Red Hat Product Errata RHBA-2022:7627 - Bug Fix Advisory
Issued:
2022-11-08
Updated:
2022-11-08

RHBA-2022:7627 - Bug Fix Advisory

Synopsis

fapolicyd bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.

Description

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2066653 - compiled.rules file ownership and mode
  • BZ - 2068105 - Fapolicyd denies access to /usr/lib64/ld-2.28.so [rhel-8.7.0]
  • BZ - 2070639 - fapolicyd does not correctly handle SIGHUP
  • BZ - 2084497 - Faulty handling of static applications
  • BZ - 2100087 - rebase fapolicyd to the latest stable vesion
  • BZ - 2100089 - fapolicyd gets way too easily killed by OOM killer
  • BZ - 2102563 - Introduce ppid rule attribute
  • BZ - 2103914 - fapolicyd.rules doesn't advertise that using a username/groupname instead of uid/gid also works
  • BZ - 2111243 - fapolicyd often breaks package updates
  • BZ - 2111935 - drop libgcrypt in favour of openssl

CVEs

(none)

Red Hat Enterprise Linux for x86_64 8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
x86_64
fapolicyd-1.1.3-8.el8.x86_64.rpm SHA-256: 7fc0bff34d8d8453961d82c48de12badc78410dc9a33a35ef813ba8ee956a942
fapolicyd-debuginfo-1.1.3-8.el8.x86_64.rpm SHA-256: b5d31a1cc754b92072d2ee631db541952a3b4be3092811e3f4bad05979c6f918
fapolicyd-debugsource-1.1.3-8.el8.x86_64.rpm SHA-256: 331a9d1137dce1a366a34adbe6549dfa4fff1955161c4317a67849a0e7f6f802
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
x86_64
fapolicyd-1.1.3-8.el8.x86_64.rpm SHA-256: 7fc0bff34d8d8453961d82c48de12badc78410dc9a33a35ef813ba8ee956a942
fapolicyd-debuginfo-1.1.3-8.el8.x86_64.rpm SHA-256: b5d31a1cc754b92072d2ee631db541952a3b4be3092811e3f4bad05979c6f918
fapolicyd-debugsource-1.1.3-8.el8.x86_64.rpm SHA-256: 331a9d1137dce1a366a34adbe6549dfa4fff1955161c4317a67849a0e7f6f802
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
x86_64
fapolicyd-1.1.3-8.el8.x86_64.rpm SHA-256: 7fc0bff34d8d8453961d82c48de12badc78410dc9a33a35ef813ba8ee956a942
fapolicyd-debuginfo-1.1.3-8.el8.x86_64.rpm SHA-256: b5d31a1cc754b92072d2ee631db541952a3b4be3092811e3f4bad05979c6f918
fapolicyd-debugsource-1.1.3-8.el8.x86_64.rpm SHA-256: 331a9d1137dce1a366a34adbe6549dfa4fff1955161c4317a67849a0e7f6f802
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
s390x
fapolicyd-1.1.3-8.el8.s390x.rpm SHA-256: 4fcae355f220ca131a797ff77b826ef3a049e2577caa1a4644cfecb1b9f4485b
fapolicyd-debuginfo-1.1.3-8.el8.s390x.rpm SHA-256: 5bdd91e6ac0fcaab5bd7d9c1e93125d397898262d4ef8abf74cbd13b4f273262
fapolicyd-debugsource-1.1.3-8.el8.s390x.rpm SHA-256: f4eee1c10173bb8f84ab7a8d9924c570a4dd8b2f7708525aa04386e056d7ebd0
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
s390x
fapolicyd-1.1.3-8.el8.s390x.rpm SHA-256: 4fcae355f220ca131a797ff77b826ef3a049e2577caa1a4644cfecb1b9f4485b
fapolicyd-debuginfo-1.1.3-8.el8.s390x.rpm SHA-256: 5bdd91e6ac0fcaab5bd7d9c1e93125d397898262d4ef8abf74cbd13b4f273262
fapolicyd-debugsource-1.1.3-8.el8.s390x.rpm SHA-256: f4eee1c10173bb8f84ab7a8d9924c570a4dd8b2f7708525aa04386e056d7ebd0
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for Power, little endian 8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
