* Wed Dec 13 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-133

- Label /dev/acpi_thermal_rel char device with acpi_device_t
Resolves: RHEL-18027
- Allow sysadm execute traceroute in sysadm_t domain using sudo
Resolves: RHEL-9947
- Allow sysadm execute tcpdump in sysadm_t domain using sudo
Resolves: RHEL-15398
- Add support for syslogd unconfined scripts
Resolves: RHEL-10087
- Label /dev/wmi/dell-smbios as acpi_device_t
Resolves: RHEL-18027
- Make named_zone_t and named_var_run_t a part of the mountpoint attribute
Resolves: RHEL-1954
- Dontaudit rhsmcertd write memory device
Resolves: RHEL-17721

.gitignore

@@ -28,3 +28,5 @@ SOURCES/selinux-policy-contrib-c6da44c.tar.gz
 /selinux-policy-8974fee.tar.gz
 /selinux-policy-420a39f.tar.gz
 /selinux-policy-contrib-5b3c7b8.tar.gz
+/selinux-policy-fc55894.tar.gz
+/selinux-policy-contrib-98baf55.tar.gz

selinux-policy.spec

@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 420a39fe6aae5204f9a6908c1ad7bc56f6824f01
+%global commit0 53d5c585c535c91819f0c1218e57678427e4be60
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 5b3c7b80f53230d74e49bd81bd3967e50914b46c
+%global commit1 98baf5555ab09962c55e8ed9e0099650205806c6
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.3
-Release: 132%{?dist}
+Release: 133%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -718,6 +718,22 @@ exit 0
 %endif
 
 %changelog
+* Wed Dec 13 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-133
+- Label /dev/acpi_thermal_rel char device with acpi_device_t
+Resolves: RHEL-18027
+- Allow sysadm execute traceroute in sysadm_t domain using sudo
+Resolves: RHEL-9947
+- Allow sysadm execute tcpdump in sysadm_t domain using sudo
+Resolves: RHEL-15398
+- Add support for syslogd unconfined scripts
+Resolves: RHEL-10087
+- Label /dev/wmi/dell-smbios as acpi_device_t
+Resolves: RHEL-18027
+- Make named_zone_t and named_var_run_t a part of the mountpoint attribute
+Resolves: RHEL-1954
+- Dontaudit rhsmcertd write memory device
+Resolves: RHEL-17721
+
 * Tue Nov 28 2023 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-132
 - Allow sudodomain read var auth files
 Resolves: RHEL-16567

sources

@@ -1,4 +1,4 @@
-SHA512 (selinux-policy-420a39f.tar.gz) = f3edd1b00f55f41734aca21f7e7f9875bbe7967201c3446ee2b4beb0eeff2c01e018a46b3fd6da72e0b5c4697a54256f1b74999fe5e06a304a5b7aed262d8294
-SHA512 (selinux-policy-contrib-5b3c7b8.tar.gz) = 7ff36632cb3d6b41a10b9bb6e32908946e03dbb5a11686fc1e4c3189b83da4a321a8b0baa13b68473fe3195e8d9356d2565498d4458e491b6fe41016d650414b
-SHA512 (container-selinux.tgz) = c3804666a91800dd8222ab0d5bd004b142a1e51c97466978a87186e9fc2d7ef331909b80dff23925a8f9854c568752102316fbd226006216b4264174c02a2597
+SHA512 (selinux-policy-53d5c58.tar.gz) = 05607b7aa77557e30e41a2365ee769e754cccc4fc0400d99004e2b5c1cf0d844e9072e0e0ce5d873020d74d427842520e11fd9b54c9c7c4d00127ce9bb9d9e47
+SHA512 (selinux-policy-contrib-98baf55.tar.gz) = 667d0e2cd3c94def1e84ec5ff33c8e97fc81f7714a7c9a3200beeffc7035f48fae49868f98561578ec70810649776f8ac2fb995318cd000993165b8321572be4
+SHA512 (container-selinux.tgz) = c99f8c50431efca6adb2473adcea5bd74e3c4837371ec9d6eadd8c648410e4b4e22e4cfe2c2acf46ee723020220211945770cd7d1878b5aa24cc347ffc81da22
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4