Changelog for
fapolicyd-selinux-1.3.2-1.el8.noarch.rpm :
* Wed Jul 19 2023 Radovan Sroka
- 1.3.2-1RHEL 8.9.0 ERRATUM- Rebase fapolicyd to the latest stable versionResolves: RHEL-519- RFE: send rule number to fanotify so it gets auditedResolves: RHEL-628- Default q_size doesn\'t match manpage\'s oneResolves: RHEL-629- fapolicyd can leak FDs and never answer request, causing target process to hang foreverResolves: RHEL-632- fapolicyd needs to make sure the FD limit is never reachedResolves: RHEL-631- fapolicyd still allows execution of a program after \"untrusting\" itResolves: RHEL-630- Fix broken backwards compatibility backend numbersResolves: RHEL-731- fapolicyd can create RPM DB files /var/lib/rpm/__db.xxx with bad ownership causing AVCs to occurResolves: RHEL-829- SELinux prevents the fapolicyd from reading symlink (cert_t)Resolves: RHEL-820
* Mon Jan 30 2023 Radovan Sroka - 1.1.3-12RHEL 8.8.0 ERRATUM- statically linked app can execute untrusted appResolves: rhbz#2088349- Starting manually fapolicyd while the service is already running breaks the systemResolves: rhbz#2103352- Cannot execute /usr/libexec/grepconf.sh when falcon-sensor is enabledResolves: rhbz#2087040- fapolicyd: Introduce filtering of rpmdbResolves: rhbz#2165645
* Fri Aug 05 2022 Radovan Sroka - 1.1.3-8RHEL 8.7.0 ERRATUM- rebase fapolicyd to the latest stable vesionResolves: rhbz#2100087- fapolicyd does not correctly handle SIGHUPResolves: rhbz#2070639- fapolicyd often breaks package updatesResolves: rhbz#2111243- drop libgcrypt in favour of opensslResolves: rhbz#2111935- fapolicyd.rules doesn\'t advertise that using a username/groupname instead of uid/gid also worksResolves: rhbz#2103914- fapolicyd gets way too easily killed by OOM killerResolves: rhbz#2100089- compiled.rules file ownership and modeResolves: rhbz#2066653- Faulty handling of static applicationsResolves: rhbz#2084497- Introduce ppid rule attributeResolves: rhbz#2102563- CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path [rhel-8.7.0]Resolves: rhbz#2069121- Fapolicyd denies access to /usr/lib64/ld-2.28.so [rhel-8.7.0]Resolves: rhbz#2068105
* Wed Feb 16 2022 Radovan Sroka - 1.1-1RHEL 8.6.0 ERRATUM- rebase to 1.1Resolves: rhbz#1939379- introduce rules.d featureResolves: rhbz#2054741- remove pretrans scriptletResolves: rhbz#2051485
* Mon Dec 13 2021 Zoltan Fridrich - 1.0.4-2RHEL 8.6.0 ERRATUM- rebase to 1.0.4- added rpm_sha256_only option- added trust.d directory- allow file names with whitespace in trust files- use full paths in trust filesResolves: rhbz#1939379- fix libc.so getting identified as application/x-executableResolves: rhbz#1989272- fix fapolicyd-dnf-plugin reporting as \'\'Resolves: rhbz#1997414- fix selinux DSP module definition in spec fileResolves: rhbz#2014445
* Thu Aug 19 2021 Radovan Sroka - 1.0.2-7- fapolicyd abnormally exits by executing sosreport- fixed multiple problems with unlink()- fapolicyd breaks system upgrade, leaving system in dead state - complete fixResolves: rhbz#1943251
* Tue Feb 16 2021 Radovan Sroka - 1.0.2-3RHEL 8.4.0 ERRATUM- rebase to 1.0.2- strong dependency on rpm/rpm-plugin-fapolicyd- installed dnf-plugin is dummy and we are not using it anymore- enabled integrity settingResolves: rhbz#1887451- added make check- Adding DISA STIG during OS installation causes \'ipa-server-install\' to fail- fixed java detectionResolves: rhbz#1895435- dnf update fails when fapolicyd is enabledResolves: rhbz#1876975- fapolicyd breaks system upgrade, leaving system in dead state - complete fixResolves: rhbz#1896875
* Tue Jun 30 2020 Radovan Sroka - 1.0-3RHEL 8.3 ERRATUM- fixed manpage fapolicyd-confResolves: rhbz#1817413
* Mon May 25 2020 Radovan Sroka - 1.0-2RHEL 8.3 ERRATUM- rebase to v1.0- installed multiple policies to /usr/share/fapolicyd - known-libs (default) - restrictive- installed fapolicyd.trust file- enhanced fapolicyd-cliResolves: rhbz#1817413- introduced fapolicyd-selinux that provides SELinux policy moduleResolves: rhbz#1714529
* Tue Mar 03 2020 Radovan Sroka - 0.9.1-4RHEL 8.2 ERRATUM- fixed possible heap buffer overflow in elf parserResolves: rhbz#1807912
* Tue Feb 11 2020 Radovan Sroka - 0.9.1-3RHEL 8.2 ERRATUM- fixed build time python interpreter detection (spec)- added python2-devel as a BuildRequires (spec)- allow running bash scripts in home directoriesResolves: rhbz#1801872
* Wed Nov 20 2019 Radovan Sroka - 0.9.1-2RHEL 8.2 ERRATUM- rebase to v0.9.1- updated default configuration with new syntax- removed daemon mounts configurationResolves: rhbz#1759895- default fapolicyd policy prevents Ansible from running- added ansible rule to default rulesetResolves: rhbz#1746464- suspicious logs on service startResolves: rhbz#1747494- fapolicyd blocks dracut from generating initramfs- added dracut rule to default configurationResolves: rhbz#1757736- fapolicyd fails to identify perl interpreterResolves: rhbz#1765039
* Wed Jul 24 2019 Radovan Sroka - 0.8.10-3- added missing manpage for fapolicyd-cliResolves: rhbz#1708015
* Mon Jul 22 2019 Radovan Sroka - 0.8.10-2- Convert hashes to lowercase like sha256sum outputs- Stop littering STDOUT output for dnf plugin in fapolicydResolves: rhbz#1721496
* Tue Jun 18 2019 Radovan Sroka - 0.8.10-1- new upstream releaseResolves: rhbz#1673323
* Mon May 06 2019 Radovan Sroka - 0.8.9-1- New upstream release- imported from fedora30 resolves: rhbz#1673323
* Wed Mar 13 2019 Radovan Sroka - 0.8.8-2- backport some patches to resolve dac_override for fapolicyd
* Mon Mar 11 2019 Radovan Sroka - 0.8.8-1- New upstream release- Added new DNF plugin that can update the trust database when rpms are installed- Added support for FAN_OPEN_EXEC_PERM
* Thu Jan 31 2019 Fedora Release Engineering - 0.8.7-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Oct 03 2018 Steve Grubb 0.8.7-1- New upstream bugfix release
* Fri Jul 13 2018 Fedora Release Engineering - 0.8.6-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 07 2018 Steve Grubb 0.8.6-1- New upstream feature release
* Fri May 18 2018 Steve Grubb 0.8.5-2- Add dist tag (#1579362)
* Fri Feb 16 2018 Steve Grubb 0.8.5-1- New release