* Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9

- Allow varnish map its private tmp files
- Allow dovecot bind to smtp ports
- Change fetchmail temporary files path to /var/spool/mail
- Allow cups_pdf_t domain to communicate with unix_dgram_socket
- Set file context for symlinks in /etc/httpd to etc_t
- Allow rpmdb rw access to inherited console, ttys, and ptys
- Allow dnsmasq read public files
- Announce merging of selinux-policy and selinux-policy-contrib
- Label /etc/resolv.conf as net_conf_t only if it is a plain file
- Fix range for unreserved ports
- Add files_search_non_security_dirs() interface
- Introduce logging_syslogd_append_public_content tunable
- Add miscfiles_append_public_files() interface

selinux-policy.spec

@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 a324430fd4e7a1bf6aa64757a951a8a6320aa47e
+%global commit0 f1505fca7063b21b5f2ef90f904032c5cc023a22
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 0cfef67283f2b55664c99611f2fcdf8fd47c63d9
+%global commit1 dad9c7670560b550c3837a3bd2237a94c3e54814
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.7
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -807,6 +807,21 @@ exit 0
 %endif
 
 %changelog
+* Tue Nov 24 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-9
+- Allow varnish map its private tmp files
+- Allow dovecot bind to smtp ports
+- Change fetchmail temporary files path to /var/spool/mail
+- Allow cups_pdf_t domain to communicate with unix_dgram_socket
+- Set file context for symlinks in /etc/httpd to etc_t
+- Allow rpmdb rw access to inherited console, ttys, and ptys
+- Allow dnsmasq read public files
+- Announce merging of selinux-policy and selinux-policy-contrib
+- Label /etc/resolv.conf as net_conf_t only if it is a plain file
+- Fix range for unreserved ports
+- Add files_search_non_security_dirs() interface
+- Introduce logging_syslogd_append_public_content tunable
+- Add miscfiles_append_public_files() interface
+
 * Fri Nov 13 2020 Zdenek Pytela <zpytela@redhat.com> - 3.14.7-8
 - Set correct default file context for /usr/libexec/pcp/lib/*
 - Introduce rpmdb_t type

sources

@@ -1,4 +1,4 @@
-SHA512 (selinux-policy-a324430.tar.gz) = ea00f0e2e50f07d3394a38dc1c407e9d6848db26fd1c1b3a9550c8b109d3cc1d960ebff3f6b73d99a82bc5899790dfe87795f185d3de15eca9e1f5f9d5b8bbcd
-SHA512 (selinux-policy-contrib-0cfef67.tar.gz) = b894731b619fd015e47a39398e41b58d74b308f0f5bf6a5bcf9adb945854c49af160d7d5d111bad08df4f0c0e98c7588f4630469b11c65c51b1b51777868a1f0
-SHA512 (container-selinux.tgz) = 08fe2e197630012f3937ffa18bee5c658494e559ae3aa332bd9fac8a22ee4f7f12142ed18f92bd56486201798f3170cab3a1ed10241e7ebc91af2e1aafd42c68
+SHA512 (selinux-policy-f1505fc.tar.gz) = 5831821766fbb6ae0c86d81b1f8d0ff1590f7fb26309e3a0ced33cb6348d61808dbf65ef78a2f91df951593bbd39397d8601307a5e530d606924f1d2c72f6cd8
+SHA512 (selinux-policy-contrib-dad9c76.tar.gz) = 072136b1064f903f74d2ca42ba1753f8b3aea29c634644abc9a0fae700d3d642ec764d39608dc1f10542cb954d5cc838eafe6ecfb5e974c78d979fa8a93e962d
+SHA512 (container-selinux.tgz) = 6dffeaaaea1c87052a1f8481d93ddca98899b63167f7c0a4960572431b08d3e34dff7b5cfb4dc6c62bac6d4ae30b964e0d410dcc6d1476d73cf048080ddd56e6
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4