-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-11355 2013-06-20 17:28:51 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 19 Version : 3.12.1 Release : 54.fc19 URL : http://oss.tresys.com/repos/refpolicy/ Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2.20091117 -------------------------------------------------------------------------------- Update Information: - Make vdagent able to request loading kernel module - Add support for cloud-init make it as unconfined domain - Allow snmpd to run smartctl in fsadm_t domain - remove duplicate openshift_search_lib() interface - Allow mysqld to search openshift lib files - Allow openshift cgroup to interact with passedin file descriptors - Allow colord to list directories inthe users homedir - aide executes prelink to check files - Make sure cupsd_t creates content in /etc/cups with the correct label - Lest dontaudit apache read all domains, so passenger will not cause this avc - Allow gssd to connect to gssproxy - systemd-tmpfiles needs to be able to raise the level to fix labeling on /run/setrans in MLS - Allow systemd-tmpfiles to relabel also lock files - Allow useradd to add homdir in /var/lib/openshift - Allow setfiles and semanage to write output to /run/files -------------------------------------------------------------------------------- References: [ 1 ] Bug #964006 - cloud-init hostname service failing on initial boot https://bugzilla.redhat.com/show_bug.cgi?id=964006 [ 2 ] Bug #974825 - SELinux is preventing systemd-tmpfile from 'relabelfrom' accesses on the file lock. https://bugzilla.redhat.com/show_bug.cgi?id=974825 [ 3 ] Bug #975344 - SELinux is preventing spice-vdagentd from 'module_request' accesses on the system . https://bugzilla.redhat.com/show_bug.cgi?id=975344 [ 4 ] Bug #975737 - SELinux is preventing /usr/bin/razor-lightdm-greeter from 'execute' accesses on the file /bin/razor-power. https://bugzilla.redhat.com/show_bug.cgi?id=975737 [ 5 ] Bug #975743 - SELinux is preventing /usr/bin/Xephyr from write, search access on the directory xkb. https://bugzilla.redhat.com/show_bug.cgi?id=975743 [ 6 ] Bug #975817 - SELinux is preventing /usr/sbin/ntop from 'read' accesses on the chr_file usbmon11. https://bugzilla.redhat.com/show_bug.cgi?id=975817 [ 7 ] Bug #975853 - SELinux is preventing /usr/bin/pkla-check-authorization from 'getattr' accesses on the filesystem /. https://bugzilla.redhat.com/show_bug.cgi?id=975853 [ 8 ] Bug #976017 - Please push latest selinux policy to fix denials for gvfs and others https://bugzilla.redhat.com/show_bug.cgi?id=976017 [ 9 ] Bug #974581 - SELinux, gssproxy, rpc.gssd https://bugzilla.redhat.com/show_bug.cgi?id=974581 [ 10 ] Bug #975695 - SELinux prevent fail2ban (fail2ban-client werite) to start (F19-TC5) https://bugzilla.redhat.com/show_bug.cgi?id=975695 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
