Open maccelf opened 4 hours ago
Errata created in ALBS: https://build.almalinux.org/errata?id=ALSA-2020:5607&platform_id=1
Find packages in Build: https://build.almalinux.org/build/1759
Find packages in Build: https://build.almalinux.org/build/823
Find packages in Build: https://build.almalinux.org/build/130
Find packages in Build: https://build.almalinux.org/build/52
fapolicyd bug fix update Severity: important Description The fapolicyd software framework introduces a form of file access control based on a user-defined policy. The application file access control feature provides one of the most efficient ways to prevent running untrusted and possibly malicious applications on the system.
Bug Fix(es):
With this update, fapolicyd ignores the suffix in the binary path so the binary can match the trust database. As a result, fapolicyd enforces the rules correctly and the update process can finish.
(BZ#1906472)
(BZ#1905895)
Note: The issue from BZ#1906472 was previously addressed in erratum RHBA-2020:5242 linked to from the References section. Due to the high impact of the issue that can cause systems to become unable to boot, we are releasing the same fix again in a security erratum to ensure proper visibility to users who only install security updates. This fix has not been changed in any way since the original bug fix erratum. This erratum does not provide any security fixes.
For more details about the issue, see the Knowledgebase article linked from the References section.
Affected packages: fapolicyd-1.0-3.el8_3.4.x86_64 fapolicyd-selinux-1.0-3.el8_3.4.noarch fapolicyd-1.0-3.el8_3.4.s390x fapolicyd-selinux-1.0-3.el8_3.4.noarch fapolicyd-1.0-3.el8_3.4.ppc64le fapolicyd-selinux-1.0-3.el8_3.4.noarch fapolicyd-1.0-3.el8_3.4.aarch64 fapolicyd-selinux-1.0-3.el8_3.4.noarch