diff --git a/.gitignore b/.gitignore index 8f81b61..6283ef6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ SOURCES/container-selinux.tgz -SOURCES/selinux-policy-37ca182.tar.gz -SOURCES/selinux-policy-contrib-edff20c.tar.gz +SOURCES/selinux-policy-a7e85c6.tar.gz +SOURCES/selinux-policy-contrib-de298c0.tar.gz diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata index c08f943..45936aa 100644 --- a/.selinux-policy.metadata +++ b/.selinux-policy.metadata @@ -1,3 +1,3 @@ -bdd824c2ee9aeb8855b4105a0fee20989f77f53a SOURCES/container-selinux.tgz -a0cdb44884f5744c4da702967912f2132a890085 SOURCES/selinux-policy-37ca182.tar.gz -b80f75876a9439cf0a65f4a827f937c113d63b12 SOURCES/selinux-policy-contrib-edff20c.tar.gz +3d506da2d5cd9fa27422e9eb221bf6db6f8eb0c4 SOURCES/container-selinux.tgz +2a6ec8f210558023c7a04c086e24b41da86dcc81 SOURCES/selinux-policy-a7e85c6.tar.gz +148932e85db4650ccd9655e028339d261481b318 SOURCES/selinux-policy-contrib-de298c0.tar.gz diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec index 3b5c8d6..c898d29 100644 --- a/SPECS/selinux-policy.spec +++ b/SPECS/selinux-policy.spec @@ -1,11 +1,11 @@ # github repo with selinux-policy base sources %global git0 https://github.com/fedora-selinux/selinux-policy -%global commit0 37ca182df71de078e091e4bc1bfe11ebaee503f0 +%global commit0 a7e85c695fd9c8fc26aa5d2dc4668363b997619e %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) # github repo with selinux-policy contrib sources %global git1 https://github.com/fedora-selinux/selinux-policy-contrib -%global commit1 edff20caf7143e846bc2e50266ffd99d4dc859d3 +%global commit1 de298c09b9c949291effa80a5d975f3cd4362ef6 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7}) %define distro redhat @@ -29,7 +29,7 @@ Summary: SELinux policy configuration Name: selinux-policy Version: 3.14.3 -Release: 72%{?dist} +Release: 74%{?dist} License: GPLv2+ Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz @@ -715,6 +715,32 @@ exit 0 %endif %changelog +* Fri Jul 16 2021 Zdenek Pytela - 3.14.3-74 +- Allow dyntransition from sshd_t to unconfined_t +Resolves: rhbz#1947841 + +* Wed Jul 14 2021 Zdenek Pytela - 3.14.3-73 +- Removed adding to attribute unpriv_userdomain from userdom_unpriv_type template +Resolves: rhbz#1947841 +- Allow transition from xdm domain to unconfined_t domain. +Resolves: rhbz#1947841 +- Allow nftables read NetworkManager unnamed pipes +Resolves: rhbz#1967857 +- Create a policy for systemd-journal-upload +Resolves: rhbz#1913414 +- Add dev_getattr_infiniband_dev() interface. +Resolves: rhbz#1972522 +- Allow tcpdump and nmap get attributes of infiniband_device_t +Resolves: rhbz#1972522 +- Allow fcoemon create sysfs files +Resolves: rhbz#1978562 +- Allow nftables read NetworkManager unnamed pipes +Resolves: rhbz#1967857 +- Allow radius map its library files +Resolves: rhbz#1854650 +- Allow arpwatch get attributes of infiniband_device_t devices +Resolves: rhbz#1936522 + * Tue Jun 29 2021 Zdenek Pytela - 3.14.3-72 - Allow systemd-sleep get attributes of fixed disk device nodes Resolves: rhbz#1931460