* Thu Sep 22 2022 Zdenek Pytela <zpytela@redhat.com> - 37.12-1

- nut-upsd: kernel_read_system_state, fs_getattr_cgroup - Add numad the ipc_owner capability - Allow gst-plugin-scanner read virtual memory sysctls - Allow init read/write inherited user fifo files - Update dnssec-trigger policy: setsched, module_request - added policy for systemd-socket-proxyd - Add the new 'cmd' permission to the 'io_uring' class - Allow winbind-rpcd read and write its key ring - Label /run/NetworkManager/no-stub-resolv.conf net_conf_t - blueman-mechanism can read ~/.local/lib/python*/site-packages directory - pidof executed by abrt can readlink /proc/*/exe - Fix typo in comment - Do not run restorecon /etc/NetworkManager/dispatcher.d in mls and minimum
2022-09-22 22:59:43 +02:00 · 2022-09-22 22:59:43 +02:00 · dde90d74a7
commit dde90d74a7
parent 0f27d97ff5
2 changed files with 19 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit e485345b572121f09778da9c146cf1bcd22ae0cf
+%global commit f60ed3b80468627c2d34be7d95084ae5c6ddb342
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 37.11
+Version: 37.12
 Release: 1%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -816,6 +816,21 @@ exit 0
 %endif

 %changelog
+* Thu Sep 22 2022 Zdenek Pytela <zpytela@redhat.com> - 37.12-1
+- nut-upsd: kernel_read_system_state, fs_getattr_cgroup
+- Add numad the ipc_owner capability
+- Allow gst-plugin-scanner read virtual memory sysctls
+- Allow init read/write inherited user fifo files
+- Update dnssec-trigger policy: setsched, module_request
+- added policy for systemd-socket-proxyd
+- Add the new 'cmd' permission to the 'io_uring' class
+- Allow winbind-rpcd read and write its key ring
+- Label /run/NetworkManager/no-stub-resolv.conf net_conf_t
+- blueman-mechanism can read ~/.local/lib/python*/site-packages directory
+- pidof executed by abrt can readlink /proc/*/exe
+- Fix typo in comment
+- Do not run restorecon /etc/NetworkManager/dispatcher.d in mls and minimum
+
 * Wed Sep 14 2022 Zdenek Pytela <zpytela@redhat.com> - 37.11-1
 - Allow tor get filesystem attributes
 - Allow utempter append to login_userdomain stream
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-e485345.tar.gz) = 9c25f7efa8d3f497f40bf5aeb180d588c794661b40b636a9adbf9d68d20a45dea0126f9b19eb0597e80c4486f9c13f882dc2733e34d5b81e0f5a575ce841f974
+SHA512 (selinux-policy-f60ed3b.tar.gz) = be057dc091cf9cedd18dedcf10025cd8af4f53f1464643276a9883c2814c91007d8c9c13eff23d5badeb9fd37cae5fb28a9c735ed0f2c3df81090254539682d8
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = 8a837e3865b5a56530ce34e36c829f6ddd6ab02ab0a4e16f1b73ee7345efd19f5bee90846dc0ee5acf8c0173b99b1ae961726c7069c20fb8fc69f2dbbac49481
+SHA512 (container-selinux.tgz) = d300ab419af8c16c5bcb24c35f715f83ba9e2b46320abeb6c33746d4aac6ef66448aede2ef63c7b78d5e541046b7a13b7c756854151a8bf61ce62f8d5c4404af