* Wed Oct 23 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.11-1

- Allow ping_t read network sysctls
Resolves: RHEL-54299
- Label /usr/lib/node_modules/npm/bin with bin_t
Resolves: RHEL-56350
- Label /run/sssd with sssd_var_run_t
Resolves: RHEL-57065
- Allow virtqemud read virtd_t files
Resolves: RHEL-57713
- Allow wdmd read hardware state information
Resolves: RHEL-57982
- Allow wdmd list the contents of the sysfs directories
Resolves: RHEL-57982
- Label /etc/sysctl.d and /run/sysctl.d with system_conf_t
Resolves: RHEL-58380
- Allow dirsrv read network sysctls
Resolves: RHEL-58381
- Allow lldpad create and use netlink_generic_socket
Resolves: RHEL-61634
- Allow unconfined_t execute kmod in the kmod domain
Resolves: RHEL-61755
- Confine the pcm service
Resolves: RHEL-52838
- Allow iio-sensor-proxy the bpf capability
Resolves: RHEL-62355
- Confine iio-sensor-proxy
Resolves: RHEL-62355
This commit is contained in:
Zdenek Pytela 2024-10-23 22:23:35 +02:00
parent b9f20bbf55
commit c615292dfa
2 changed files with 32 additions and 4 deletions

View File

@ -1,6 +1,6 @@
# github repo with selinux-policy sources
%global giturl https://github.com/fedora-selinux/selinux-policy
%global commit 3d165a6733390d9313d4360831f48379b7b13fc0
%global commit 8bd697eb1084334fbee9a68f037255765e8504c5
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%define distro redhat
@ -23,7 +23,7 @@
%define CHECKPOLICYVER 3.2
Summary: SELinux policy configuration
Name: selinux-policy
Version: 40.13.10
Version: 40.13.11
Release: 1%{?dist}
License: GPL-2.0-or-later
Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -860,6 +860,34 @@ exit 0
%endif
%changelog
* Wed Oct 23 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.11-1
- Allow ping_t read network sysctls
Resolves: RHEL-54299
- Label /usr/lib/node_modules/npm/bin with bin_t
Resolves: RHEL-56350
- Label /run/sssd with sssd_var_run_t
Resolves: RHEL-57065
- Allow virtqemud read virtd_t files
Resolves: RHEL-57713
- Allow wdmd read hardware state information
Resolves: RHEL-57982
- Allow wdmd list the contents of the sysfs directories
Resolves: RHEL-57982
- Label /etc/sysctl.d and /run/sysctl.d with system_conf_t
Resolves: RHEL-58380
- Allow dirsrv read network sysctls
Resolves: RHEL-58381
- Allow lldpad create and use netlink_generic_socket
Resolves: RHEL-61634
- Allow unconfined_t execute kmod in the kmod domain
Resolves: RHEL-61755
- Confine the pcm service
Resolves: RHEL-52838
- Allow iio-sensor-proxy the bpf capability
Resolves: RHEL-62355
- Confine iio-sensor-proxy
Resolves: RHEL-62355
* Wed Oct 16 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.10-1
- Confine gnome-remote-desktop
Resolves: RHEL-35877

View File

@ -1,3 +1,3 @@
SHA512 (selinux-policy-3d165a6.tar.gz) = 80fc827310948e08adaeb79c435cc9d2001837c116176935ef88ea61c64cfd9e8f3383233b9c18ec2784cc0525ecc37ef07fb1aa6d21ede93b57985927896978
SHA512 (selinux-policy-8bd697e.tar.gz) = 820169bad6c07798cbbad0162277dd56a7a03033c49359bcb29f54ddcab05a0578768104a53fb5b67f603322627eff5e6248cdc7978b60907d2ff7154e512352
SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
SHA512 (container-selinux.tgz) = 4017faf0474630bfc4dc431135d6793c85fc4978c37ee8a6e4afa529c10fdaa03a58145b23dfc7854fc705f7c9ba7400a3b744568ac44b9f9d87186610e0405c
SHA512 (container-selinux.tgz) = 83692669c66048da0a929375148e4a38e96ca74253cff6a7c379b94c5e3cbc13c32f1dd2b8c309058999a1bac55d21e34f5a41cdebb867aa50878cc55fa4f99d