Issued:: 2023-11-14
Updated:: 2023-11-14

RHBA-2023:7033 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

fapolicyd bug fix and enhancement update

Type/Severity

Bug Fix Advisory

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.

Description

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

RHEL-519 - Rebase fapolicyd to the latest stable version
RHEL-629 - Default q_size doesn't match manpage's one
RHEL-630 - fapolicyd still allows execution of a program after "untrusting" it
RHEL-631 - fapolicyd needs to make sure the FD limit is never reached
RHEL-632 - fapolicyd can leak FDs and never answer request, causing target process to hang forever
RHEL-628 - RFE: send rule number to fanotify so it gets audited
RHEL-829 - fapolicyd can create RPM DB files /var/lib/rpm/__db.xxx with bad ownership causing AVCs to occur

CVEs

(none)

References

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
fapolicyd-1.3.2-1.el8.src.rpm	SHA-256: c345dd7596615862dff1f1302e3e3ebc4e118e2b46c0b5922a293a2a1d46c6e9
x86_64
fapolicyd-1.3.2-1.el8.x86_64.rpm	SHA-256: b5af2ccd416a5a71071cf953e03926b84aca59ff647389b7c386a6e33eb00f91
fapolicyd-debuginfo-1.3.2-1.el8.x86_64.rpm	SHA-256: d317d0124aa0821370a4d20a15877c70af845b4cef001a433a489d4abcc2692e
fapolicyd-debugsource-1.3.2-1.el8.x86_64.rpm	SHA-256: 54ab560001942422cab8b20176a9e12f8b1fbd32e8b40f07410169e81a0b62a2
fapolicyd-selinux-1.3.2-1.el8.noarch.rpm	SHA-256: 7229ee8e3d65ced6a0be143b19a962a9dbdd9157075c48ff1e9fdabd7d491af9

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
fapolicyd-1.3.2-1.el8.src.rpm	SHA-256: c345dd7596615862dff1f1302e3e3ebc4e118e2b46c0b5922a293a2a1d46c6e9
s390x
fapolicyd-1.3.2-1.el8.s390x.rpm	SHA-256: 74ac1ab49b2daa9a2a34e138b01a96ec65375bbb1aea5d98b57bac7bbf0ba0f0
fapolicyd-debuginfo-1.3.2-1.el8.s390x.rpm	SHA-256: c2e4d3e4dafcda865bedf15a2e14d167a88020c5b210b147a00076fb47c2ee93
fapolicyd-debugsource-1.3.2-1.el8.s390x.rpm	SHA-256: 893614424298adf79567d842b5d7ae4257e962651606036bdf4ae90a4f39d088
fapolicyd-selinux-1.3.2-1.el8.noarch.rpm	SHA-256: 7229ee8e3d65ced6a0be143b19a962a9dbdd9157075c48ff1e9fdabd7d491af9

Red Hat Enterprise Linux for Power, little endian 8

SRPM
fapolicyd-1.3.2-1.el8.src.rpm	SHA-256: c345dd7596615862dff1f1302e3e3ebc4e118e2b46c0b5922a293a2a1d46c6e9
ppc64le
fapolicyd-1.3.2-1.el8.ppc64le.rpm	SHA-256: f663bc98bd13770963005deb3693b62d806e36631ab74a63d5f0b3ab03953ca5
fapolicyd-debuginfo-1.3.2-1.el8.ppc64le.rpm	SHA-256: fffb1cdd3653ef282e082c44eddf2b4556ecf2c47fb1f2253b70d511500d5527
fapolicyd-debugsource-1.3.2-1.el8.ppc64le.rpm	SHA-256: 29d877f24925857154ec8ac104cbfa81ad98407ab5b59b3bd78e361cc9a3022e
fapolicyd-selinux-1.3.2-1.el8.noarch.rpm	SHA-256: 7229ee8e3d65ced6a0be143b19a962a9dbdd9157075c48ff1e9fdabd7d491af9

Red Hat Enterprise Linux for ARM 64 8

SRPM
fapolicyd-1.3.2-1.el8.src.rpm	SHA-256: c345dd7596615862dff1f1302e3e3ebc4e118e2b46c0b5922a293a2a1d46c6e9
aarch64
fapolicyd-1.3.2-1.el8.aarch64.rpm	SHA-256: 0881a0f0a73b89356957d04b9af50bc9e116f4b38b86bc4d3f61207d6d4f4820
fapolicyd-debuginfo-1.3.2-1.el8.aarch64.rpm	SHA-256: 1c4aa88e61e9df7910d418424044f8fabbf9cd97b6de35e2529cebb10589679a
fapolicyd-debugsource-1.3.2-1.el8.aarch64.rpm	SHA-256: 59574ee771ccc597d350ae248b0d8d96de273b6ea86ade36148c4eb5cc3203fe
fapolicyd-selinux-1.3.2-1.el8.noarch.rpm	SHA-256: 7229ee8e3d65ced6a0be143b19a962a9dbdd9157075c48ff1e9fdabd7d491af9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation