- Issued:
- 2010-01-21
- Updated:
- 2010-01-21
RHBA-2010:0063 - selinux-policy bug fix update
Synopsis
selinux-policy bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated selinux-policy packages that fix a regression that prevented postfix-driven systems from sending e-mail via sendmail are now available.
Description
The selinux-policy packages contain the rules that govern how confined processes run on the system.
These updated selinux-policy packages provide the fix for the following bug:
- selinux-policy errata update RHBA-2010:0013 introduced a regression which prevented postfix-driven systems from sending e-mail using sendmail if SELinux was in enforcing mode. With this update, postfix_postdrop can read and write sendmail unix_stream_sockets, correcting the regression and allowing e-mails to be sent using sendmail. (BZ#555793)
Note: a workaround involving the manual creation of a mypostfix.te was documented in BZ#553492 (see References below). Once this update is installed, the workaround and manually created file are no longer required.
All users should upgrade to these updated packages, which resolve this issue.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.4 | x86_64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.4 | ia64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 5.4 | i386 |
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for Power, big endian - Extended Update Support | 5.4 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux for IBM z Systems - Extended Update Support | 5.4 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- selinux-policy-targeted-2.4.6-255.el5_4.4.noarch.rpm
- selinux-policy-mls-2.4.6-255.el5_4.4.noarch.rpm
- selinux-policy-devel-2.4.6-255.el5_4.4.noarch.rpm
- selinux-policy-2.4.6-255.el5_4.4.src.rpm
- selinux-policy-minimum-2.4.6-255.el5_4.4.noarch.rpm
- selinux-policy-2.4.6-255.el5_4.4.noarch.rpm
- selinux-policy-strict-2.4.6-255.el5_4.4.noarch.rpm
Fixes
CVEs
(none)
References
- This content is not included.This content is not included.https://bugzilla.redhat.com/show_bug.cgi?id=553492
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.