From e6300e8cc0a7f3b9eed9e2ec7ffbb841c43ae446 Mon Sep 17 00:00:00 2001 From: Nikola Knazekova Date: Fri, 26 May 2023 15:00:57 +0200 Subject: [PATCH] * Fri May 26 2023 Nikola Knazekova - 38.1.14-1 - Allow firewalld rw ica_tmpfs_t files Resolves: rhbz#2207487 - Add chromium_sandbox_t setcap capability Resolves: rhbz#2187893 - Allow certmonger manage cluster library files Resolves: rhbz#2179022 - Allow wireguard to rw network sysctls Resolves: rhbz#2192154 - Label /usr/lib/systemd/system/proftpd.* & vsftpd.* with ftpd_unit_file_t Resolves: rhbz#2188173 - Allow plymouthd_t bpf capability to run bpf programs Resolves: rhbz#2184803 - Update pkcsslotd policy for sandboxing Resolves: rhbz#2209235 - Allow unconfined_service_t to create .gnupg labeled as gpg_secret_t Resolves: rhbz#2203201 --- selinux-policy.spec | 22 ++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index a6170d07..862f5c33 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit a7118057164c6e19e5cab2a48c0c495af259846c +%global commit b4e2d74e978b62e5a4941786536ff32f05c578d1 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 38.1.13 +Version: 38.1.14 Release: 1%{?dist} License: GPLv2+ Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -809,6 +809,24 @@ exit 0 %endif %changelog +* Fri May 26 2023 Nikola Knazekova - 38.1.14-1 +- Allow firewalld rw ica_tmpfs_t files +Resolves: rhbz#2207487 +- Add chromium_sandbox_t setcap capability +Resolves: rhbz#2187893 +- Allow certmonger manage cluster library files +Resolves: rhbz#2179022 +- Allow wireguard to rw network sysctls +Resolves: rhbz#2192154 +- Label /usr/lib/systemd/system/proftpd.* & vsftpd.* with ftpd_unit_file_t +Resolves: rhbz#2188173 +- Allow plymouthd_t bpf capability to run bpf programs +Resolves: rhbz#2184803 +- Update pkcsslotd policy for sandboxing +Resolves: rhbz#2209235 +- Allow unconfined_service_t to create .gnupg labeled as gpg_secret_t +Resolves: rhbz#2203201 + * Thu May 18 2023 Nikola Knazekova - 38.1.13-1 - Allow insights-client work with teamdctl Resolves: rhbz#2190178 diff --git a/sources b/sources index e4722d2d..d1df73ff 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-a711805.tar.gz) = 2bb763ce633e888c695e2fa5c41054227903779463d672122b79c2c38faaddf3a984e99e22f7d022fb48791102ff3d4bb7a1e958d98230fba4dde5dde53d026f -SHA512 (container-selinux.tgz) = 60fbaba6dee06bed01882fb15caad3ffa6a462dbe5b151136dd249927bf1c0e5eff3cb8fba866ba0c554ff322f0f76e2046f0ad2ef199fd0504f66b6471243c2 +SHA512 (selinux-policy-b4e2d74.tar.gz) = 9cfaa214fe28a16c64eacf37e07e4f05b678e88c25c18e2efa9e80c916898da12a8ebd91d82bb098e7699e02c3a1ae8cc6ab5ee7377037b5285f9478e2f9e39f +SHA512 (container-selinux.tgz) = 2bf09742b7bc586a2172284a33131a6f50e9b2724880907d78340f08b79b34bdfefbf854c775338ceadfc3f8e79fbe3c5afbe2711e9f3f852f2af680ec55ded0 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4