267548 * Thu Apr 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-13

Authored and Committed by Lukas Vrabec 5 years ago
    * Thu Apr 25 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.4-13
    - Introduce deny_bluetooth boolean
    - Allow greylist_milter_t to read network system state BZ(1702672)
    - Allow freeipmi domains to mmap freeipmi_var_cache_t files
    - Allow rhsmcertd_t and rpm_t domains to chat over dbus
    - Allow thumb_t domain to delete cache_home_t files BZ(1701643)
    - Update gnome_role_template() to allow _gkeyringd_t domains to chat with systemd_logind over dbus
    - Add new interface boltd_dbus_chat()
    - Allow fwupd_t and modemmanager_t domains to communicate over dbus BZ(1701791)
    - Allow keepalived_t domain to create and use netlink_connector sockets BZ(1701750)
    - Allow cockpit_ws_t domain to set limits BZ(1701703)
    - Update Nagios policy when sudo is used
    - Deamon rhsmcertd is able to install certs for docker again
    - Introduce deny_bluetooth boolean
    - Don't allow a container to connect to random services
    - Remove file context /usr/share/spamassassin/sa-update\.cron -> bin_t to label sa-update.cron as spamd_update_exec_t.
    - Allow systemd_logind_t and systemd_resolved_t domains to chat over dbus
    - Allow unconfined_t to use bpf tools
    - Allow x_userdomains to communicate with boltd daemon over dbus
    
        
file modified
+2 -0
file modified
+23 -3
file modified
+3 -4