diff --git a/.gitignore b/.gitignore index 4febc92..c004cee 100644 --- a/.gitignore +++ b/.gitignore @@ -394,3 +394,5 @@ serefpolicy* /selinux-policy-70fdc5c.tar.gz /selinux-policy-contrib-97a0585.tar.gz /selinux-policy-d980d1d.tar.gz +/selinux-policy-contrib-6e3b593.tar.gz +/selinux-policy-5b37296.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 4119aca..b85149a 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 d980d1d2b126bcb4e1542a25244e0921eb4c7b08 +%global commit0 5b37296b41442bc1c4fd8ae2bf0cc082d0c4f3c9 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 97a05859ae0f924a14d905e3557610d4774decfd +%global commit1 6e3b593750a3fa4c39fb23cbb7acc1192f245f76 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 48%{?dist} +Release: 49%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -714,6 +714,19 @@ exit 0 %endif %changelog +* Wed Oct 09 2019 Lukas Vrabec - 3.14.3-49 +- Remove duplicate file context for /usr//bin/nova-api-metadata +- Allow setroubleshoot_fixit_t to read random_device_t +- Label /etc/named direcotory as named_conf_t BZ(1759495) +- Allow dkim to execute sendmail +- Update virt_read_content interface to allow caller domain mmap virt_content_t block devices and files +- Update aide_t domain to allow this tool to analyze also /dev filesystem +- Update interface modutils_read_module_deps to allow caller domain also mmap modules_dep_t files BZ(1758634) +- Allow avahi_t to send msg to xdm_t +- Update dev_manage_sysfs() to support managing also lnk files BZ(1759019) +- Allow systemd_logind_t domain to read blk_files in domain removable_device_t +- Add new interface udev_getattr_rules_chr_files() + * Fri Oct 04 2019 Lukas Vrabec - 3.14.3-48 - Update aide_t domain to allow this tool to analyze also /dev filesystem - Add net_broadcast capability to openvswitch_t domain BZ(1716044) diff --git a/sources b/sources index 4fc4597..887d73e 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-97a0585.tar.gz) = c908673903d2ebdff1142d560e5e4d3bcd7b4c9a0d0db31b86b5c3978584edf0d180c8bb1ca99ebd82a776a3ce7c590b826920d4f8773a1175952dfba39d0cbb -SHA512 (selinux-policy-d980d1d.tar.gz) = 53d93b8e4ecb654fe3e2408b424e6462aa1a722565f7e26825e0e017ee62387aad267b209794a4fa1b0cf5ce7738f70a53e3a6b808bf8b377ff2826f1e1b52a0 -SHA512 (container-selinux.tgz) = 5560af4e6eddd6277c6ef03a34f79f54d4a8f481ca60dbfba5cad459b195664ac80dd6e6b8259ff0c6bac031e200cd99562d5bceda3cd51cf245c156acee4bec +SHA512 (selinux-policy-contrib-6e3b593.tar.gz) = 6cc11cbb4ac75b855302f2758a7c229264b8e1290cf1ff14fe0bd3f1f2507152d762e18a20aaca1e0a17591362ab0ab61dbe0d5c14abe7ab567a8457636d932b +SHA512 (selinux-policy-5b37296.tar.gz) = 6dca621397608d8a6ef69d2c828411e3907e47a32363d7b85e5f8a14827ae2da7ee7b0c7e1110fceda39d8b0517301eefe1164ba567da858d2794b3e958a1fc6 +SHA512 (container-selinux.tgz) = 9a0b95efa8826833fd75cc95a36f28d21b3f14761131dccbc2e91a205501ac0b6b08c50290e221729a6fa355da669d4c17c4871a7d71242544b9643dc700ef94 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4