CEBA-2015:1711 CentOS 6 selinux-policy BugFixUpdate

CentOS Errata and Bugfix Advisory 2015:1711 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1711.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
b2b8caa64685eb9b794af4e7094790d4ea28bbc7484a935c31666998875941f9  selinux-policy-3.7.19-279.el6_7.5.noarch.rpm
4287ca6d9f81dd7a327b9acf3335e08a71375ba51aeebecc46e53eb922b96dab  selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm
3b78196c046359121b24fea8737beb67b522977b7a6adcf48fe5fa2d4ce7fcf5  selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm
f720c965d044a0463f5bb990074972e000a98946cf1c313f6940f1ce87a61b4f  selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm
f7fc3ee35292c21ffb4de3bf94d927fab8affd3e1de8e82fb33c6483ded0610b  selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm

x86_64:
b2b8caa64685eb9b794af4e7094790d4ea28bbc7484a935c31666998875941f9  selinux-policy-3.7.19-279.el6_7.5.noarch.rpm
4287ca6d9f81dd7a327b9acf3335e08a71375ba51aeebecc46e53eb922b96dab  selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm
3b78196c046359121b24fea8737beb67b522977b7a6adcf48fe5fa2d4ce7fcf5  selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm
f720c965d044a0463f5bb990074972e000a98946cf1c313f6940f1ce87a61b4f  selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm
f7fc3ee35292c21ffb4de3bf94d927fab8affd3e1de8e82fb33c6483ded0610b  selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm

Source:
22dece7d80867b437589f9bb5182424499320752b4461cd3e1079d00fda0c42c  selinux-policy-3.7.19-279.el6_7.5.src.rpm



CVE-2015-5189

Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.

CVE-2015-5737

The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.

CVE-2015-6654

The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.