[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 638-1] policycoreutils security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : policycoreutils
Version        : 2.1.10-9+deb7u1
CVE ID         : CVE-2016-7545
Debian Bug     : 838599

It was discovered that there was a sandbox escape via the "TIOCSTI" ioctl in
policycoreutils, a set of programs required for the basic operation of an
SELinux-based system.

For Debian 7 "Wheezy", this issue has been fixed in policycoreutils version
2.1.10-9+deb7u1.

We recommend that you upgrade your policycoreutils packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJX5/W7AAoJEB6VPifUMR5Yf10P+gNNJ/WfqJKmpRtFVj+GPtQ8
9oc1rMj5wr66b+Q17UBIhHFfNrhE1ciMLD5NjVRnmA23RUYK3GiBQp/dCV8nsvbc
hBWGUY/PiUZ3DOI24bpIfjPDXK2q9bHd6AJiRI6iTbL80rCRX6+634VLrsFXsLbC
O1W/kkHKVeAK3CHcdcbvUGFm7vy8MisumfgyyLY97XsEWO3tZpkNZgTUQYkXFiur
9Lv406ru/1Fqry++OsSmV5yWUEhRnWCFxDPFKAh0Jpmyoj73Csxto6NN3frzlHvn
a6lJoJzqC+W1neGaBpDihiZnwHuxDkhTyAy35nNM+kaAelVpl/a+wXqsORLZjjmD
rddjm9FVf2sRm32I1QP329AE7UCGTJbP08d9T0ciRO+L0s3D1FYDUkBKknnqdxNS
Ldx9LfxtAI01RZmkKuWv00QNxuyhPB/nO/NNnSfU9wmyC7LOHwNFnT8ijG07qGzX
ke2cGWtxDO9af4JM3fJ2yXh2L3d430lrZF1H7SzvB11ih7OZ1tzTJ7HXZESS+S3f
GDS6bvAVuVcqXUYzOOwbTH3jAZsr5P/hLIiG98fkIlaqqFK8g1dsLG4MvNLOoFWw
FCoZjDO21RI2lYPYf01GRKG+Fkd200BqskMVa121ygPI6SRUdymv9lcdpkqmb8WB
Un632v3TVE3djOdD9LCx
=PCgN
-----END PGP SIGNATURE-----
Reply to: