Fedora Core 4 Update: selinux-policy-targeted-1.23.18-12

Daniel J Walsh dwalsh at redhat.com
Mon Jun 20 17:35:37 UTC 2005 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-429
2005-06-20
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : selinux-policy-targeted
Version     : 1.23.18
Release     : 12
Summary     : SELinux targeted policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux.  The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.

This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.

---------------------------------------------------------------------

* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-12

- Update for FC4

* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-11

- Fix NetworkManager dhcpd communications
- Fix hotplug

* Thu Jun 16 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-9

- Update Ivan trusted/untrusted patch
- add texrel_shlib_t to targeted

* Wed Jun 15 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-7

- Fixed for new cups domain hplip

* Mon Jun 13 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-6

- Further cleanup of user separation patches from Ivan

* Fri Jun 10 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-5

- Further cleanup of user separation patches from Ivan

* Thu Jun  9 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-3

- Add /etc/profile.d/selinux.sh /etc/profile.d/selinux.csh for strict
- move ice_tmp_t definition for mls

* Wed Jun  8 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-2

- Add alsa policy
- Policy cleanup from Ivan

* Mon Jun  6 2005 Dan Walsh <dwalsh at redhat.com> 1.23.18-1

- Upgrade from NSA
        * Merged minor fixes to pppd.fc and courier.te by Russell Coker.
        * Removed devfsd policy as suggested by Russell Coker.
        * Merged patch from Dan Walsh.  Includes beginnings of Ivan
        Gyurdiev's Font Config policy.  Don't transition to fsadm_t from
        unconfined_t (sysadm_t) in targeted policy.  Add support for
        debugfs in modutil.  Allow automount to create and delete
        directories in /root and /home dirs.  Move can_ypbind to
        chkpwd_macro.te.  Allow useradd to create additional files and
        types via the skell mechanism.  Other minor cleanups and fixes.

* Sat May 28 2005 Dan Walsh <dwalsh at redhat.com> 1.23.17-4

- Add evolution/thunderbird support for strict policy.  Including
break out of orbits, fonts, and gnome.  All done by Ivan G.

* Sat May 28 2005 Dan Walsh <dwalsh at redhat.com> 1.23.17-3

- Update policy, to remove crond_log_t
- Fix selinuxenabled check

* Thu May 26 2005 Dan Walsh <dwalsh at redhat.com> 1.23.17-2

- Fixes to cups/ptal
- Change ifconfig scripts back to etc_t

* Wed May 25 2005 Dan Walsh <dwalsh at redhat.com> 1.23.17-1

- Update from NSA
        * Merged minor fixes by Petre Rodan to the daemontools, dante,
        gpg, kerberos, and ucspi-tcp policies.
        * Merged minor fixes by Russell Coker to the bluetooth, crond,
        initrc, postfix, and udev  policies.  Modifies constraints so that
        newaliases can be run.  Modifies types.fc so that objects in
        lost+found directories will not be relabled.
        * Modified fc rules for nvidia.
        * Added Chad Sellers policy for polyinstantiation support, which
        creates the polydir, polyparent, and polymember attributes.  Also
        added the support_polyinstantiation tunable.
        * Merged patch from Dan Walsh.  Includes mount_point attribute,
        read_font macros and some other policy fixes from Ivan Gyurdiev.
        Adds privkmsg and secadmfile attributes and ddcprobe policy.
        Removes the use_syslogng boolean.  Many other minor fixes.

* Wed May 25 2005 Dan Walsh <dwalsh at redhat.com> 1.23.16-8

- Fixes for amanda
- Add debugfs for insmod
- Fixes for automount
- Fixes for useradd in strict policy

* Tue May 24 2005 Dan Walsh <dwalsh at redhat.com> 1.23.16-7

- Don't transition from sysadm_t to fsadm_t in targeted policy
- Fix sysadm_crond_tmp_t to tmpfile in targeted
- Allow kernel_t to read sysfs_t


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

deefafc8022f1c51dbb9f2d7e0b026be  
SRPMS/selinux-policy-targeted-1.23.18-12.src.rpm
0742e97bc4d89b6f0f460204d48205ff  
x86_64/selinux-policy-targeted-1.23.18-12.noarch.rpm
74824314f363c0e88d48e41f816433e9  
x86_64/selinux-policy-targeted-sources-1.23.18-12.noarch.rpm
0742e97bc4d89b6f0f460204d48205ff  
i386/selinux-policy-targeted-1.23.18-12.noarch.rpm
74824314f363c0e88d48e41f816433e9  
i386/selinux-policy-targeted-sources-1.23.18-12.noarch.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--

More information about the fedora-announce-list mailing list