-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-5f224b92e4 2025-12-02 01:30:54.608316+00:00 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 42 Version : 42.17 Release : 1.fc42 URL : https://github.com/fedora-selinux/selinux-policy Summary : SELinux policy configuration Description : SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. -------------------------------------------------------------------------------- Update Information: New F42 selinux-policy build New F42 selinux-policy build New F42 selinux-policy build -------------------------------------------------------------------------------- ChangeLog: * Wed Nov 26 2025 Zdenek Pytela <[email protected]> - 42.17-1 - Allow sshd-net read and write to sshd vsock socket - Update ktls policy - Add comprehensive SELinux policy module for bwrap thumbnail generation - Revert "Allow thumb_t create permission in the user namespace" - Allow systemd-machined read svirt process state - Allow sshd_auth_t getopt/setopt on tcp_socket (bsc#1252992) - Allow sysadm access to TPM - Allow tlp get the attributes of the pidfs filesystem - Allow kmscon to read netlink_kobject_uevent_socket * Thu Nov 20 2025 Zdenek Pytela <[email protected]> - 42.16-1 - Allow systemd-ssh-issue read kernel sysctls - fix: bz2279215 Allow speech-dispatcher access to user home/cache files - Allow create kerberos files in postgresql db home - Fix files_delete_boot_symlinks() to contain delete_lnk_files_pattern - Allow shell comamnds in locate systemd service (bsc#1246559) - Introduce initrc_nnp_daemon_domain interface - Label /var/lib/cosmic-greeter with xdm_var_lib_t - Allow setroubleshoot-fixit get attributes of xattr fs * Thu Nov 13 2025 Zdenek Pytela <[email protected]> - 42.15-1 - Allow insights-client manage /etc symlinks - Allow insights-client get attributes of the rpm executable - Allow nfsidmapd search virt lib directories - Allow iotop stream connect to systemd-userdbd - Allow gnome-remote-desktop read sssd public files - Allow thumb_t stream connect to systemd-userdbd - Allow bluez dbus API passing unix domain sockets - Allow bluez dbus api pass sockets over dbus - Dontaudit systemd-generator connect to sssd over a unix stream socket - Allow init watch/watch_reads systemd-machined user ptys - Fix syntax error in userdomain.if - Allow ras-mc-ctl get attributes of the kmod executable -------------------------------------------------------------------------------- References: [ 1 ] Bug #2279215 - speech-dispatcherd.service startup failure (AVC denied) https://bugzilla.redhat.com/show_bug.cgi?id=2279215 [ 2 ] Bug #2404920 - Syntax errors in the policy https://bugzilla.redhat.com/show_bug.cgi?id=2404920 [ 3 ] Bug #2413082 - SELinux is preventing RDP socket thre from 'read' accesses on the Verzeichnis /var/lib/sss/pubconf/krb5.include.d. https://bugzilla.redhat.com/show_bug.cgi?id=2413082 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-5f224b92e4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
