Fedora 27 Update: licensecheck-3.0.31-3.fc27
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-15eeb823ff
2018-07-30 01:00:48.468913
--------------------------------------------------------------------------------
Name : licensecheck
Product : Fedora 27
Version : 3.0.31
Release : 3.fc27
URL : http://search.cpan.org/dist/App-Licensecheck/
Summary : Simple license checker for source files
Description :
Licensecheck attempts to determine the license that applies to each file passed
to it, by searching the start of the file for text belonging to various
licenses.
--------------------------------------------------------------------------------
Update Information:
This update fixes a possible failure due to use of an unitialized value.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jul 20 2018 Sandro Mani <manisandro(a)gmail.com> - 3.0.31-3
- Fix: Use of uninitialized value $3 in concatenation (.) or string (#1595880)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1595880 - Use of uninitialized value $3 in concatenation (.) or string at /usr/share/perl5/vendor_perl/App/Licensecheck.pm
https://bugzilla.redhat.com/show_bug.cgi?id=1595880
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-15eeb823ff' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 27 Update: libndn-cxx-0.6.1-5.fc27
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-9fcc532145
2018-07-30 01:00:48.468846
--------------------------------------------------------------------------------
Name : libndn-cxx
Product : Fedora 27
Version : 0.6.1
Release : 5.fc27
URL : http://named-data.net
Summary : C++ library implementing Named Data Networking primitives
Description :
libndn-cxx is a C++ library that implements NDN primitives.
--------------------------------------------------------------------------------
Update Information:
Update python dependency for F29 release
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2018 Susmit Shannigrahi <susmit at cs.colostate.edu> - 0.6.1-5
- Update python dependency for F29 release
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.6.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Mar 15 2018 Iryna Shcherbina <ishcherb(a)redhat.com> - 0.6.1-3
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Fri Feb 23 2018 Rex Dieter <rdieter(a)fedoraproject.org> - 0.6.1-2
- rebuild (cryptopp)
* Mon Feb 19 2018 Susmit Shannigrahi <susmit at cs.colostate.edu> - 0.6.1-1
- Package for 0.6.1 release
* Tue Jan 30 2018 Susmit Shannigrahi <susmit at cs.colostate.edu> - 0.6.0-1
- Package for 0.6.0 release
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-9fcc532145' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: mtxclient-0.1.0-5.20180714git2f519d2.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-6f70ec5d3d
2018-07-29 03:19:11.836767
--------------------------------------------------------------------------------
Name : mtxclient
Product : Fedora 28
Version : 0.1.0
Release : 5.20180714git2f519d2.fc28
URL : https://github.com/mujx/mtxclient
Summary : Client API library for Matrix, built on top of Boost.Asio
Description :
Client API library for the Matrix protocol, built on top of Boost.Asio.
--------------------------------------------------------------------------------
Update Information:
Features ============== * End-to-End encryption for text messages. * Context
menu option to request missing encryption keys. * Desktop notifications on all
platforms (Linux, macOS, Windows). * Responsive UI (hidden sidebar/timeline).
* Basic support for replies (#292) Improvements ====================== * Save
timeline messages in cache for faster startup times. * Debug logs will now be
saved in a file. * New translations * French (#329) * Polish (#349) *
No dependencies will be downloaded during build. * Add the -v / --version
option, which displays the version of the application. * Explicitly set no
timeout for the Linux notifications. Bug fixes =================== * Allow
close events from the session manager (#353). * Send image dimensions in
m.image event (#215). * Allow arbitrary resizing of the main window & restore
sidebar's size (#160, #163, #187, #127). * Fix crash when drag 'n drop files on
text input. (#363) * Convert MXC to HTTP URI for video files. * Don't display
the m.room.encryption event twice. * Properly reset the auto-complete anchor
when the popup closes. (#305) * Use a brighter color for button's text on the
system theme. (#355)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1601239 - nheko-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1601239
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-6f70ec5d3d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: nheko-0.5.1-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-6f70ec5d3d
2018-07-29 03:19:11.836767
--------------------------------------------------------------------------------
Name : nheko
Product : Fedora 28
Version : 0.5.1
Release : 1.fc28
URL : https://github.com/mujx/nheko
Summary : Desktop client for the Matrix protocol
Description :
The motivation behind the project is to provide a native desktop app
for Matrix that feels more like a mainstream chat app.
