diff --git a/.gitignore b/.gitignore index f02605b..300ba49 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ SOURCES/container-selinux.tgz -SOURCES/selinux-policy-e0e55ec.tar.gz +SOURCES/selinux-policy-e464c3b.tar.gz diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata index e543373..e9110e2 100644 --- a/.selinux-policy.metadata +++ b/.selinux-policy.metadata @@ -1,2 +1,2 @@ -af636ad9e5dcfa4a0086e0bc91aa01749bba8493 SOURCES/container-selinux.tgz -5e463dff1b417b36730f44922c51ff95a509e565 SOURCES/selinux-policy-e0e55ec.tar.gz +a7770e3ebc8e88c6c514ec4a8fe532526e3798ae SOURCES/container-selinux.tgz +26ce88444772beacbefbd1647e4b89eca510518c SOURCES/selinux-policy-e464c3b.tar.gz diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec index 5f76c22..d7b5d7d 100644 --- a/SPECS/selinux-policy.spec +++ b/SPECS/selinux-policy.spec @@ -1,6 +1,6 @@ # github repo with selinux-policy sources %global giturl https://github.com/fedora-selinux/selinux-policy -%global commit e0e55ecfdebae28221324ff62a7784fe509617df +%global commit e464c3bb967763b8bfac50769b72159d040088b9 %global shortcommit %(c=%{commit}; echo ${c:0:7}) %define distro redhat @@ -23,8 +23,8 @@ %define CHECKPOLICYVER 3.2 Summary: SELinux policy configuration Name: selinux-policy -Version: 40.13.12 -Release: 2%{?dist} +Version: 40.13.13 +Release: 1%{?dist} License: GPL-2.0-or-later Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz Source1: modules-targeted-base.conf @@ -860,6 +860,20 @@ exit 0 %endif %changelog +* Tue Nov 12 2024 Zdenek Pytela - 40.13.13-1 +- Revert "Allow unconfined_t execute kmod in the kmod domain" +Resolves: RHEL-65190 +- Add policy for /usr/libexec/samba/samba-bgqd +Resolves: RHEL-64908 +- Label samba certificates with samba_cert_t +Resolves: RHEL-64908 +- Label /usr/bin/samba-gpupdate with samba_gpupdate_exec_t +Resolves: RHEL-64908 +- Allow rpcd read network sysctls +Resolves: RHEL-64737 +- Label all semanage store files in /etc as semanage_store_t +Resolves: RHEL-65864 + * Tue Oct 29 2024 Troy Dawson - 40.13.12-2 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018