 2017-05-26
RHBA-2017:1331 - Bug Fix Advisory
Synopsis
container-selinux bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated container-selinux package that fixes one bug is now available for Red Hat Enterprise Linux 7 Extras.
Description
The container-selinux package provides SELinux policies for container runtimes.
This update fixes the following bug:
- Previously, a SELinux boolean allowed containers to use fuse file systems, but not execute content on them. This update adds the allow rules for executing content on fuse file systems. (BZ#1445226)
Users of container-selinux are advised to upgrade to this updated package, which fixes this bug.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
Fixes
- BZ - 1427335 - [extras-rhel-7.3.4] container selinux policy not removed after rpm package remove
- BZ - 1445226 - selinux policy does not allow execute on fusefs filesystems (like glusterfs)
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 7
| SRPM | |
|---|---|
| container-selinux-2.12-2.gite7096ce.el7.src.rpm | SHA-256: 1973402b58a910602ffb4c09d2d36d760c59347c321aca2c982ae8cec56a15e0 |
| x86_64 | |
| container-selinux-2.12-2.gite7096ce.el7.noarch.rpm | SHA-256: e957989a63188ec440d9ede8f624ac6b866f110c232d34d3053ee8f36c3c7884 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
