Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2017.0703
Important: policycoreutils security update
16 March 2017
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: policycoreutils
Publisher: Red Hat
Operating System: Red Hat Enterprise Linux Server 7
Red Hat Enterprise Linux WS/Desktop 7
Impact/Access: Administrator Compromise -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2016-7545
Reference: ESB-2016.2717
Original Bulletin:
https://rhn.redhat.com/errata/RHSA-2017-0535.html
https://rhn.redhat.com/errata/RHSA-2017-0536.html
Comment: This bulletin contains two (2) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: policycoreutils security update
Advisory ID: RHSA-2017:0535-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0535.html
Issue date: 2017-03-15
CVE Names: CVE-2016-7545
=====================================================================
1. Summary:
An update for policycoreutils is now available for Red Hat Enterprise Linux
7.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, s390x, x86_64
3. Description:
The policycoreutils packages contain the core policy utilities required to
manage a SELinux environment.
Security Fix(es):
* It was found that the sandbox tool provided in policycoreutils was
vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed
via the sandbox command could use this flaw to execute arbitrary commands
in the context of the parent shell, escaping the sandbox. (CVE-2016-7545)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1378577 - CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl
6. Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.2):
Source:
policycoreutils-2.2.5-21.el7_2.src.rpm
x86_64:
policycoreutils-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-newrole-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-python-2.2.5-21.el7_2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2):
x86_64:
policycoreutils-debuginfo-2.2.5-21.el7_2.i686.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-devel-2.2.5-21.el7_2.i686.rpm
policycoreutils-devel-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-gui-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-restorecond-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-sandbox-2.2.5-21.el7_2.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.2):
Source:
policycoreutils-2.2.5-21.el7_2.src.rpm
ppc64:
policycoreutils-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.ppc.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-devel-2.2.5-21.el7_2.ppc.rpm
policycoreutils-devel-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-gui-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-newrole-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-python-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-sandbox-2.2.5-21.el7_2.ppc64.rpm
ppc64le:
policycoreutils-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-devel-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-gui-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-newrole-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-python-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-sandbox-2.2.5-21.el7_2.ppc64le.rpm
s390x:
policycoreutils-2.2.5-21.el7_2.s390x.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.s390.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.s390x.rpm
policycoreutils-devel-2.2.5-21.el7_2.s390.rpm
policycoreutils-devel-2.2.5-21.el7_2.s390x.rpm
policycoreutils-gui-2.2.5-21.el7_2.s390x.rpm
policycoreutils-newrole-2.2.5-21.el7_2.s390x.rpm
policycoreutils-python-2.2.5-21.el7_2.s390x.rpm
policycoreutils-sandbox-2.2.5-21.el7_2.s390x.rpm
x86_64:
policycoreutils-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.i686.rpm
policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-devel-2.2.5-21.el7_2.i686.rpm
policycoreutils-devel-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-gui-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-newrole-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-python-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-sandbox-2.2.5-21.el7_2.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.2):
ppc64:
policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64.rpm
policycoreutils-restorecond-2.2.5-21.el7_2.ppc64.rpm
ppc64le:
policycoreutils-debuginfo-2.2.5-21.el7_2.ppc64le.rpm
policycoreutils-restorecond-2.2.5-21.el7_2.ppc64le.rpm
s390x:
policycoreutils-debuginfo-2.2.5-21.el7_2.s390x.rpm
policycoreutils-restorecond-2.2.5-21.el7_2.s390x.rpm
x86_64:
policycoreutils-debuginfo-2.2.5-21.el7_2.x86_64.rpm
policycoreutils-restorecond-2.2.5-21.el7_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-7545
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFYyUm2XlSAg2UNWIIRAgmuAJ0ZFvl6kYTuFqzVDBe3YT5vZIMnQQCgtqDI
DMt+NnX2qyM13MAkwgIOZVA=
=dbZF
- -----END PGP SIGNATURE-----
=============================================================================
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Important: policycoreutils security update
Advisory ID: RHSA-2017:0536-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0536.html
Issue date: 2017-03-15
CVE Names: CVE-2016-7545
=====================================================================
1. Summary:
An update for policycoreutils is now available for Red Hat Enterprise Linux
7.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.1) - x86_64
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1) - x86_64
Red Hat Enterprise Linux Server EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional EUS (v. 7.1) - ppc64, ppc64le, s390x, x86_64
3. Description:
The policycoreutils packages contain the core policy utilities required to
manage a SELinux environment.
