* Thu Oct 24 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.12-1

- Dontaudit subscription manager setfscreate and read file contexts Resolves: RHEL-58009 - Allow the sysadm user use the secretmem API Resolves: RHEL-40953 - Allow sudodomain list files in /var Resolves: RHEL-58068 - Allow gnome-remote-desktop watch /etc directory Resolves: RHEL-35877 - Allow journalctl connect to systemd-userdbd over a unix socket Resolves: RHEL-58072 - systemd: allow sys_admin capability for systemd_notify_t Resolves: RHEL-58072 - Allow some confined users send to lldpad over a unix dgram socket Resolves: RHEL-61634 - Allow lldpad send to sysadm_t over a unix dgram socket Resolves: RHEL-61634 - Allow lldpd connect to systemd-machined over a unix socket Resolves: RHEL-61634
2024-10-24 22:27:53 +02:00 · 2024-10-24 22:27:53 +02:00 · f4aa9187f8
commit f4aa9187f8
parent 04fa3da045
2 changed files with 24 additions and 4 deletions
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit 8bd697eb1084334fbee9a68f037255765e8504c5
+%global commit e0e55ecfdebae28221324ff62a7784fe509617df
 %global shortcommit %(c=%{commit}; echo ${c:0:7})

 %define distro redhat
@ -23,7 +23,7 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 40.13.11
+Version: 40.13.12
 Release: 1%{?dist}
 License: GPL-2.0-or-later
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
@ -860,6 +860,26 @@ exit 0
 %endif

 %changelog
+* Thu Oct 24 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.12-1
+- Dontaudit subscription manager setfscreate and read file contexts
+Resolves: RHEL-58009
+- Allow the sysadm user use the secretmem API
+Resolves: RHEL-40953
+- Allow sudodomain list files in /var
+Resolves: RHEL-58068
+- Allow gnome-remote-desktop watch /etc directory
+Resolves: RHEL-35877
+- Allow journalctl connect to systemd-userdbd over a unix socket
+Resolves: RHEL-58072
+- systemd: allow sys_admin capability for systemd_notify_t
+Resolves: RHEL-58072
+- Allow some confined users send to lldpad over a unix dgram socket
+Resolves: RHEL-61634
+- Allow lldpad send to sysadm_t over a unix dgram socket
+Resolves: RHEL-61634
+- Allow lldpd connect to systemd-machined over a unix socket
+Resolves: RHEL-61634
+
 * Wed Oct 23 2024 Zdenek Pytela <zpytela@redhat.com> - 40.13.11-1
 - Allow ping_t read network sysctls
 Resolves: RHEL-54299
--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (selinux-policy-8bd697e.tar.gz) = 820169bad6c07798cbbad0162277dd56a7a03033c49359bcb29f54ddcab05a0578768104a53fb5b67f603322627eff5e6248cdc7978b60907d2ff7154e512352
+SHA512 (selinux-policy-e0e55ec.tar.gz) = 022d133c47e8e67cb75c972fe370c9090e26c503c059032240644797f54bde1f20a031d7c47e2bc8992db11a065200a9bcbdb433d42acd711cb67a4b8e7d7bf2
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = 83692669c66048da0a929375148e4a38e96ca74253cff6a7c379b94c5e3cbc13c32f1dd2b8c309058999a1bac55d21e34f5a41cdebb867aa50878cc55fa4f99d
+SHA512 (container-selinux.tgz) = 0294ced7a954c32434e479b074b38c1763be6f55f037031f12d89ea920ec998e347ae08181e1e15198f6362e0a2314f27d071f9f0a48988d00bdcd9380691a76