ppc64le
fapolicyd-1.1.3-8.el8.ppc64le.rpm SHA-256: c911b9fd4fe292dc242f3a6838ca6008d176ef7b1b3589ffe0f0621b3ec65791
fapolicyd-debuginfo-1.1.3-8.el8.ppc64le.rpm SHA-256: 7aa0c2c091d0aaef36524d9b5b98a6eb9c65f4656ce0caa7e7548e3e8366f7d0
fapolicyd-debugsource-1.1.3-8.el8.ppc64le.rpm SHA-256: 708e5aeaeb87b2098fdae87a37984658ca8885f5de65d3f9677062e571d8da0f
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
ppc64le
fapolicyd-1.1.3-8.el8.ppc64le.rpm SHA-256: c911b9fd4fe292dc242f3a6838ca6008d176ef7b1b3589ffe0f0621b3ec65791
fapolicyd-debuginfo-1.1.3-8.el8.ppc64le.rpm SHA-256: 7aa0c2c091d0aaef36524d9b5b98a6eb9c65f4656ce0caa7e7548e3e8366f7d0
fapolicyd-debugsource-1.1.3-8.el8.ppc64le.rpm SHA-256: 708e5aeaeb87b2098fdae87a37984658ca8885f5de65d3f9677062e571d8da0f
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
x86_64
fapolicyd-1.1.3-8.el8.x86_64.rpm SHA-256: 7fc0bff34d8d8453961d82c48de12badc78410dc9a33a35ef813ba8ee956a942
fapolicyd-debuginfo-1.1.3-8.el8.x86_64.rpm SHA-256: b5d31a1cc754b92072d2ee631db541952a3b4be3092811e3f4bad05979c6f918
fapolicyd-debugsource-1.1.3-8.el8.x86_64.rpm SHA-256: 331a9d1137dce1a366a34adbe6549dfa4fff1955161c4317a67849a0e7f6f802
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for ARM 64 8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
aarch64
fapolicyd-1.1.3-8.el8.aarch64.rpm SHA-256: 96a3de97655b8e138aed43b63a98e220ffee84ede089d67d0a4bc6e81f06c29c
fapolicyd-debuginfo-1.1.3-8.el8.aarch64.rpm SHA-256: 9d2a5b7d16e92fb03c185480023f168061da78b362dbfa7ae1ba8d4d7c4d65a0
fapolicyd-debugsource-1.1.3-8.el8.aarch64.rpm SHA-256: 7473ded158783743b2353463a9d7a41f56457f725bcfb743f732668b7dfde338
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
aarch64
fapolicyd-1.1.3-8.el8.aarch64.rpm SHA-256: 96a3de97655b8e138aed43b63a98e220ffee84ede089d67d0a4bc6e81f06c29c
fapolicyd-debuginfo-1.1.3-8.el8.aarch64.rpm SHA-256: 9d2a5b7d16e92fb03c185480023f168061da78b362dbfa7ae1ba8d4d7c4d65a0
fapolicyd-debugsource-1.1.3-8.el8.aarch64.rpm SHA-256: 7473ded158783743b2353463a9d7a41f56457f725bcfb743f732668b7dfde338
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
ppc64le
fapolicyd-1.1.3-8.el8.ppc64le.rpm SHA-256: c911b9fd4fe292dc242f3a6838ca6008d176ef7b1b3589ffe0f0621b3ec65791
fapolicyd-debuginfo-1.1.3-8.el8.ppc64le.rpm SHA-256: 7aa0c2c091d0aaef36524d9b5b98a6eb9c65f4656ce0caa7e7548e3e8366f7d0
fapolicyd-debugsource-1.1.3-8.el8.ppc64le.rpm SHA-256: 708e5aeaeb87b2098fdae87a37984658ca8885f5de65d3f9677062e571d8da0f
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
fapolicyd-1.1.3-8.el8.src.rpm SHA-256: 362b86b319c54dad7faddc78803ce81f49f21b5123c852f9da942535e2d798b8
x86_64
fapolicyd-1.1.3-8.el8.x86_64.rpm SHA-256: 7fc0bff34d8d8453961d82c48de12badc78410dc9a33a35ef813ba8ee956a942
fapolicyd-debuginfo-1.1.3-8.el8.x86_64.rpm SHA-256: b5d31a1cc754b92072d2ee631db541952a3b4be3092811e3f4bad05979c6f918
fapolicyd-debugsource-1.1.3-8.el8.x86_64.rpm SHA-256: 331a9d1137dce1a366a34adbe6549dfa4fff1955161c4317a67849a0e7f6f802
fapolicyd-selinux-1.1.3-8.el8.noarch.rpm SHA-256: eb443034a4fcaebdb3a1122d3838a1ad4e1cac2147d537878761b8b83711a424

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.