--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-67efe88c29
2021-11-15 05:45:24.448553
--------------------------------------------------------------------------------
Name : libsepol
Product : Fedora 35
Version : 3.3
Release : 2.fc35
URL :
https://github.com/SELinuxProject/selinux/wiki
Summary : SELinux binary policy manipulation library
Description :
Security-enhanced Linux is a feature of the Linux�� kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement��, Role-based Access
Control, and Multi-level Security.
libsepol provides an API for the manipulation of SELinux binary policies.
It is used by checkpolicy (the policy compiler) and similar tools, as well
as by programs like load_policy that need to perform specific transformations
on binary policies such as customizing policy boolean settings.
--------------------------------------------------------------------------------
Update Information:
Fixed libsepol.pc
--------------------------------------------------------------------------------
ChangeLog:
* Thu Nov 11 2021 Petr Lautrbach <plautrba(a)redhat.com> - 3.3-2
- Use correct libdir in libsepol.pc (#2018492)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1979663 - CVE-2021-36084 libsepol: use-after-free in
__cil_verify_classperms() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1979663
[ 2 ] Bug #1979665 - CVE-2021-36085 libsepol: use-after-free in
__cil_verify_classperms() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1979665
[ 3 ] Bug #1979667 - CVE-2021-36086 libsepol: use-after-free in
cil_reset_classpermission() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1979667
[ 4 ] Bug #1979669 - CVE-2021-36087 libsepol: heap-based buffer overflow in
ebitmap_match_any() [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1979669
[ 5 ] Bug #2018492 - pkg-config returns bad library flags on 64-bit
https://bugzilla.redhat.com/show_bug.cgi?id=2018492
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-67efe88c29' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------