Package "libsepol"
Name: |
libsepol
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- SELinux library for manipulating binary security policies
- SELinux binary policy manipulation library and development files
|
Latest version: |
2.7-1ubuntu0.1 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
main |
Links
Other versions of "libsepol" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
libsepol (2.7-1ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: use-after-free in __cil_verify_classperms
- debian/patches/CVE-2021-36084.patch: alter destruction of
classperms list when resetting classpermission by avoiding
deleting the inner data in cil/src/cil_reset_ast.c
- CVE-2021-36084
* SECURITY UPDATE: use-after-free in __cil_verify_classperms
- debian/patches/CVE-2021-36085.patch: alter destruction of
classperms when resetting a perm by avoiding
deleting the inner data in cil/src/cil_reset_ast.c
- CVE-2021-36085
* SECURITY UPDATE: use-after-free in cil_reset_classpermission
- debian/patches/CVE-2021-36086.patch: prevent
cil_reset_classperms_set from resetting classpermission by
setting it to NULL in cil/src/cil_reset_ast.c
- CVE-2021-36086
* SECURITY UPDATE: heap-based buffer over-read in ebitmap_match_any
- debian/patches/CVE-2021-36087.patch: check if a tunable
declaration, in-statement, block, blockabstract, or macro definition
is found within an optional in cil/src/cil_build_ast.c and
cil/src/cil_resolve_ast.c
- CVE-2021-36087
-- David Fernandez Gonzalez <email address hidden> Tue, 26 Apr 2022 12:52:52 +0200
|
CVE-2021-36084 |
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper |
CVE-2021-36085 |
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). |
CVE-2021-36086 |
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list |
CVE-2021-36087 |
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs bec |
|
About
-
Send Feedback to @ubuntu_updates