-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-5789 2011-04-22 00:08:33 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 15 Version : 3.9.16 Release : 18.fc15 URL : http://oss.tresys.com/repos/refpolicy/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2.20091117 -------------------------------------------------------------------------------- Update Information: - Allow spamd to sent mail - Needs to be able to write to its systemhigh log file - Fix aide policy to run on MLS boxes - Allow NetworkManager to manage content in /etc/NetworkManager/system-connections - Allow user_t and staff_t access to generic scsi to handle locally plugged in scanners - Allow telepath_msn_t to read /proc/PARENT/cmdline - ftpd needs kill capability - Allow telepath_msn_t to connect to sip port - keyring daemon does not work on nfs homedirs - Allow $1_sudo_t to read default SELinux context - Add label for tgtd sock file in /var/run/ - Add apache_exec_rotatelogs interface - allow all zaraha domains to signal themselves, server writes to /tmp - Allow syslog to read the process state - Add label for /usr/lib/chromium-browser/chrome - Remove the telepathy transition from unconfined_t - Dontaudit sandbox domains trying to mounton sandbox_file_t, this is caused by fuse mounts - Allow initrc_t domain to manage abrt pid files - Add support for AEOLUS project - Virt_admin should be allowed to manage images and processes - Allow plymountd to send signals to init - Change labeling of fping6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #695563 - SELinux is preventing /usr/libexec/colord from 'getattr' accesses on the filesystem /. https://bugzilla.redhat.com/show_bug.cgi?id=695563 [ 2 ] Bug #698884 - SELinux is preventing /usr/libexec/mission-control-5 from 'read' accesses on the unix_stream_socket Unknown. https://bugzilla.redhat.com/show_bug.cgi?id=698884 [ 3 ] Bug #699328 - SELinux is preventing /usr/sbin/ntpd from read, write access on the shared memory Unknown. https://bugzilla.redhat.com/show_bug.cgi?id=699328 [ 4 ] Bug #699533 - selinux blocking dhclient https://bugzilla.redhat.com/show_bug.cgi?id=699533 [ 5 ] Bug #699535 - dhclient spawned script (bash) blocked by Selinux default policy https://bugzilla.redhat.com/show_bug.cgi?id=699535 [ 6 ] Bug #696610 - SELinux is preventing plymouthd from using the 'signal' accesses on a process. https://bugzilla.redhat.com/show_bug.cgi?id=696610 [ 7 ] Bug #696921 - SELinux is preventing systemd-kmsg-sy from 'search' accesses on the directory 22673. https://bugzilla.redhat.com/show_bug.cgi?id=696921 [ 8 ] Bug #697670 - SELinux is preventing /usr/libexec/mission-control-5 from 'read' accesses on the file /proc/<pid>/cmdline. https://bugzilla.redhat.com/show_bug.cgi?id=697670 [ 9 ] Bug #698266 - SELinux is preventing /usr/libexec/telepathy-haze from 'name_connect' accesses on the tcp_socket port 5061. https://bugzilla.redhat.com/show_bug.cgi?id=698266 [ 10 ] Bug #698372 - SELinux is preventing /usr/libexec/telepathy-haze from 'read' accesses on the file /proc/<pid>/cmdline. https://bugzilla.redhat.com/show_bug.cgi?id=698372 [ 11 ] Bug #698559 - SELinux is preventing /usr/libexec/telepathy-sofiasip from name_bind access on the tcp_socket port https://bugzilla.redhat.com/show_bug.cgi?id=698559 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
