Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libsepol-utils-3.5-2.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

Name: libsepol-utils Distribution: openSUSE:Factory:zSystems
Version: 3.5 Vendor: openSUSE
Release: 2.1 Build date: Wed Oct 11 14:06:10 2023
Group: System/Base Build host: s390zl25
Size: 64503 Source RPM: libsepol-3.5-2.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/SELinuxProject/selinux/wiki/Releases
Summary: SELinux binary policy manipulation tools
 
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing
policy boolean settings.

Provides

Requires

License

LGPL-2.1-or-later

Changelog

* Thu Mar 23 2023 Martin Liška <mliska@suse.cz>
  - Enable LTO now (boo#1138813).
* Fri Feb 24 2023 Johannes Segitz <jsegitz@suse.com>
  - Update to version 3.5
    * Stricter policy validation
    * do not write empty class definitions to allow simpler round-trip tests
    * reject attributes in type av rules for kernel policies
  - Added additional developer key (Jason Zaman)
* Mon May 09 2022 Johannes Segitz <jsegitz@suse.com>
  - Update to version 3.4
    * Add 'ioctl_skip_cloexec' policy capability
    * Add sepol_av_perm_to_string
    * Add policy utilities
    * Support IPv4/IPv6 address embedding
    * Hardened/added many validations
    * Add support for file types in writing out policy.conf
    * Allow optional file type in genfscon rules
* Thu Nov 11 2021 Johannes Segitz <jsegitz@suse.com>
  - Update to version 3.3
    * Dropped CVE-2021-36085.patch, CVE-2021-36086.patch, CVE-2021-36087.patch
      are all included
    * Lot of smaller fixes identified by fuzzing
* Wed Jul 21 2021 Johannes Segitz <jsegitz@suse.com>
  - Fix heap-based buffer over-read in ebitmap_match_any (CVE-2021-36087, 1187928.
    Added CVE-2021-36087.patch
* Mon Jul 05 2021 Johannes Segitz <jsegitz@suse.com>
  - Fix use-after-free in __cil_verify_classperms (CVE-2021-36085, 1187965).
    Added CVE-2021-36085.patch
  - Fix use-after-free in cil_reset_classpermission (CVE-2021-36086, 1187964).
    Added CVE-2021-36086.patch
* Tue Mar 09 2021 Johannes Segitz <jsegitz@suse.com>
  - Update to version 3.2
    * more space-efficient form of storing filename transitions in the binary
      policy and reduced the size of the binary policy
    * dropped old and deprecated symbols and functions. Version was bumped to
      libsepol.so.2
* Thu Oct 29 2020 Ludwig Nussel <lnussel@suse.de>
  - install to /usr (boo#1029961)
* Tue Jul 14 2020 Johannes Segitz <jsegitz@suse.com>
  - Update to version 3.1
    * Add support for new polcap genfs_seclabel_symlinks
    * Initialize the multiple_decls field of the cil db
    * Return error when identifier declared as both type and attribute
    * Write CIL default MLS rules on separate lines
    * Sort portcon rules consistently
    * Remove leftovers of cil_mem_error_handler
    * Drop remove_cil_mem_error_handler.patch, is included
* Mon Apr 27 2020 Martin Liška <mliska@suse.cz>
  - Enable -fcommon in order to fix boo#1160874.
* Tue Mar 03 2020 Johannes Segitz <jsegitz@suse.de>
  - Update to version 3.0
    * cil: Allow validatetrans rules to be resolved
    * cil: Report disabling an optional block only at high verbose levels
    * cil: do not dereference perm_value_to_cil when it has not been allocated
    * cil: fix mlsconstrain segfault
    * Further improve binary policy optimization
    * Make an unknown permission an error in CIL
    * Remove cil_mem_error_handler() function pointer
    * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping
    * Add a function to optimize kernel policy
    * Add ebitmap_for_each_set_bit macro
    Dropped fnocommon.patch as it's included upstream
* Thu Jan 30 2020 Johannes Segitz <jsegitz@suse.de>
  - Add fnocommon.patch to prevent build failures on gcc10 and
    remove_cil_mem_error_handler.patch to prevent build failures due to
    leftovers from the removal of cil_mem_error_handler (bsc#1160874)

Files

/usr/bin/chkcon
/usr/bin/sepol_check_access
/usr/bin/sepol_compute_av
/usr/bin/sepol_compute_member
/usr/bin/sepol_compute_relabel
/usr/bin/sepol_validate_transition
/usr/share/man/man8/chkcon.8.gz
/usr/share/man/man8/genpolbools.8.gz
/usr/share/man/man8/genpolusers.8.gz
/usr/share/man/ru/man8/chkcon.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:50:11 2024