-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-67efe88c29 2021-11-15 05:45:24.448553 --------------------------------------------------------------------------------
Name : libsepol Product : Fedora 35 Version : 3.3 Release : 2.fc35 URL : https://github.com/SELinuxProject/selinux/wiki Summary : SELinux binary policy manipulation library Description : Security-enhanced Linux is a feature of the Linux�� kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement��, Role-based Access Control, and Multi-level Security.
libsepol provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies such as customizing policy boolean settings.
-------------------------------------------------------------------------------- Update Information:
Fixed libsepol.pc -------------------------------------------------------------------------------- ChangeLog:
* Thu Nov 11 2021 Petr Lautrbach plautrba@redhat.com - 3.3-2 - Use correct libdir in libsepol.pc (#2018492) -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1979663 - CVE-2021-36084 libsepol: use-after-free in __cil_verify_classperms() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979663 [ 2 ] Bug #1979665 - CVE-2021-36085 libsepol: use-after-free in __cil_verify_classperms() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979665 [ 3 ] Bug #1979667 - CVE-2021-36086 libsepol: use-after-free in cil_reset_classpermission() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979667 [ 4 ] Bug #1979669 - CVE-2021-36087 libsepol: heap-based buffer overflow in ebitmap_match_any() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979669 [ 5 ] Bug #2018492 - pkg-config returns bad library flags on 64-bit https://bugzilla.redhat.com/show_bug.cgi?id=2018492 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-67efe88c29' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------