This update backports several fixes from upstream and also fixes sandbox issues including CVE-2016-7545

How to install

sudo dnf upgrade --advisory=FEDORA-2016-b7e8e980ef

This update has been submitted for testing by plautrba.

3 years ago

This update has been pushed to testing.

3 years ago

plautrba edited this update.

New build(s):

  • secilc-2.5-6.fc25
3 years ago

This update has been submitted for testing by plautrba.

3 years ago
User Icon besser82 commented & provided feedback 3 years ago
karma

Works fine! LGTM! =)

This update has been pushed to testing.

3 years ago
User Icon renault commented & provided feedback 3 years ago
karma

Seems great,a nd seems solve mount devices too

User Icon pwalter commented & provided feedback 3 years ago
karma

Works

User Icon lupinix commented & provided feedback 3 years ago
karma

no issues so far

This update has been submitted for stable by bodhi.

3 years ago
User Icon heikoada commented & provided feedback 3 years ago
karma

LGTM

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
5
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
5
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1294020 sandbox doesn't set correct security context on copied in files.
0
0
BZ#1317046 the sandbox -i [path] command stopped working
0
0
BZ#1321499 Failed to retrieve rpm info for selinux-policy
0
0
BZ#1353207 usepasswd=true in semanage.conf breaks ssh logins - add /var/empty to ignoredirs
0
0
BZ#1359425 [abrt] libselinux: write_binary_file(): sefcontext_compile killed by SIGSEGV
0
0
BZ#1362041 semanage fcontext reports invalid regex, but file_contexts.local is affected by the command
0
0
BZ#1378577 CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl
0
0
BZ#1378932 CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case policycoreutils semanage
0 0 Test Case policycoreutils semodule