--------------------------------------------------------------------------------
Update Information:
Features ============== * End-to-End encryption for text messages. * Context
menu option to request missing encryption keys. * Desktop notifications on all
platforms (Linux, macOS, Windows). * Responsive UI (hidden sidebar/timeline).
* Basic support for replies (#292) Improvements ====================== * Save
timeline messages in cache for faster startup times. * Debug logs will now be
saved in a file. * New translations * French (#329) * Polish (#349) *
No dependencies will be downloaded during build. * Add the -v / --version
option, which displays the version of the application. * Explicitly set no
timeout for the Linux notifications. Bug fixes =================== * Allow
close events from the session manager (#353). * Send image dimensions in
m.image event (#215). * Allow arbitrary resizing of the main window & restore
sidebar's size (#160, #163, #187, #127). * Fix crash when drag 'n drop files on
text input. (#363) * Convert MXC to HTTP URI for video files. * Don't display
the m.room.encryption event twice. * Properly reset the auto-complete anchor
when the popup closes. (#305) * Use a brighter color for button's text on the
system theme. (#355)
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 26 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.5.1-1
- Updated to version 0.5.1.
* Fri Jul 13 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.4.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jul 12 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.3-2
- Fixed issue with system shutdown on KDE Plasma.
* Sun Jun 3 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.3-1
- Updated to version 0.4.3.
* Fri May 25 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.2-1
- Updated to version 0.4.2.
* Thu May 24 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.1-1
- Updated to version 0.4.1.
* Fri May 4 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.4.0-1
- Updated to version 0.4.0.
* Fri Apr 13 2018 Vitaly Zaitsev <vitaly(a)easycoding.org> - 0.3.1-1
- Updated to version 0.3.1.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1601239 - nheko-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1601239
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-6f70ec5d3d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: matrix-structs-0.1.0-5.20180714git8de04af.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-6f70ec5d3d
2018-07-29 03:19:11.836767
--------------------------------------------------------------------------------
Name : matrix-structs
Product : Fedora 28
Version : 0.1.0
Release : 5.20180714git8de04af.fc28
URL : https://github.com/mujx/matrix-structs
Summary : De/Serializable types for events, requests/responses and identifiers
Description :
Collection of structs used in the Matrix protocol with built in
serialization/deserialization to/from json.
There is support for:
* events;
* matrix identifiers;
* request types;
* response types.
--------------------------------------------------------------------------------
Update Information:
Features ============== * End-to-End encryption for text messages. * Context
menu option to request missing encryption keys. * Desktop notifications on all
platforms (Linux, macOS, Windows). * Responsive UI (hidden sidebar/timeline).
* Basic support for replies (#292) Improvements ====================== * Save
timeline messages in cache for faster startup times. * Debug logs will now be
saved in a file. * New translations * French (#329) * Polish (#349) *
No dependencies will be downloaded during build. * Add the -v / --version
option, which displays the version of the application. * Explicitly set no
timeout for the Linux notifications. Bug fixes =================== * Allow
close events from the session manager (#353). * Send image dimensions in
m.image event (#215). * Allow arbitrary resizing of the main window & restore
sidebar's size (#160, #163, #187, #127). * Fix crash when drag 'n drop files on
text input. (#363) * Convert MXC to HTTP URI for video files. * Don't display
the m.room.encryption event twice. * Properly reset the auto-complete anchor
when the popup closes. (#305) * Use a brighter color for button's text on the
system theme. (#355)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1601239 - nheko-0.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1601239
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-6f70ec5d3d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: dracut-048-14.git20180726.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-0b82983708
2018-07-29 03:19:11.836753
--------------------------------------------------------------------------------
Name : dracut
Product : Fedora 28
Version : 048
Release : 14.git20180726.fc28
URL : https://dracut.wiki.kernel.org/
Summary : Initramfs generator using udev
Description :
dracut contains tools to create bootable initramfses for the Linux
kernel. Unlike previous implementations, dracut hard-codes as little
as possible into the initramfs. dracut contains various modules which
are driven by the event-based udev. Having root on MD, DM, LVM2, LUKS
is supported as well as NFS, iSCSI, NBD, FCoE with the dracut-network
package.
