* Wed Nov 30 2022 Zdenek Pytela <zpytela@redhat.com> - 38.1.2-1

- Allow insights client communicate with cupsd, mysqld, openvswitch, redis Resolves: rhbz#2124549 - Allow insights client read raw memory devices Resolves: rhbz#2124549 - Allow networkmanager_dispatcher_plugin work with nscd Resolves: rhbz#2149317 - Allow ipsec_t only read tpm devices Resolves: rhbz#2147380 - Watch_sb all file type directories. Resolves: rhbz#2139363 - Add watch and watch_sb dosfs interface Resolves: rhbz#2139363 - Revert "define lockdown class and access" Resolves: rhbz#2145266 - Allow postfix/smtpd read kerberos key table Resolves: rhbz#2145266 - Remove the lockdown class from the policy Resolves: rhbz#2145266 - Remove label for /usr/sbin/bgpd Resolves: rhbz#2145266 - Revert "refpolicy: drop unused socket security classes" Resolves: rhbz#2145266
2022-11-30 15:15:51 +01:00 · 2022-11-30 15:15:51 +01:00 · 81d47cf9bd
parent 9caf659df2
commit 81d47cf9bd
2 changed files with 28 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit 3c80e8b26a1ff6f8f282169e0971e705daddb01a
+%global commit c2406ec85d4e2917ba16518d5538df73e89f8343
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 38.1.1
+Version: 38.1.2
 Release: 1%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -808,6 +808,30 @@ exit 0
 %endif

 %changelog
+* Wed Nov 30 2022 Zdenek Pytela <zpytela@redhat.com> - 38.1.2-1
+- Allow insights client communicate with cupsd, mysqld, openvswitch, redis
+Resolves: rhbz#2124549
+- Allow insights client read raw memory devices
+Resolves: rhbz#2124549
+- Allow networkmanager_dispatcher_plugin work with nscd
+Resolves: rhbz#2149317
+- Allow ipsec_t only read tpm devices
+Resolves: rhbz#2147380
+- Watch_sb all file type directories.
+Resolves: rhbz#2139363
+- Add watch and watch_sb dosfs interface
+Resolves: rhbz#2139363
+- Revert "define lockdown class and access"
+Resolves: rhbz#2145266
+- Allow postfix/smtpd read kerberos key table
+Resolves: rhbz#2145266
+- Remove the lockdown class from the policy
+Resolves: rhbz#2145266
+- Remove label for /usr/sbin/bgpd
+Resolves: rhbz#2145266
+- Revert "refpolicy: drop unused socket security classes"
+Resolves: rhbz#2145266
+
 * Mon Nov 21 2022 Zdenek Pytela <zpytela@redhat.com> - 38.1.1-1
 - Rebase selinux-policy to the latest one in rawhide
 Resolves: rhbz#2082524
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-3c80e8b.tar.gz) = bdb86aadbcba4482c4dcb769bb02ded96e15e0fbad7792d643f1895830fb556796ec6d79eee00d0fbf610e14d33bb21dded9866a774bbaa35b0cb2f8ef3a6084
+SHA512 (selinux-policy-c2406ec.tar.gz) = 5f00bb39ae8883040e5e0e4968117fe94be8c3e4b3e988e046c55a17bcf858a9f3a6dedb3b677de2ded47e6330e1081bb01adc6545df80a92398ef4651c48136
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = bed458d923ef65e0a32252e12185b49e61c2dce277e7c1ff0fd9aa5426559428942d1b8d16e9a57ba3741d74ba1b283e08a9de71e44321db73ecac8c8e04348b
+SHA512 (container-selinux.tgz) = 011cbcdc028ef2441a7ad3d04d8c123298ca6c96e5b0c67f0e6726182c1f63a7dd2a9bfbbc21c64b4b49b5ae4aa957e4c3c91988de6f540d16e9c03a514751e0