* Thu Oct 04 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-5

- Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650)
- Fix typo in boltd.te policy
- Allow fail2ban_t domain to mmap journal
- Add kill capability to named_t domain
- Allow neutron domain to read/write /var/run/utmp
- Create boltd_var_run_t type for boltd pid files
- Allow tomcat_domain to read /dev/random
- Allow neutron_t domain to use pam
- Add the port used by nsca (Nagios Service Check Acceptor)

.gitignore

@@ -310,3 +310,5 @@ serefpolicy*
 /selinux-policy-38c6414.tar.gz
 /selinux-policy-contrib-dab4b50.tar.gz
 /selinux-policy-446ee2a.tar.gz
+/selinux-policy-0813126.tar.gz
+/selinux-policy-contrib-ff6d7f4.tar.gz

selinux-policy.spec

@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 446ee2abb3b37bb0fe27fa313048069d3c83b0e7
+%global commit0 08131262642800aecab1c830382056bcc312bd55
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 dab4b50b7d2268b6cfb675754903b1a413008bba
+%global commit1 ff6d7f41cdba4524422558bf381447c1f8181014
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.3
-Release: 4%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
@@ -709,6 +709,17 @@ exit 0
 %endif
 
 %changelog
+* Thu Oct 04 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-5
+- Allow dictd_t domain to mmap dictd_var_lib_t files BZ(1634650)
+- Fix typo in boltd.te policy
+- Allow fail2ban_t domain to mmap journal
+- Add kill capability to named_t domain
+- Allow neutron domain to read/write /var/run/utmp
+- Create boltd_var_run_t type for boltd pid files
+- Allow tomcat_domain to read /dev/random
+- Allow neutron_t domain to use pam
+- Add the port used by nsca (Nagios Service Check Acceptor)
+
 * Mon Sep 24 2018 Lukas Vrabec <lvrabec@redhat.com> - 3.14.3-4
 - Update sources to include SELinux policy for containers
 

sources

@@ -1,3 +1,3 @@
-SHA512 (selinux-policy-contrib-dab4b50.tar.gz) = f75ccf7d02520c85ca80f80b00101713689595e82765605c6a3a33e6c6488fd04885b06ff36d50f88741182b8d010e5157133ff9a5679fc1a45bbd09b461859b
-SHA512 (selinux-policy-446ee2a.tar.gz) = a460286e138f0424cb2da998d72fa7f332f92713604d5d17aa55da79620591ccf857b9682984cc3b4a9965ad7178269ebadb512979d5c86d6ef288a7811c3d09
-SHA512 (container-selinux.tgz) = 56596d0044897ad64722f8fb5fffb8d308d257384e64c1da0fdb1856bc8de2550fdca39f49fcd086ea95a4a1504d252e0f697530452c67abde864a2606967b2e
+SHA512 (selinux-policy-0813126.tar.gz) = 9cd52f0513b8fe26ba5e8ef52dca203d58b09ce17c7ba2daab2b8a3b91e20d6188ed3dbebb388aab9329d636d63359cb34e5f65f49399b05da921a531f368fa2
+SHA512 (selinux-policy-contrib-ff6d7f4.tar.gz) = ec107276762235a01183a43428978a8b28e5e43c63abd255d7e2ebf9828230eaafe67539d6826f6934de4e6ef16fc9cda82b4c824172d20da55f1ff98803104a
+SHA512 (container-selinux.tgz) = 399c9b708e9acd91b42e27d086067b5959bf3df5de55c5f9d1cd8fa5c2c4723a136e7054c0f93c49be7e32d444ed7483f2a394de36c93fa508452ee3e2ef86d3