--------------------------------------------------------------------------------
Update Information:
* bring back `51-dracut-rescue-postinst.sh`
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 26 2018 Harald Hoyer <harald(a)redhat.com> - 048-14.git20180726
- bring back 51-dracut-rescue-postinst.sh
* Wed Jul 18 2018 Harald Hoyer <harald(a)redhat.com> - 048-6.git20180718
- git snapshot
* Thu Jul 12 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 048-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Jul 6 2018 Harald Hoyer <harald(a)redhat.com> - 048-1
- version 048
* Fri Jun 22 2018 Adam Williamson <awilliam(a)redhat.com> - 047-34.git20180604.1
- Test build with proposed fix for #1593028
* Mon Jun 4 2018 Harald Hoyer <harald(a)redhat.com> - 047-34.git20180604
- git snapshot
* Tue May 15 2018 Harald Hoyer <harald(a)redhat.com> - 047-32.git20180515
- git snapshot
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1581478 - dnf system upgrade does not upgrade rescue kernel
https://bugzilla.redhat.com/show_bug.cgi?id=1581478
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-0b82983708' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: python-setuptools-39.2.0-6.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-47d56cbe45
2018-07-29 03:19:11.836740
--------------------------------------------------------------------------------
Name : python-setuptools
Product : Fedora 28
Version : 39.2.0
Release : 6.fc28
URL : https://pypi.python.org/pypi/setuptools
Summary : Easily build and distribute Python packages
Description :
Setuptools is a collection of enhancements to the Python distutils that allow
you to more easily build and distribute Python packages, especially ones that
have dependencies on other packages.
This package also contains the runtime components of setuptools, necessary to
execute the software that requires pkg_resources.py.
--------------------------------------------------------------------------------
Update Information:
Create /usr/local/lib/pythonX.Y when needed
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 19 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 39.2.0-6
- Create /usr/local/lib/pythonX.Y when needed (#1576924)
* Sat Jul 14 2018 Fedora Release Engineering <releng(a)fedoraproject.org> - 39.2.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Mon Jun 18 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 39.2.0-4
- Rebuilt for Python 3.7
* Wed Jun 13 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 39.2.0-3
- Bootstrap for Python 3.7
* Wed Jun 13 2018 Miro Hron��ok <mhroncok(a)redhat.com> - 39.2.0-2
- Bootstrap for Python 3.7
* Wed May 23 2018 Charalampos Stratakis <cstratak(a)redhat.com> - 39.2.0-1
- update to 39.2.0 Fixes bug #1572889
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1576924 - [Errno 2] No such file or directory: '/usr/local/lib/python3.6/site-packages
https://bugzilla.redhat.com/show_bug.cgi?id=1576924
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-47d56cbe45' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: linkchecker-9.4.0-2.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-9c3620944d
2018-07-29 03:19:11.836726
--------------------------------------------------------------------------------
Name : linkchecker
Product : Fedora 28
Version : 9.4.0
Release : 2.fc28
URL : https://linkcheck.github.io/linkchecker/
Summary : Check HTML documents for broken links
Description :
LinkChecker is a website validator. LinkChecker checks links in web documents or full websites.
Features:
- Recursive and multithreaded checking and site crawling
- Output in colored or normal text, HTML, SQL, CSV, XML or a sitemap graph in
different formats
- HTTP/1.1, HTTPS, FTP, mailto:, news:, nntp:, Telnet and local file links
support
- Restriction of link checking with regular expression filters for URLs
- Proxy support
- Username/password authorization for HTTP and FTP and Telnet
- Honors robots.txt exclusion protocol
- Cookie support
- HTML5 support
- HTML and CSS syntax check
- Antivirus check
- Different interfaces: command line, GUI and web interface
... and a lot more ...
