SELinux userspace 3.8-rc3 release

Resolves: RHEL-69451

.gitignore

@@ -236,3 +236,5 @@ libselinux-2.0.96.tgz
 /libselinux-3.7.tar.gz.asc
 /libselinux-3.8-rc1.tar.gz
 /libselinux-3.8-rc1.tar.gz.asc
+/libselinux-3.8-rc3.tar.gz
+/libselinux-3.8-rc3.tar.gz.asc

0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch

@@ -1,54 +0,0 @@
-From ac0fc6d50077a6f33df9859322e13a2434070d4c Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
-Date: Tue, 3 Dec 2024 16:54:48 +0100
-Subject: [PATCH] libselinux/utils: drop reachable assert in sefcontext_compile
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Content-type: text/plain
-
-The two asserts following qsort(3) where useful during development to
-ensure the comparison function and the corresponding pointer handling
-were correct.  They however do not take into account an empty file
-context definition file containing no definitions and thus `stab->nel`
-being NULL.  Drop the two asserts.
-
-Also return early to not depend on whether calloc(3) called with a size
-of zero returns NULL or a special value.
-
-Reported-by: Petr Lautrbach <lautrbach@redhat.com>
-Closes: https://lore.kernel.org/selinux/87jzchqck5.fsf@redhat.com/
-Fixes: 92306daf ("libselinux: rework selabel_file(5) database")
-Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
-Tested-by: Petr Lautrbach <lautrbach@redhat.com>
-Acked-by: James Carter <jwcart2@gmail.com>
----
- libselinux/utils/sefcontext_compile.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c
-index 23d312744016..e5da51ea12df 100644
---- a/libselinux/utils/sefcontext_compile.c
-+++ b/libselinux/utils/sefcontext_compile.c
-@@ -188,6 +188,9 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab)
- 	if (len != 1)
- 		return -1;
- 
-+	if (stab->nel == 0)
-+		return 0;
-+
- 	/* sort entries by id */
- 	sids = calloc(stab->nel, sizeof(*sids));
- 	if (!sids)
-@@ -203,8 +206,6 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab)
- 	}
- 	assert(index == stab->nel);
- 	qsort(sids, stab->nel, sizeof(struct security_id), security_id_compare);
--	assert(sids[0].id == 1);
--	assert(sids[stab->nel - 1].id == stab->nel);
- 
- 	/* write raw contexts sorted by id */
- 	for (uint32_t i = 0; i < stab->nel; i++) {
--- 
-2.47.0
-

changelog

@@ -1,3 +1,6 @@
+* Wed Dec 18 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.8-0.rc3.1
+- SELinux userspace 3.8-rc3 release
+
 * Wed Dec 04 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.8-0.rc1.2
 - libselinux/utils: drop reachable assert in sefcontext_compile
 

libselinux.spec

@@ -1,14 +1,14 @@
 %define ruby_inc %(pkg-config --cflags ruby)
-%define libsepolver 3.8-0
+%define libsepolver 3.8-0.rc3
 
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 3.8
-Release: 0.rc1.2%{?dist}
+Release: 0.rc3.1%{?dist}
 License: LicenseRef-Fedora-Public-Domain
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz
-Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz.asc
+Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz
+Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz.asc
 Source2: https://github.com/bachradsusi.gpg
 Source3: selinuxconlist.8
 Source4: selinuxdefcon.8
@@ -20,7 +20,6 @@ Url: https://github.com/SELinuxProject/selinux/wiki
 # $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
 # Patch list start
 Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch
-Patch0002: 0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch
 # Patch list end
 BuildRequires: gcc make
 BuildRequires: ruby-devel ruby libsepol-static >= %{libsepolver} swig pcre2-devel
@@ -93,7 +92,7 @@ needed for developing SELinux applications.
 
 %prep
 %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
-%autosetup -p 2 -n libselinux-%{version}-rc1
+%autosetup -p 2 -n libselinux-%{version}-rc3
 
 %build
 export DISABLE_RPM="y"

sources

@@ -1,2 +1,2 @@
-SHA512 (libselinux-3.8-rc1.tar.gz) = 16fbc4d903061f696b5396690da69b7bc18f158742c789ef70d543d51fe5015abc73d9205e3b147cec0d293a1448735e2b9e39edd562690156c946a0f53dcb38
-SHA512 (libselinux-3.8-rc1.tar.gz.asc) = 52e0fbf7e61fe6c67cfa2ca214bbf2cae94f016feeb3b317e8c4f6bffb9c2f3b93cfd425669c1c9fc97b35cdb77b2f153b11f9daa654817565aa40d76dc936f2
+SHA512 (libselinux-3.8-rc3.tar.gz) = 1c524441b5a1f9cadb68756f1453d6a89d8ea31d12228d4c5d38c791b734fb5013bdd7cae32a8ff7a1eefddaf07a9242773bdafa8deddd74c687bd3b43f85909
+SHA512 (libselinux-3.8-rc3.tar.gz.asc) = 7704fc74f51506fce16c89cad77ecee46f2523bd647ea6ac491cb60181dba7c9b4edc5a8783f77f50d71091c076ba2d8d2dbdf54cbd144f63ce4dc582a367f6a