From 9484341286d3badef25cf226d6a0c3cdc000d80d Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Fri, 13 Dec 2024 15:45:13 +0100 Subject: [PATCH] * Fri Dec 13 2024 Zdenek Pytela - 38.1.50-1 - Allow auditctl signal auditd Resolves: RHEL-68969 - Fix the cups_read_pid_files() interface to use read_files_pattern Resolves: RHEL-69517 - Dontaudit systemd-coredump the sys_resource capability Resolves: RHEL-46339 - Allow rpcd read network sysctls Resolves: RHEL-1558 - Allow irqbalance setpcap capability in the user namespace Resolves: RHEL-69564 - Allow traceroute_t bind rawip sockets to unreserved ports Resolves: RHEL-54561 - Allow svirt_t the sys_rawio capability Resolves: RHEL-56955 - Change /run/sysctl\.d(/.*)? fc entry to /var/run/sysctl\.d(/.*)? Resolves: RHEL-56988 - Exclude container-selinux manpage from selinux-policy-doc Resolves: RHEL-69916 --- selinux-policy.spec | 24 ++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 3da92d25..ade63858 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit a26d0d27beaf0781cd25e1e6ea28aed006a7f1cc +%global commit 3a359800c89fe7a36b9781bde6cf228235978831 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.1.49 +Version: 38.1.50 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -810,6 +810,26 @@ exit 0 %endif %changelog +* Fri Dec 13 2024 Zdenek Pytela - 38.1.50-1 +- Allow auditctl signal auditd +Resolves: RHEL-68969 +- Fix the cups_read_pid_files() interface to use read_files_pattern +Resolves: RHEL-69517 +- Dontaudit systemd-coredump the sys_resource capability +Resolves: RHEL-46339 +- Allow rpcd read network sysctls +Resolves: RHEL-1558 +- Allow irqbalance setpcap capability in the user namespace +Resolves: RHEL-69564 +- Allow traceroute_t bind rawip sockets to unreserved ports +Resolves: RHEL-54561 +- Allow svirt_t the sys_rawio capability +Resolves: RHEL-56955 +- Change /run/sysctl\.d(/.*)? fc entry to /var/run/sysctl\.d(/.*)? +Resolves: RHEL-56988 +- Exclude container-selinux manpage from selinux-policy-doc +Resolves: RHEL-69916 + * Fri Dec 06 2024 Zdenek Pytela - 38.1.49-1 - Update virtlogd policy Resolves: RHEL-69433 diff --git a/sources b/sources index bf80a41d..3c5018b7 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-a26d0d2.tar.gz) = f29d88580698e4a42d4dad2167f89322a1f60eacf0dca5c2bc1bd96f2d9d3172922514d15872db6ebb58c3e5e659b4578b2535717b37fb3d4dd10610b0b03ef0 -SHA512 (container-selinux.tgz) = 10b7c96a57eb600466547b8aee6fe062b9eb2afc7a71846877a33755656a5e16bea429e27911746bde86730027580de09a677c6289233b69b0faccee0968abb7 +SHA512 (selinux-policy-3a35980.tar.gz) = 1440e81e39a67d981a55472a6906383a785374799cc0b3518292352f16145787d2842cdccc19b79e701052ac7df61e01397feccf07f760d0f7a5dd0ec95cdf64 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 +SHA512 (container-selinux.tgz) = ba99863dc10f900452046a8653645b9b5ea3e9464607cd90246751ee8fad364ae14283d738fff0beb069e735cd2bc04a99d10153d696fa29ae5bef5846d3ea36