--------------------------------------------------------------------------------
Update Information:
Require python-dns and python-pyxdg ---- Update to 9.4.0
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 25 2018 W. Michael Petullo <mike[at]flyn.org> - 9.4.0-2
- Require python-dns and python-pyxdg
* Wed Jul 25 2018 W. Michael Petullo <mike[at]flyn.org> - 9.4.0-1
- Update to 9.4.0
- Move COPYING from %doc to GPLv2
- Drop make -C doc/html/
- Drop gui package
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-9c3620944d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: selinux-policy-3.14.1-36.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-1050fb248b
2018-07-29 03:19:11.836712
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 28
Version : 3.14.1
Release : 36.fc28
URL : %{git0-base}
Summary : SELinux policy configuration
Description :
SELinux Base package for SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
More info: https://koji.fedoraproject.org/koji/buildinfo?buildID=1130751
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 25 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-36
- Allow aide to mmap all files
- Revert "Allow firewalld_t do read iptables_var_run_t files"
- Revert "Allow firewalld to create rawip sockets"
- Allow svirt_tcg_t domain to read system state of virtd_t domains
- Update rhcs contexts to reflects the latest fenced changes
- Allow httpd_t domain to rw user_tmp_t files
- Fix typo in openct policy
- Allow winbind_t domian to connect to all ephemeral ports
- Allow firewalld_t do read iptables_var_run_t files
- Allow abrt_t domain to mmap data_home files
- Allow glusterd_t domain to mmap user_tmp_t files
- Allow mongodb_t domain to mmap own var_lib_t files
- Allow firewalld to read kernel usermodehelper state
- Allow modemmanager_t to read sssd public files
- Allow openct_t domain to mmap own var_run_t files
- Allow nnp transition for devicekit daemons
- Allow firewalld to create rawip sockets
- Allow firewalld to getattr proc filesystem
- Dontaudit sys_admin capability for pcscd_t domain
- Revert "Allow pcsd_t domain sys_admin capability"
- Allow fetchmail_t domain to stream connect to sssd
- Allow pcsd_t domain sys_admin capability
- Allow cupsd_t to create cupsd_etc_t dirs
- Allow varnishlog_t domain to list varnishd_var_lib_t dirs
- Allow mongodb_t domain to read system network state BZ(1599230)
- Allow zoneminder_t to getattr of fs_t
- Allow tgtd_t domain to create dirs in /var/run labeled as tgtd_var_run_t BZ(1492377)
- Allow iscsid_t domain to mmap sysfs_t files
- Allow httpd_t domain to mmap own cache files
- Add sys_resource capability to nslcd_t domain
- Fixed typo in logging_audisp_domain interface
- Add interface files_mmap_all_files()
- Add interface iptables_read_var_run()
- Allow systemd to mounton init_var_run_t files
- Update policy rules for auditd_t based on changes in audit version 3
- Allow systemd_tmpfiles_t do mmap system db files
- Don't setup unlabeled_t as an entry_type
- Allow unconfined_service_t to transition to container_runtime_t
- Improve domain_transition_pattern to allow mmap entrypoint bin file.
