diff --git a/selinux-policy.spec b/selinux-policy.spec index 23556dc8..3b50b04d 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 61128219cb2270144668ecdde8e00b074dc898f8 +%global commit 3d165a6733390d9313d4360831f48379b7b13fc0 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.13.9 +Version: 40.13.10 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -860,6 +860,54 @@ exit 0 %endif %changelog +* Wed Oct 16 2024 Zdenek Pytela - 40.13.10-1 +- Confine gnome-remote-desktop +Resolves: RHEL-35877 +- Allow virtqemud get attributes of a tmpfs filesystem +Resolves: RHEL-40855 +- Allow virtqemud get attributes of cifs files +Resolves: RHEL-40855 +- Allow virtqemud get attributes of filesystems with extended attributes +Resolves: RHEL-39668 +- Allow virtqemud get attributes of NFS filesystems +Resolves: RHEL-40855 +- Add support for secretmem anon inode +Resolves: RHEL-40953 +- Allow systemd-sleep read raw disk data +Resolves: RHEL-49600 +- Allow systemd-hwdb send messages to kernel unix datagram sockets +Resolves: RHEL-50810 +- Label /run/modprobe.d with modules_conf_t +Resolves: RHEL-54591 +- Allow setsebool_t relabel selinux data files +Resolves: RHEL-55412 +- Don't audit crontab_domain write attempts to user home +Resolves: RHEL-56349 +- Differentiate between staff and sysadm when executing crontab with sudo +Resolves: RHEL-56349 +- Add crontab_admin_domtrans interface +Resolves: RHEL-56349 +- Add crontab_domtrans interface +Resolves: RHEL-56349 +- Allow boothd connect to kernel over a unix socket +Resolves: RHEL-58060 +- Fix label of pseudoterminals created from sudodomain +Resolves: RHEL-58068 +- systemd: allow systemd_notify_t to send data to kernel_t datagram sockets +Resolves: RHEL-58072 +- Allow rsyslog read systemd-logind session files +Resolves: RHEL-40961 +- Label /dev/mmcblk0rpmb character device with removable_device_t +Resolves: RHEL-55265 +- Label /dev/hfi1_[0-9]+ devices +Resolves: RHEL-62836 +- Label /dev/papr-sysparm and /dev/papr-vpd +Resolves: RHEL-56908 +- Support SGX devices +Resolves: RHEL-62354 +- Suppress semodule's stderr +Resolves: RHEL-59192 + * Mon Aug 26 2024 Zdenek Pytela - 40.13.9-1 - Allow virtqemud relabelfrom also for file and sock_file Resolves: RHEL-49763 diff --git a/sources b/sources index ea111bb2..6ff0f168 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-6112821.tar.gz) = 209217ec7e38a8d5fc43dc708e30cc88fe3c7fd4d3f6101784ca99f953bc001663165b4156695edbd491dca1aeaefe0317dcf59e059bce10e2ed4639391c34e0 +SHA512 (selinux-policy-3d165a6.tar.gz) = 80fc827310948e08adaeb79c435cc9d2001837c116176935ef88ea61c64cfd9e8f3383233b9c18ec2784cc0525ecc37ef07fb1aa6d21ede93b57985927896978 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = 482e9d3a48c09c679539d2f9039a647d69ee1c9dd4dbef26a25d3dd350137cfe51ac8695685ae0078bc75c38d41a2e4a2554064a9111083f07ffe32aa3044d9e +SHA512 (container-selinux.tgz) = 4017faf0474630bfc4dc431135d6793c85fc4978c37ee8a6e4afa529c10fdaa03a58145b23dfc7854fc705f7c9ba7400a3b744568ac44b9f9d87186610e0405c