Bug 348761
Summary: | AVC failure in CVE-2007-4465 due to mod_nss (bad selinux policy) | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Martin Vecera <mvecera> |
Component: | nss | Assignee: | Elio Maldonado Batiz <emaldona> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 5.0 | CC: | amarecek, dapospis, emaldona, jplans, ohudlick, shaines, syeghiay |
Target Milestone: | rc | Keywords: | SELinux, ZStream |
Target Release: | 5.3.z | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-02-21 06:49:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 511862 |
Description
Martin Vecera
2007-10-23 13:45:30 UTC
This is a bug in the way libnss is built. It is execing netstat rather then using /dev/rand and/or /dev/urand for generation of random data. It has been previously reported and hopfully the library will be backported to RHEL5. Martin, what version of package nss.rpm is installed in your environment? The fix you need is contained in RHEL 5.1 You need nss 3.11.7-1.2 or newer Hello, I can't tell you. The errata was successfully released and thus this issue is now irrelevant I think. per last bug council, marking modified so QE can verify This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0291.html |