policycoreutils-3.2-1.4 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11179 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z policycoreutils-3.2-1.4 on GA media These are all security issues fixed in the policycoreutils-3.2-1.4 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11179 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11179 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2016-7545/ SUSE CVE CVE-2016-7545 page https://www.suse.com/security/cve/CVE-2018-1063/ SUSE CVE CVE-2018-1063 page openSUSE Tumbleweed policycoreutils-3.2-1.4 policycoreutils-devel-3.2-1.4 policycoreutils-lang-3.2-1.4 policycoreutils-newrole-3.2-1.4 policycoreutils-python-utils-3.2-1.4 python3-policycoreutils-3.2-1.4 policycoreutils-3.2-1.4 as a component of openSUSE Tumbleweed policycoreutils-devel-3.2-1.4 as a component of openSUSE Tumbleweed policycoreutils-lang-3.2-1.4 as a component of openSUSE Tumbleweed policycoreutils-newrole-3.2-1.4 as a component of openSUSE Tumbleweed policycoreutils-python-utils-3.2-1.4 as a component of openSUSE Tumbleweed python3-policycoreutils-3.2-1.4 as a component of openSUSE Tumbleweed SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. CVE-2016-7545 openSUSE Tumbleweed:policycoreutils-3.2-1.4 openSUSE Tumbleweed:policycoreutils-devel-3.2-1.4 openSUSE Tumbleweed:policycoreutils-lang-3.2-1.4 openSUSE Tumbleweed:policycoreutils-newrole-3.2-1.4 openSUSE Tumbleweed:policycoreutils-python-utils-3.2-1.4 openSUSE Tumbleweed:python3-policycoreutils-3.2-1.4 moderate 6.6 AV:L/AC:M/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-7545.html CVE-2016-7545 https://bugzilla.suse.com/1000998 SUSE Bug 1000998 https://bugzilla.suse.com/968375 SUSE Bug 968375 https://bugzilla.suse.com/968674 SUSE Bug 968674 Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11. CVE-2018-1063 openSUSE Tumbleweed:policycoreutils-3.2-1.4 openSUSE Tumbleweed:policycoreutils-devel-3.2-1.4 openSUSE Tumbleweed:policycoreutils-lang-3.2-1.4 openSUSE Tumbleweed:policycoreutils-newrole-3.2-1.4 openSUSE Tumbleweed:policycoreutils-python-utils-3.2-1.4 openSUSE Tumbleweed:python3-policycoreutils-3.2-1.4 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-1063.html CVE-2018-1063 https://bugzilla.suse.com/1083624 SUSE Bug 1083624