diff --git a/selinux-policy.spec b/selinux-policy.spec index 07e9de0d..6637e937 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 141c3fde08c02097e0b6fa179a33cc17371e9a22 +%global commit 53594444590ef87a16c960641d7b4d7ad5698212 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 34.1.22 +Version: 34.1.23 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -792,6 +792,48 @@ exit 0 %endif %changelog +* Wed Feb 02 2022 Zdenek Pytela - 34.1.23-1 +- Allow systemd nnp_transition to login_userdomain +Resolves: rhbz#2039453 +- Label /var/run/user/%{USERID}/dbus with session_dbusd_tmp_t +Resolves: rhbz#2000039 +- Change /run/user/[0-9]+ to /run/user/%{USERID} for proper labeling +Resolves: rhbz#2000039 +- Allow scripts to enter LUKS password +Resolves: rhbz#2048521 +- Allow system_mail_t read inherited apache system content rw files +Resolves: rhbz#2049372 +- Add apache_read_inherited_sys_content_rw_files() interface +Related: rhbz#2049372 +- Allow sanlock get attributes of filesystems with extended attributes +Resolves: rhbz#2047811 +- Associate stratisd_data_t with device filesystem +Resolves: rhbz#2039974 +- Allow init read stratis data symlinks +Resolves: rhbz#2039974 +- Label /run/stratisd with stratisd_var_run_t +Resolves: rhbz#2039974 +- Allow domtrans to sssd_t and role access to sssd +Resolves: rhbz#2039757 +- Creating interface sssd_run_sssd() +Resolves: rhbz#2039757 +- Fix badly indented used interfaces +Resolves: rhbz#2039757 +- Allow domain transition to sssd_t +Resolves: rhbz#2039757 +- Label /dev/nvme-fabrics with fixed_disk_device_t +Resolves: rhbz#2039759 +- Allow local_login_t nnp_transition to login_userdomain +Resolves: rhbz#2039453 +- Allow xdm_t nnp_transition to login_userdomain +Resolves: rhbz#2039453 +- Make cupsd_lpd_t a daemon +Resolves: rhbz#2039449 +- Label utilities for exFAT filesystems with fsadm_exec_t +Resolves: rhbz#1972225 +- Dontaudit sfcbd sys_ptrace cap_userns +Resolves: rhbz#2040311 + * Tue Jan 11 2022 Zdenek Pytela - 34.1.22-1 - Allow sshd read filesystem sysctl files Resolves: rhbz#2036585 diff --git a/sources b/sources index c36a1fd4..24993961 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-141c3fd.tar.gz) = 90afd1e124e12189e982fb8364c5e587172be1293bd638166445ff3b32199c4017887ce10308fb36ce63eb541f7e160e50c7bd69e238a9d25f203538c081010a +SHA512 (selinux-policy-5359444.tar.gz) = 92591c154fc615842df2229917d787ccbfa1f98afdaeb3dc8f710dd3ba24650e99332503d7ce25abfcabbf5316dab959d055117947f7d9bf53c646456c6cfd1f +SHA512 (container-selinux.tgz) = 18960ee80e3018284ccb0bfaad789fd326190c79c1b7db250b85231004ae02641687b30f723566b117e154de13e71eadd71596794873ec03af8c5a0fc277bae2 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = b333883bb0f6e359d7da5b742eccca1f8077879475dd93030244ccd905ab5aee8f08c50f2cb6681af8b6594095b17595474b1f3a0a149b3f113cf6bd6b7914b1