-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-6948 2008-08-07 21:19:40 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 9 Version : 3.3.1 Release : 82.fc9 URL : http://serefpolicy.sourceforge.net Summary : SELinux policy configuration Description : SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2624. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 30 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-82 - Change mail_spool to be a files_mountpoint * Tue Jul 29 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-81 - Add boolean httpd_execmem - Add dontaudit for leaky pam_nssldap - Dontaudit ptrace of domains for staff_t * Thu Jul 24 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-80 - Allow system_crond_t to restart init scripts - Allow dnsmasq to bind to any udp port - Change dhclient to be able to red networkmanager_var_run * Thu Jul 17 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-79 - Allow xguest to communicate with hal - allow mozilla to communicate with networkmanager - Add kpropd policy * Tue Jul 8 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-78 - Allow unconfined_t to setfcap - Allow spamassassin to read razor lib files * Mon Jul 7 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-77 - Allow amanda to read tape - Allow prewikka cgi to use syslog, allow prelude_ausisp to signal audisp_t - Add support for netware file systems * Thu Jul 3 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-76 - Allow ypbind apps to net_bind_service * Wed Jul 2 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-75 - Fix transition from unconfined_t to dhcpc_t - Allow all system domains and application domains to append to any log file - allow sendmail to use courier_spool fifo files * Tue Jul 1 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-74 - Make virtd an unconfined domain * Sun Jun 29 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-73 - Allow exim to use system_cron pipes - Allow gdm to read rpm database - Allow nsplugin to read mplayer config files - Allow login programs to write to /var/run/pam directory (Encrypted directories) - Fixes for courier domain - Add courier domain to mls policy * Mon Jun 23 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-72 - Fix file context of real player * Mon Jun 23 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-71 - Allow system_mail_t to exec other mail clients - Label mogrel_rails as an apache server * Mon Jun 23 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-70 - Apply unconfined_execmem_exec_t to haskell programs * Sun Jun 22 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-69 - Fix prelude file context * Sun Jun 22 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-68 - Allow virt to getsched and setsched on qemu - Allow networkmanager to getattr on fixed disk * Wed Jun 4 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-66 - Add slattach policy for eparis testing * Mon Jun 2 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-65 - Allow bootloader to run mount in the users role * Mon Jun 2 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-64 - Allow policykit_resolve to ptrace all levels * Fri May 30 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-63 - Allow policykit_resolve to ptrace user processes * Fri May 30 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-61 - Allow policykit_resolve to read users process table * Thu May 29 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-60 - Allow policykit_resolve to read polkit_var_lib - Other policykit fixes * Thu May 29 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-59 - Allow oddjob to change roles * Thu May 29 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-58 - Allow policykit_resolve to getattr hal - Allow pyzor_t manage files user_pyzor_home_t * Wed May 28 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-57 - Allow dhcpc sys_nice - Allow handling of /var/run/video.rom - Allow policykit_resolve to use dbus * Wed May 21 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-56 - Fix vncserver transition to work properly in unconfined environment. - Allow virsh to run * Tue May 20 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-55 - More fixes for spamassassin * Tue May 20 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-54 - Allow spamassassin_t to be run by system_r * Mon May 19 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-53 - Add mono_exec to podsleuth * Fri May 16 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-52 - Allow httpd_suexec_t to use cgi scripts in home dir - Allow httpd_syexec_t to connect to mysql - Allow sasl to communicate with kerberos rhost cache - Fix vncserver to work again - Allow procmail to ioctl spamasssin_exec_t * Tue May 13 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-51 - Dontaudit dhcpc_t reading of domains state * Mon May 12 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-50 - Add sys_nice for audispd * Thu May 8 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-49 - Allow libvirtd sys_nice - Fixes for policykit - Allow dovecot getattr all filesystem directories * Wed May 7 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-48 - Allow amanada to create data files * Wed May 7 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-47 - Fix initial install, semanage setup * Tue May 6 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-46 - Allow system_r for httpd_unconfined_script_t * Wed Apr 30 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-45 - Remove dmesg boolean - Allow user domains to read/write game data * Mon Apr 28 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-44 - Change unconfined_t to transition to unconfined_mono_t when running mono - Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work * Mon Apr 28 2008 Dan Walsh <[EMAIL PROTECTED]> 3.3.1-43 - Remove old booleans from targeted-booleans.conf file -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update selinux-policy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce