SUSE-RU-2024:0150-1: moderate: Recommended update for selinux-policy

SLE-UPDATES null at suse.de
Thu Jan 18 16:30:17 UTC 2024 


# Recommended update for selinux-policy

Announcement ID: SUSE-RU-2024:0150-1  
Rating: moderate  
References:

  * bsc#1205931
  * bsc#1215423
  * bsc#1216060

  
Affected Products:

  * openSUSE Leap Micro 5.4
  * SUSE Linux Enterprise Micro 5.4
  * SUSE Linux Enterprise Micro for Rancher 5.4

  
  
An update that has three fixes can now be installed.

## Description:

This update for selinux-policy fixes the following issues:

  * Allow rebootmgr to read the system state (bsc#1205931)
  * Allow keepalived_t read+write kernel_t pipes (bsc#1216060)
  * Allow init to run bpf programs. We do this during early startup
    (bsc#1215423)
  * Allow sysadm_t run kernel bpf programs

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro for Rancher 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2024-150=1

  * SUSE Linux Enterprise Micro 5.4  
    zypper in -t patch SUSE-SLE-Micro-5.4-2024-150=1

  * openSUSE Leap Micro 5.4  
    zypper in -t patch openSUSE-Leap-Micro-5.4-2024-150=1

## Package List:

  * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
    * selinux-policy-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-devel-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-targeted-20230511+git12.c35c6fe1-150400.4.24.1
  * SUSE Linux Enterprise Micro 5.4 (noarch)
    * selinux-policy-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-devel-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-targeted-20230511+git12.c35c6fe1-150400.4.24.1
  * openSUSE Leap Micro 5.4 (noarch)
    * selinux-policy-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-devel-20230511+git12.c35c6fe1-150400.4.24.1
    * selinux-policy-targeted-20230511+git12.c35c6fe1-150400.4.24.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1205931
  * https://bugzilla.suse.com/show_bug.cgi?id=1215423
  * https://bugzilla.suse.com/show_bug.cgi?id=1216060

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240118/6da7767c/attachment.htm>

More information about the sle-updates mailing list