787605 – selinux-policy update shows error parsing file obj_perm_sets.spt in FIPS mode

Bug 787605 - selinux-policy update shows error parsing file obj_perm_sets.spt in FIPS mode

Summary: selinux-policy update shows error parsing file obj_perm_sets.spt in FIPS mode

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	policycoreutils
Sub Component:
Version:	6.2
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Daniel Walsh
QA Contact:	Milos Malik
Docs Contact:
URL:
Whiteboard:
Depends On:	786191 953862
Blocks:
TreeView+	depends on / blocked

Reported:	2012-02-06 09:54 UTC by RHEL Program Management
Modified:	2013-04-19 11:08 UTC (History)
CC List:	9 users (show)
Fixed In Version:	policycoreutils-2.0.83-19.20.el6_2
Doc Type:	Bug Fix
Doc Text:	When installing packages on the system in (Federal Information Processing Standard (FIPS) mode, parsing errors could occur and installation failed. This was caused by the "/usr/lib64/python2.7/site-packages/sepolgen/yacc.py" parser, which used MD5 checksums that are not supported in FIPS mode. This update modifies the parser to use SHA-256 checksums and installation process is now successful.
Clone Of:
Environment:
Last Closed:	2012-02-14 21:42:07 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2012:0134	0	normal	SHIPPED_LIVE	policycoreutils bug fix update	2012-02-15 02:41:25 UTC

Description RHEL Program Management 2012-02-06 09:54:34 UTC

This bug has been copied from bug #786191 and has been proposed
to be backported to 6.2 z-stream (EUS).

Comment 4 Daniel Walsh 2012-02-06 16:10:48 UTC

Fixed in policycoreutils-2.0.83-19.20.el6_2

Comment 7 Miroslav Svoboda 2012-02-14 17:51:25 UTC

    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
When installing packages on the system in (Federal Information Processing Standard (FIPS) mode, parsing errors could occur and installation failed. This was caused by the "/usr/lib64/python2.7/site-packages/sepolgen/yacc.py" parser, which used MD5 checksums that are not supported in FIPS mode. This update modifies the parser to use SHA-256 checksums and installation process is now successful.

Comment 8 errata-xmlrpc 2012-02-14 21:42:07 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2012-0134.html

Note You need to log in before you can comment on or make changes to this bug.