Publishing details
Changelog
libsepol (3.0-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: use-after-free in __cil_verify_classperms
- debian/patches/CVE-2021-36084.patch: alter destruction of
classperms list when resetting classpermission by avoiding
deleting the inner data in cil/src/cil_reset_ast.c
- CVE-2021-36084
* SECURITY UPDATE: use-after-free in __cil_verify_classperms
- debian/patches/CVE-2021-36085.patch: alter destruction of
classperms when resetting a perm by avoiding
deleting the inner data in cil/src/cil_reset_ast.c
- CVE-2021-36085
* SECURITY UPDATE: use-after-free in cil_reset_classpermission
- debian/patches/CVE-2021-36086.patch: prevent
cil_reset_classperms_set from resetting classpermission by
setting it to NULL in cil/src/cil_reset_ast.c
- CVE-2021-36086
* SECURITY UPDATE: heap-based buffer over-read in ebitmap_match_any
- debian/patches/CVE-2021-36087.patch: check if a tunable
declaration, in-statement, block, blockabstract, or macro definition
is found within an optional in cil/src/cil_build_ast.c and
cil/src/cil_resolve_ast.c
- CVE-2021-36087
-- David Fernandez Gonzalez <email address hidden> Tue, 26 Apr 2022 11:21:29 +0200
Builds
Built packages
-
libsepol1
SELinux library for manipulating binary security policies
-
libsepol1-dbgsym
debug symbols for libsepol1
-
libsepol1-dev
SELinux binary policy manipulation library and development files
-
sepol-utils
Security Enhanced Linux policy utility programs
-
sepol-utils-dbgsym
debug symbols for sepol-utils
Package files