ELSA-2021-4513

ELSA-2021-4513 - libsepol security update

Type:SECURITY
Severity:MODERATE
Release Date:2021-11-16

Description


[2.9-3]
- cil: Fix out-of-bound read of file context pattern ending with '\'
- cil: Destroy classperms list when resetting classpermission (#1983517)
- cil: Destroy classperm list when resetting map perms (#1983521)
- cil: cil_reset_classperms_set() should not reset classpermission (#1983525)
- cil: Set class field to NULL when resetting struct cil_classperms
- cil: More strict verification of constraint leaf expressions
- cil: Exit with an error if declaration name is a reserved word
- cil: Allow permission expressions when using map classes
- cil: Reorder checks for invalid rules when building AST
- cil: Cleanup build AST helper functions
- cil: Create new first child helper function for building AST
- cil: Remove unused field from struct cil_args_resolve
- cil: Destroy disabled optional blocks after pass is complete
- cil: Check if name is a macro parameter first
- cil: fix NULL pointer dereference in __cil_insert_name
- cil: Report disabling an optional block only at high verbose levels
- cil: Use AST to track blocks and optionals when resolving
- cil: Reorder checks for invalid rules when resolving AST
- cil: Sync checks for invalid rules in booleanifs
- cil: Check for statements not allowed in optional blocks (#1983530)


Related CVEs


CVE-2021-36084
CVE-2021-36086
CVE-2021-36087
CVE-2021-36085

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) libsepol-2.9-3.el8.src.rpm0ca2694dffc367c935fc9df3601e7c69-
libsepol-2.9-3.el8.aarch64.rpm281c127d831909ddcfd44b32b685444e-
libsepol-devel-2.9-3.el8.aarch64.rpm1f5a6322d69525fa26dc9ca239b1963f-
libsepol-static-2.9-3.el8.aarch64.rpmdf828e6c3b09974970afc4e9538b8d28-
Oracle Linux 8 (x86_64) libsepol-2.9-3.el8.src.rpm0ca2694dffc367c935fc9df3601e7c69-
libsepol-2.9-3.el8.i686.rpm89c177472d643de5f4837c1fdd736af6-
libsepol-2.9-3.el8.x86_64.rpm25a4062bc66ebe6b1018545cd494a3a1-
libsepol-devel-2.9-3.el8.i686.rpm58dc27d76f7601d9e2c8bc1a2800ce32-
libsepol-devel-2.9-3.el8.x86_64.rpm74ba800f790dff230f78070ca2721259-
libsepol-static-2.9-3.el8.i686.rpm6d904a3ab4b211062f85bc7bb7809bb5-
libsepol-static-2.9-3.el8.x86_64.rpm9e42a1802c38803ea4254fce38e7d683-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete