* Thu May 25 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-121

- Update pkcsslotd policy for sandboxing 2/2
Resolves: rhbz#2208162
- Update pkcsslotd policy for sandboxing 1/2
Resolves: rhbz#2208162
- Allow abrt_t read kernel persistent storage files
Resolves: rhbz#2207914
- Add allow rules for lttng-sessiond domain
Resolves: rhbz#2203509
- Allow rpcd_lsad setcap and use generic ptys
Resolves: rhbz#2107106
- Allow samba-dcerpcd connect to systemd_machined over a unix socket
Resolves: rhbz#2107106
- Dontaudit targetd search httpd config dirs
Resolves: rhbz#2203720
This commit is contained in:
Zdenek Pytela 2023-05-25 21:29:12 +02:00
parent fc4cf3fb79
commit 534ee173e7
3 changed files with 24 additions and 6 deletions

2
.gitignore vendored
View File

@ -11,3 +11,5 @@ SOURCES/selinux-policy-contrib-c6da44c.tar.gz
/selinux-policy-contrib-2604c4b.tar.gz
/selinux-policy-e7dabe5.tar.gz
/selinux-policy-contrib-e782e71.tar.gz
/selinux-policy-7bf027b.tar.gz
/selinux-policy-contrib-15580d9.tar.gz

View File

@ -1,11 +1,11 @@
# github repo with selinux-policy base sources
%global git0 https://github.com/fedora-selinux/selinux-policy
%global commit0 e7dabe542cfc6bbc951f97ddd7e68c73367e57f3
%global commit0 7bf027bb89f2445187e0e6cfbe3737e7bf293839
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
# github repo with selinux-policy contrib sources
%global git1 https://github.com/fedora-selinux/selinux-policy-contrib
%global commit1 e782e713b1d431632ed0a1e989b8daecb1ef46df
%global commit1 15580d977236fc7023c929be975a79bda9d849a3
%global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
%define distro redhat
@ -29,7 +29,7 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.14.3
Release: 120%{?dist}
Release: 121%{?dist}
License: GPLv2+
Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@ -717,6 +717,22 @@ exit 0
%endif
%changelog
* Thu May 25 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-121
- Update pkcsslotd policy for sandboxing 2/2
Resolves: rhbz#2208162
- Update pkcsslotd policy for sandboxing 1/2
Resolves: rhbz#2208162
- Allow abrt_t read kernel persistent storage files
Resolves: rhbz#2207914
- Add allow rules for lttng-sessiond domain
Resolves: rhbz#2203509
- Allow rpcd_lsad setcap and use generic ptys
Resolves: rhbz#2107106
- Allow samba-dcerpcd connect to systemd_machined over a unix socket
Resolves: rhbz#2107106
- Dontaudit targetd search httpd config dirs
Resolves: rhbz#2203720
* Thu May 11 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-120
- Allow unconfined service inherit signal state from init
Resolves: rhbz#2177254

View File

@ -1,4 +1,4 @@
SHA512 (selinux-policy-e7dabe5.tar.gz) = ac82d23bef68e74c30f0ae4df71a17d259c657fd54e74e09e1afe2071c358b46c3de6246c84e01315a8b8ff62dbb8720dca9bac67077a82331316e6be7a9d9db
SHA512 (selinux-policy-contrib-e782e71.tar.gz) = 6a6cdc30a3ccb857d51742a79eeeb36faf0b34f3a7fd176cc4fe9862c1d1c97c080870b525860280e89a19af49e36f4a1af5e2df6556b81e6940dc2207f31ca7
SHA512 (selinux-policy-7bf027b.tar.gz) = b900b92cb478c8760066a92b940c3a7805b9e027f45b3f95db11c0f21e4bcc53b9aa2789c8ef27419bebc88e1241f83b754bf86df6d7080ed8d6177d8220dd99
SHA512 (selinux-policy-contrib-15580d9.tar.gz) = a1ff8e027c4cd1c432455a45ba81f704d7ab44a761a651fe642d2d14d8c1030ce36fcc5c8b18b31fcd8bf912abc37a4cc8f9c1d4e7e792c0afd3f13dd40905e1
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 0e30e47f16e1348f7cca16898e15385b258a996d9291a4fa1d6c21f2a89ae6e6863a562e3fda51de0cedd706cd2775b7a012cfb8776bba64c79bdf42f6bac4e7
SHA512 (container-selinux.tgz) = 67a310d0deded978c3c30c8ddafe50bb34797ec3b2d7220c9c0da7789befa632f10921e86846fe97c5f0b37c1b05d8a16084ef2010d8ac526d48154c09f8c82b