A security issue in policycoreutils has been announced: http://www.openwall.com/lists/oss-security/2016/09/25/1 I added the upstream fix in Cauldron already. I don't know if we need to update this for Mageia 5, since we don't support SELinux.
(In reply to David Walser from comment #0) > A security issue in policycoreutils has been announced: > http://www.openwall.com/lists/oss-security/2016/09/25/1 > > I added the upstream fix in Cauldron already. > > I don't know if we need to update this for Mageia 5, since we don't support > SELinux. Assigning to all packagers collectively, for more opinions.
CC: (none) => marja11, thomasAssignee: bugsquad => pkg-bugs
Installing policycoreutils-python which provides /usr/bin/sandbox is not enough to make this exploitable. $ /usr/bin/sandbox ./test Traceback (most recent call last): File "/usr/bin/sandbox", line 24, in <module> import selinux ImportError: No module named selinux So unless there is an selinux module to load this does not look like it can be exploited. To this novice this does not look like a problem for mga5.
CC: (none) => mrambo
That sounds right. Thanks Mike.
Status: NEW => RESOLVEDVersion: 5 => CauldronResolution: (none) => FIXED