Security Fix(es):
* It was found that the sandbox tool provided in policycoreutils was
vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed
via the sandbox command could use this flaw to execute arbitrary commands
in the context of the parent shell, escaping the sandbox. (CVE-2016-7545)
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1378577 - CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl
6. Package List:
Red Hat Enterprise Linux ComputeNode EUS (v. 7.1):
Source:
policycoreutils-2.2.5-16.el7_1.src.rpm
x86_64:
policycoreutils-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-newrole-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-python-2.2.5-16.el7_1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.1):
x86_64:
policycoreutils-debuginfo-2.2.5-16.el7_1.i686.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-devel-2.2.5-16.el7_1.i686.rpm
policycoreutils-devel-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-gui-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-restorecond-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-sandbox-2.2.5-16.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.1):
Source:
policycoreutils-2.2.5-16.el7_1.src.rpm
ppc64:
policycoreutils-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.ppc.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-devel-2.2.5-16.el7_1.ppc.rpm
policycoreutils-devel-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-gui-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-newrole-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-python-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-sandbox-2.2.5-16.el7_1.ppc64.rpm
s390x:
policycoreutils-2.2.5-16.el7_1.s390x.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.s390.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.s390x.rpm
policycoreutils-devel-2.2.5-16.el7_1.s390.rpm
policycoreutils-devel-2.2.5-16.el7_1.s390x.rpm
policycoreutils-gui-2.2.5-16.el7_1.s390x.rpm
policycoreutils-newrole-2.2.5-16.el7_1.s390x.rpm
policycoreutils-python-2.2.5-16.el7_1.s390x.rpm
policycoreutils-sandbox-2.2.5-16.el7_1.s390x.rpm
x86_64:
policycoreutils-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.i686.rpm
policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-devel-2.2.5-16.el7_1.i686.rpm
policycoreutils-devel-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-gui-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-newrole-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-python-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-sandbox-2.2.5-16.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 7.1):
Source:
policycoreutils-2.2.5-16.ael7b_1.src.rpm
ppc64le:
policycoreutils-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-debuginfo-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-devel-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-gui-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-newrole-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-python-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-sandbox-2.2.5-16.ael7b_1.ppc64le.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.1):
ppc64:
policycoreutils-debuginfo-2.2.5-16.el7_1.ppc64.rpm
policycoreutils-restorecond-2.2.5-16.el7_1.ppc64.rpm
s390x:
policycoreutils-debuginfo-2.2.5-16.el7_1.s390x.rpm
policycoreutils-restorecond-2.2.5-16.el7_1.s390x.rpm
x86_64:
policycoreutils-debuginfo-2.2.5-16.el7_1.x86_64.rpm
policycoreutils-restorecond-2.2.5-16.el7_1.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 7.1):
ppc64le:
policycoreutils-debuginfo-2.2.5-16.ael7b_1.ppc64le.rpm
policycoreutils-restorecond-2.2.5-16.ael7b_1.ppc64le.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-7545
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFYyUnEXlSAg2UNWIIRAon4AKCgxQUpVa9MI+Lfg2nkNvQxAZMz7QCgwyr7
GjOwIm9OkFYG6Qg45YRBDWM=
=Vwr4
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBWMobx4x+lLeg9Ub1AQh3Ng/+OLqHXcWqUvGbiD504Nm24RDGoytiuriv
JGkW+PdinxYtfvN2wQkO7KRU8JO9MVCJCqamEIeJqgja+psW4t+DWIt3BhH8bKWK
llZMWYuteKRnp8qn3o7YwkjWmNKTdBvJwy3F5NH/YaO5jUcBx6PPlVZ1bBxpaH8r
DF3HMYeQ0A3Cwbnv9K6kYgZnSyWyA2oqgIRxP4gv0ev/LODHSzFGb/1wYe40fqLB
z2dYBkII+36kIONAjYq867L0ml9VKWWfUBo8gyBEPzgVBH5lAr7Z41wMKuEAqX3u
Tt7a1anfgCUco9dlW+RW5FFVjkRHxewhBm6NNZU1mbAI3GsRT8nHZZJtlLVkH6cr
6rzowjDYu61R004fn9PcRAgSXh5GL+1htoWHeWw+bicKFZqWQoYagI1d837+ivy4
6efF3bbo5UPM76AXzGSfjMGnXKNcR1PBr09+PcHF189O3hegVNVIcTD65r7shmsZ
u4+R2ATepALQJQV2AV4MeFIgZidZgnP/8KP3NBX5QBkrSLT3N2cWN8El/Ewdzjdt
m7jKQ3BzxBOhI64thMqI3p0eBjTV4rX+NWfOFrs7kmG2RdaOmOuPDNardehccrtx
RikDwuJRxjp/DSFIdYldJ4/rDA1AulWmAZS9TQ3Uy17i2EbRv6o5jKXOkP168kxp
XybmxK7Y+Kg=
=VaMM
-----END PGP SIGNATURE-----