4.121. keyutils


Updated keyutils packages that fix one bug and add one enhancement are now available for Red Hat Enterprise Linux 6.
The keyutils package provides utilities to control the Linux kernel key management facility and to provide a mechanism by which the kernel calls up to user space to get a key instantiated.

Bug Fix

BZ#730002
The keyutils subpackage did not contain a dependency on the keyutils-libs subpackage but rather it contained only an implicit dependency on the libkeyutils.so.[n] shared object files specified as the SONAME variable. As a consequence, the keyutils subpackage could have been updated without applying the newest keyutils libraries, which could have caused keyutils to work incorrectly. To fix this issue, the keyutils spec file has been modified to include an explicit dependency on the version of keyutils-libs that matches the keyutils subpackage. Both subpackages are now updated together.

Enhancement

BZ#727280
Previously, the keyutils subpackages were compiled without the RELRO (read-only relocations) flag. Programs provided by this package and also programs built against the keyutils libraries were thus vulnerable to various attacks based on overwriting the ELF section of a program. To increase the security of keyutils programs and libraries, the keyutils spec file has been modified to use the "-Wl,-z,relro" flags when compiling the packages. As a result, the keyutils subpackages are now provided with partial RELRO protection.
Users are advised to upgrade to these updated keyutils packages, which fix this bug and add this enhancement.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.