From 191f6b36c344cb5be7a0a0184c51a15943c72f01 Mon Sep 17 00:00:00 2001 From: Lukas Vrabec Date: May 30 2019 09:43:45 +0000 Subject: * Thu May 30 2019 Lukas Vrabec - 3.14.4-20 - Allow pcp_pmcd_t domain to domtrans to mdadm_t domain BZ(1714800) - Allow spamd_update_t to exec itsef - Fix broken logwatch SELinux module - Allow logwatch_mail_t to manage logwatch cache files/dirs - Update wireshark_t domain to use several sockets - Allow sysctl_rpc_t and sysctl_irq_t to be stored on fs_t --- diff --git a/.gitignore b/.gitignore index 9e89a6d..564f751 100644 --- a/.gitignore +++ b/.gitignore @@ -377,3 +377,5 @@ serefpolicy* /selinux-policy-78cbf0a.tar.gz /selinux-policy-contrib-efd9524.tar.gz /selinux-policy-50e97b7.tar.gz +/selinux-policy-contrib-7dabd9f.tar.gz +/selinux-policy-26ad838.tar.gz diff --git a/selinux-policy.spec b/selinux-policy.spec index 9ba2a8d..30041fb 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 50e97b781ea7a501c06f8a86e94cbbdfe5a86720 +%global commit0 26ad838210206ef428322035335b92090fcee7c9 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 efd95248a3e798cde8f7ed2e5667561add118588 +%global commit1 7dabd9fa102e21b3e7c91a0e2eef6854e9f0f40d %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.4 -Release: 19%{?dist} +Release: 20%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -787,6 +787,14 @@ exit 0 %endif %changelog +* Thu May 30 2019 Lukas Vrabec - 3.14.4-20 +- Allow pcp_pmcd_t domain to domtrans to mdadm_t domain BZ(1714800) +- Allow spamd_update_t to exec itsef +- Fix broken logwatch SELinux module +- Allow logwatch_mail_t to manage logwatch cache files/dirs +- Update wireshark_t domain to use several sockets +- Allow sysctl_rpc_t and sysctl_irq_t to be stored on fs_t + * Mon May 27 2019 Lukas Vrabec - 3.14.4-19 - Fix bind_read_cache() interface to allow only read perms to caller domains - [speech-dispatcher.if] m4 macro names can not have - in them diff --git a/sources b/sources index c2ef661..ee9615b 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -SHA512 (selinux-policy-contrib-efd9524.tar.gz) = 4ab58df002e0c604c98d86c9ece13597fd1ce181b2665df900a8a7b5076f6fe85a8ec0c7df59d15859e4fd91897405b902b9cf2ce14e4f9d3a0c3ac4ac2283a9 -SHA512 (selinux-policy-50e97b7.tar.gz) = 519ef4dda2fb4f3e72f885043c893d54adccd6ca6edca6b87d3601fa79cfece787b8cfc1493aaa524d438132560007ef246e0427f1ad738e8af8aaa7b5c200f0 -SHA512 (container-selinux.tgz) = 6bf3a9a88a7557a88953049900322ba6f0913e5e9c0ac56c1a184d49bf3a5e5bc2374ac49793f2a0faba3573a24edf8cbf21d526a10be67378c8d5f4a279eca1 +SHA512 (selinux-policy-contrib-7dabd9f.tar.gz) = 21870f25d058d2c480c6a4486fed1089ea6ef5d6dffa950127305c1d396b1027ad803177b070a3cb83c4eec3b1a5c8e5b4fe7dcc7adc90851abb909fa347b997 +SHA512 (selinux-policy-26ad838.tar.gz) = cc1ec3ea59673fb8042f5ff59eb369f6f57d698e99aa70daa141232c4b00e3a994a6e9940a836b790dceaa63575a06cc2b4a4fec20b43e3be35335c928c6d099 +SHA512 (container-selinux.tgz) = dc93b03f3163f93389ce0ecd2cf48c65f02a52e7b4d70fc37aacaad68161d0b20c45f14e768153e33712d4943814cb13cfcc439c01bde876e1c37b8d48c5f7bb SHA512 (macro-expander) = b4f26e7ed6c32b3d7b3f1244e549a0e68cb387ab5276c4f4e832a9a6b74b08bea2234e8064549d47d1b272dbd22ef0f7c6b94cd307cc31ab872f9b68206021b2