ELBA-2015-0985

ELBA-2015-0985 - selinux-policy bug fix and enhancement update

Type:	BUG
Severity:	NA
Release Date:	2015-05-12

Description

[3.13.1-23.0.1.el7_1.7]
- Allow ocfs2_dlmfs to be mounted with ocfs2_dlmfs_t type.

[3.13.1-23.el7_7.7]
- Label /usr/libexec/postgresql-ctl as postgresql_exec_t
- Update virt_read_pid_files() interface to allow read also symlinks with virt_var_run_t type.
- Add labeling for /usr/libexec/mysqld_safe-scl-helper.
- Add support for /usr/libexec/mongodb-scl-helper RHSCL helper script.
Resolves:#1209942
- Allow mysqld_t to use pam.It is needed by MariDB if auth_apm.so auth plugin is used
Resolves:#1214236
- Added label mysqld_etc_t for /etc/my.cnf.d/ dir.
Resolves:#1214235
- Add support for mongod/mongos systemd unit files.
Resolves:#1214194

[3.13.1-23.el7_7.6]
- Make mongodb_t as nsswitch domain
- ALlow mongod execmem by default
Resolves:#1212970

[3.13.1-23.el7_7.5]
- Update policy/mls for sockets related to accept.
Resolves:#1207549

[3.13.1-23.el7_7.4]
- Update policy/mls for sockets. Rules were contradictory.
Resolves:#1207549

[3.13.1-23.el7_7.3]
- Dontaudit ifconfig writing inhertited /var/log/pluto.log.
Resolves:#1205580
- Update init_rw_tcp_sockets() interface to use getopt and setopt.

[3.13.1-23.el7_7.2]
- Use enable_mls instead of enabled_mls in userdomain.if
Resolves:#1204778

[3.13.1-23.el7_7.1]
- Allow a user to login with different security level via ssh.
Resolves:#1204778

Updated Packages

Release/Architecture

Filename

MD5sum

Superseded By Advisory

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team