Hello community, here is the log from the commit of package libsepol for openSUSE:Leap:15.2 checked in at 2020-03-20 05:52:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/libsepol (Old) and /work/SRC/openSUSE:Leap:15.2/.libsepol.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsepol" Fri Mar 20 05:52:48 2020 rev:18 rq:785975 version:3.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/libsepol/libsepol.changes 2020-01-15 15:25:06.390565994 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.libsepol.new.3160/libsepol.changes 2020-03-20 05:52:59.204066693 +0100 @@ -1,0 +2,47 @@ +Tue Mar 3 12:17:04 UTC 2020 - Johannes Segitz <[email protected]> + +- Update to version 3.0 + * cil: Allow validatetrans rules to be resolved + * cil: Report disabling an optional block only at high verbose levels + * cil: do not dereference perm_value_to_cil when it has not been allocated + * cil: fix mlsconstrain segfault + * Further improve binary policy optimization + * Make an unknown permission an error in CIL + * Remove cil_mem_error_handler() function pointer + * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping + * Add a function to optimize kernel policy + * Add ebitmap_for_each_set_bit macro + + Dropped fnocommon.patch as it's included upstream + +------------------------------------------------------------------- +Thu Jan 30 14:11:56 UTC 2020 - Johannes Segitz <[email protected]> + +- Add fnocommon.patch to prevent build failures on gcc10 and + remove_cil_mem_error_handler.patch to prevent build failures due to + leftovers from the removal of cil_mem_error_handler (bsc#1160874) + +------------------------------------------------------------------- +Thu Jun 20 10:25:00 UTC 2019 - Martin Liška <[email protected]> + +- Disable LTO due to symbol versioning (boo#1138813). + +------------------------------------------------------------------- +Wed Mar 20 15:12:34 UTC 2019 - [email protected] + +- Update to version 2.9 + * Add two new Xen initial SIDs + * Check that initial sid indexes are within the valid range + * Create policydb_sort_ocontexts() + * Eliminate initial sid string definitions in module_to_cil.c + * Rename kernel_to_common.c stack functions + * add missing ibendport port validity check + * destroy the copied va_list + * do not call malloc with 0 byte + * do not leak memory if list_prepend fails + * do not use uninitialized value for low_value + * fix endianity in ibpkey range checks + * ibpkeys.c: fix printf format string specifiers for subnet_prefix + * mark permissive types when loading a binary policy + +------------------------------------------------------------------- @@ -14,0 +62,2 @@ + For changes please see + https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt @@ -19,0 +69,2 @@ + For changes please see + https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt Old: ---- libsepol-2.8.tar.gz New: ---- libsepol-3.0.tar.gz remove_cil_mem_error_handler.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsepol.spec ++++++ --- /var/tmp/diff_new_pack.JqotDZ/_old 2020-03-20 05:52:59.684067013 +0100 +++ /var/tmp/diff_new_pack.JqotDZ/_new 2020-03-20 05:52:59.688067016 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsepol # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,14 +17,15 @@ Name: libsepol -Version: 2.8 +Version: 3.0 Release: 0 Summary: SELinux binary policy manipulation library License: LGPL-2.1-or-later Group: Development/Libraries/C and C++ -Url: https://github.com/SELinuxProject/selinux/wiki/Releases -Source: https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/%{name}-%{version}.tar.gz +URL: https://github.com/SELinuxProject/selinux/wiki/Releases +Source: https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz Source2: baselibs.conf +Patch1: remove_cil_mem_error_handler.patch BuildRequires: flex BuildRequires: pkgconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -86,8 +87,10 @@ %prep %setup -q +%patch1 -p1 %build +%define _lto_cflags %{nil} export CFLAGS="%{optflags}" make %{?_smp_mflags} @@ -101,6 +104,7 @@ %defattr(-,root,root) %{_bindir}/chkcon %{_mandir}/man8/*.8%{ext_man} +%{_mandir}/ru/man8/*.8%{ext_man} %files -n libsepol1 %defattr(-,root,root) ++++++ libsepol-2.8.tar.gz -> libsepol-3.0.tar.gz ++++++ ++++ 5365 lines of diff (skipped) ++++++ remove_cil_mem_error_handler.patch ++++++ commit 3d32fc24d6aff360a538c63dad08ca5c957551b0 Author: Ondrej Mosnacek <[email protected]> Date: Thu Jan 23 13:57:14 2020 +0100 libsepol: remove leftovers of cil_mem_error_handler Commit 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer") replaced cil_mem_error_handler usage with inline contents of the default handler. However, it left over the header declaration and two callers. Convert these as well and remove the header declaration. This also fixes a build failure with -fno-common. Fixes: 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer") Signed-off-by: Ondrej Mosnacek <[email protected]> diff --git a/libsepol/cil/src/cil_mem.h b/libsepol/cil/src/cil_mem.h index 902ce131..794f02a3 100644 --- a/cil/src/cil_mem.h +++ b/cil/src/cil_mem.h @@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size); void *cil_realloc(void *ptr, size_t size); char *cil_strdup(const char *str); int cil_asprintf(char **strp, const char *fmt, ...); -void (*cil_mem_error_handler)(void); #endif /* CIL_MEM_H_ */ diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c index 97d4c4b9..2598bbf3 100644 --- a/cil/src/cil_strpool.c +++ b/cil/src/cil_strpool.c @@ -80,8 +80,8 @@ char *cil_strpool_add(const char *str) int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); if (rc != SEPOL_OK) { pthread_mutex_unlock(&cil_strpool_mutex); - (*cil_mem_error_handler)(); - pthread_mutex_lock(&cil_strpool_mutex); + cil_log(CIL_ERR, "Failed to allocate memory\n"); + exit(1); } } @@ -104,8 +104,8 @@ void cil_strpool_init(void) cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE); if (cil_strpool_tab == NULL) { pthread_mutex_unlock(&cil_strpool_mutex); - (*cil_mem_error_handler)(); - return; + cil_log(CIL_ERR, "Failed to allocate memory\n"); + exit(1); } } cil_strpool_readers++;
