- Issued:
- 2014-05-22
- Updated:
- 2014-10-13
RHBA-2014:0535 - netlabel_tools bug fix update
Synopsis
netlabel_tools bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated netlabel_tools packages that fix three bugs are now available for Red Hat Enterprise Linux 6.
Description
NetLabel is a kernel subsystem which implements explicit packet labeling protocols such as CIPSO. Packet labeling is used in secure networks to mark packets with the security attributes of the data they contain. This package provides the necessary user space tools to query and configure the kernel subsystem.
This update fixes the following bugs:
-
Prior to this update, netlabelctl, the NetLabel management tool, incorrectly handled multi-part netlink messages that limited the number of static labels displayed. Consequently, running the "netlabelctl unlbl list -p" command did not provide the correct output when a large number of static labels were configured. This bug has been fixed, and netlabelctl now works correctly and lists all the configured static labels as expected. (BZ#918763)
-
Previously, netlabelctl did not allocate enough buffer space for large configuration messages from the kernel. In addition, netlabelctl could not adjust the buffer size in the cases where the buffer was not large enough. As a consequence, a large number of CIPSO level and category translations could not be used. With this update, the default message buffer has been increased, and the buffer is now increased dynamically as necessary. As a result, a large number of CIPSO level and category translations can be used as expected in this scenario. (BZ#1000177)
-
Prior to this update, the file with the licence text was not included in the binary packages. This update adds the license text in the packages. (BZ#1098082)
Users of netlabel_tools are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- netlabel_tools-debuginfo-0.19-11.el6.i686.rpm
- netlabel_tools-0.19-11.el6.ppc64.rpm
- netlabel_tools-debuginfo-0.19-11.el6.s390x.rpm
- netlabel_tools-0.19-11.el6.s390x.rpm
- netlabel_tools-debuginfo-0.19-11.el6.ppc64.rpm
- netlabel_tools-debuginfo-0.19-11.el6.x86_64.rpm
- netlabel_tools-0.19-11.el6.src.rpm
- netlabel_tools-0.19-11.el6.x86_64.rpm
- netlabel_tools-0.19-11.el6.i686.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.