From f4aa9187f8bd04df330ef9b27abcc3d744e7a85e Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Thu, 24 Oct 2024 22:27:53 +0200 Subject: [PATCH] * Thu Oct 24 2024 Zdenek Pytela - 40.13.12-1 - Dontaudit subscription manager setfscreate and read file contexts Resolves: RHEL-58009 - Allow the sysadm user use the secretmem API Resolves: RHEL-40953 - Allow sudodomain list files in /var Resolves: RHEL-58068 - Allow gnome-remote-desktop watch /etc directory Resolves: RHEL-35877 - Allow journalctl connect to systemd-userdbd over a unix socket Resolves: RHEL-58072 - systemd: allow sys_admin capability for systemd_notify_t Resolves: RHEL-58072 - Allow some confined users send to lldpad over a unix dgram socket Resolves: RHEL-61634 - Allow lldpad send to sysadm_t over a unix dgram socket Resolves: RHEL-61634 - Allow lldpd connect to systemd-machined over a unix socket Resolves: RHEL-61634 --- selinux-policy.spec | 24 ++++++++++++++++++++++-- sources | 4 ++-- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/selinux-policy.spec b/selinux-policy.spec index 6f5a445f..1aa4252b 100644 --- a/selinux-policy.spec +++ b/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit 8bd697eb1084334fbee9a68f037255765e8504c5 +%global commit e0e55ecfdebae28221324ff62a7784fe509617df %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,7 +23,7 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.13.11 +Version: 40.13.12 Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz @@ -860,6 +860,26 @@ exit 0 %endif %changelog +* Thu Oct 24 2024 Zdenek Pytela - 40.13.12-1 +- Dontaudit subscription manager setfscreate and read file contexts +Resolves: RHEL-58009 +- Allow the sysadm user use the secretmem API +Resolves: RHEL-40953 +- Allow sudodomain list files in /var +Resolves: RHEL-58068 +- Allow gnome-remote-desktop watch /etc directory +Resolves: RHEL-35877 +- Allow journalctl connect to systemd-userdbd over a unix socket +Resolves: RHEL-58072 +- systemd: allow sys_admin capability for systemd_notify_t +Resolves: RHEL-58072 +- Allow some confined users send to lldpad over a unix dgram socket +Resolves: RHEL-61634 +- Allow lldpad send to sysadm_t over a unix dgram socket +Resolves: RHEL-61634 +- Allow lldpd connect to systemd-machined over a unix socket +Resolves: RHEL-61634 + * Wed Oct 23 2024 Zdenek Pytela - 40.13.11-1 - Allow ping_t read network sysctls Resolves: RHEL-54299 diff --git a/sources b/sources index 0a6e70ed..3e77d9e3 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (selinux-policy-8bd697e.tar.gz) = 820169bad6c07798cbbad0162277dd56a7a03033c49359bcb29f54ddcab05a0578768104a53fb5b67f603322627eff5e6248cdc7978b60907d2ff7154e512352 +SHA512 (selinux-policy-e0e55ec.tar.gz) = 022d133c47e8e67cb75c972fe370c9090e26c503c059032240644797f54bde1f20a031d7c47e2bc8992db11a065200a9bcbdb433d42acd711cb67a4b8e7d7bf2 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4 -SHA512 (container-selinux.tgz) = 83692669c66048da0a929375148e4a38e96ca74253cff6a7c379b94c5e3cbc13c32f1dd2b8c309058999a1bac55d21e34f5a41cdebb867aa50878cc55fa4f99d +SHA512 (container-selinux.tgz) = 0294ced7a954c32434e479b074b38c1763be6f55f037031f12d89ea920ec998e347ae08181e1e15198f6362e0a2314f27d071f9f0a48988d00bdcd9380691a76