SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libsepol2-3.4-1.2.i586.rpm :

* Mon May 09 2022 Johannes Segitz - Update to version 3.4
* Add \'ioctl_skip_cloexec\' policy capability
* Add sepol_av_perm_to_string
* Add policy utilities
* Support IPv4/IPv6 address embedding
* Hardened/added many validations
* Add support for file types in writing out policy.conf
* Allow optional file type in genfscon rules
* Thu Nov 11 2021 Johannes Segitz - Update to version 3.3
* Dropped CVE-2021-36085.patch, CVE-2021-36086.patch, CVE-2021-36087.patch are all included
* Lot of smaller fixes identified by fuzzing
* Wed Jul 21 2021 Johannes Segitz - Fix heap-based buffer over-read in ebitmap_match_any (CVE-2021-36087, 1187928. Added CVE-2021-36087.patch
* Mon Jul 05 2021 Johannes Segitz - Fix use-after-free in __cil_verify_classperms (CVE-2021-36085, 1187965). Added CVE-2021-36085.patch- Fix use-after-free in cil_reset_classpermission (CVE-2021-36086, 1187964). Added CVE-2021-36086.patch
* Tue Mar 09 2021 Johannes Segitz - Update to version 3.2
* more space-efficient form of storing filename transitions in the binary policy and reduced the size of the binary policy
* dropped old and deprecated symbols and functions. Version was bumped to libsepol.so.2
* Thu Oct 29 2020 Ludwig Nussel - install to /usr (boo#1029961)
* Tue Jul 14 2020 Johannes Segitz - Update to version 3.1
* Add support for new polcap genfs_seclabel_symlinks
* Initialize the multiple_decls field of the cil db
* Return error when identifier declared as both type and attribute
* Write CIL default MLS rules on separate lines
* Sort portcon rules consistently
* Remove leftovers of cil_mem_error_handler
* Drop remove_cil_mem_error_handler.patch, is included
* Mon Apr 27 2020 Martin Liška - Enable -fcommon in order to fix boo#1160874.
* Tue Mar 03 2020 Johannes Segitz - Update to version 3.0
* cil: Allow validatetrans rules to be resolved
* cil: Report disabling an optional block only at high verbose levels
* cil: do not dereference perm_value_to_cil when it has not been allocated
* cil: fix mlsconstrain segfault
* Further improve binary policy optimization
* Make an unknown permission an error in CIL
* Remove cil_mem_error_handler() function pointer
* Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping
* Add a function to optimize kernel policy
* Add ebitmap_for_each_set_bit macro Dropped fnocommon.patch as it\'s included upstream
* Thu Jan 30 2020 Johannes Segitz - Add fnocommon.patch to prevent build failures on gcc10 and remove_cil_mem_error_handler.patch to prevent build failures due to leftovers from the removal of cil_mem_error_handler (bsc#1160874)
* Thu Jun 20 2019 Martin Liška - Disable LTO due to symbol versioning (boo#1138813).
* Wed Mar 20 2019 jsegitzAATTsuse.com- Update to version 2.9
* Add two new Xen initial SIDs
* Check that initial sid indexes are within the valid range
* Create policydb_sort_ocontexts()
* Eliminate initial sid string definitions in module_to_cil.c
* Rename kernel_to_common.c stack functions
* add missing ibendport port validity check
* destroy the copied va_list
* do not call malloc with 0 byte
* do not leak memory if list_prepend fails
* do not use uninitialized value for low_value
* fix endianity in ibpkey range checks
* ibpkeys.c: fix printf format string specifiers for subnet_prefix
* mark permissive types when loading a binary policy
* Thu Nov 08 2018 Jan Engelhardt - Use more %make_install.
* Thu Nov 08 2018 jsegitzAATTsuse.com- Adjusted source urls (bsc#1115052)
* Wed Oct 17 2018 jsegitzAATTsuse.com- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
* Wed May 16 2018 mceplAATTsuse.com- Rebase to 2.7 For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt
  
ICM