* Wed Jul 18 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-35
- Allow cupsd_t domain to mmap cupsd_etc_t files
- Allow kadmind_t domain to mmap krb5kdc_principal_t
- Allow virtlogd_t domain to read virt_etc_t link files
- Allow dirsrv_t domain to read crack db
- Dontaudit pegasus_t to require sys_admin capability
- Allow mysqld_t domain to exec mysqld_exec_t binary files
- Allow abrt_t odmain to read rhsmcertd lib files
- Allow winbind_t domain to request kernel module loads
- Allow tomcat_domain to read cgroup_t files
- Allow varnishlog_t domain to mmap varnishd_var_lib_t files
- Allow innd_t domain to mmap news_spool_t files
- Label HOME_DIR/mozilla.pdf file as mozilla_home_t instead of user_home_t
- Allow fenced_t domain to reboot
- Allow amanda_t domain to read network system state
- Allow abrt_t domain to read rhsmcertd logs
- Dontaudit syslogd to watching top llevel dirs when imfile module is enabled
- Revert "Allow unconfined and sysadm users to use bpftool BZ(1591440)"
- Allow userdomain sudo domains to use generic ptys
- Allow systemd labeled as init_t to get sysvipc info BZ(1600877)
- Label /sbin/xtables-legacy-multi and /sbin/xtables-nft-multi as iptables_exec_t BZ(1600690)
* Tue Jul 3 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-34
- Add dac_read_search capability to thumb_t domain
- Add dac_override capability to cups_pdf_t domain BZ(1594271)
- Add net_admin capability to connntrackd_t domain BZ(1594221)
- Allow gssproxy_t domain to domtrans into gssd_t domain BZ(1575234)
- Fix interface init_dbus_chat in oddjob SELinux policy BZ(1590476)
- Allow motion_t to mmap video devices BZ(1590446)
- Add dac_override capability to mpd_t domain BZ(1585358)
- Allow fsdaemon_t domain to write to mta home files BZ(1588212)
- Allow virtlogd_t domain to chat via dbus with systemd_logind BZ(1589337)
- Allow sssd_t domain to write to general cert files BZ(1589339)
- Allow l2tpd_t domain to sends signull to ipsec domains BZ(1589483)
- Allow cockpit_session_t to read kernel network state BZ(1596941)
- Allow devicekit_power_t start with nnp systemd security feature with proper SELinux Domain transition BZ(1593817)
- Update rhcs_rw_cluster_tmpfs() interface to allow caller domain to mmap cluster_tmpfs_t files
- Allow chronyc_t domain to use nscd shm
- Label /var/lib/tomcats dir as tomcat_var_lib_t
- Allow lsmd_t domain to mmap lsmd_plugin_exec_t files
- Add ibacm policy
- Label /usr/sbin/rhn_check-[0-9]+.[0-9]+ as rpm_exec_t
- Allow kdumpgui_t domain to allow execute and mmap all binaries labeled as kdumpgui_tmp_t
- Allow rpm to check if SELinux will check original protection mode or modified protection mode (read-implies-exec) for mmap/mprotect. Allow rpm to reload systemd services
- Allow crond_t domain to create netlink selinux sockets and dac_override cap.
- Allow radiusd_t domain to have dac_override capability
- Allow amanda_t domain to have setgid capability
- Allow psad domain to setrlimit. Allow psad domain to stream connect to dbus Allow psad domain to exec journalctl_exec_t binary
- Update cups_filetrans_named_content() to allow caller domain create ppd directory with cupsd_etc_rw_t label
- Allow abrt_t domain to write to rhsmcertd pid files
- Allow pegasus_t domain to eexec lvm binaries and allow read/write access to lvm control
- Add vhostmd_t domain to read/write to svirt images
- Update kdump_manage_kdumpctl_tmp_files() interface to allow caller domain also mmap kdumpctl_tmp_t files
- Allow sssd_t and slpad_t domains to mmap generic certs
- Allow chronyc_t domain use inherited user ttys
- Allow stapserver_t domain to mmap own tmp files
- Allow systemd to mounton core kernel interface
- Add dac_override capability to ipsec_t domain BZ(1589534)
- Allow systemd domain to mmap lvm config files BZ(1594584)
- Allow systemd to write systemd_logind_inhibit_var_run_t fifo files
- Allows systemd to get attribues of core kernel interface BZ(1596928)
- Allow systemd_modules_load_t to access unabeled infiniband pkeys
- Allow init_t domain to create netlink rdma sockets for ibacm policy
- Update corecmd_exec_shell() interface to allow caller domain to mmap shell_exec_t files
- Allow lvm_t domain to write files to all mls levels
- Add to su_role_template allow rule for creating netlink_selinux sockets
- Allow sysadm_t domain to mmap hwdb db
- Allow udev_t domain to mmap kernel modules
- Allow sysadm_screen_t to have capability dac_override and chown
- Allow sysadm_t domain to mmap journal
- Merge branch 'rawhide' of github.com:fedora-selinux/selinux-policy into rawhide
- Label /etc/systemd/system.control/ dir as systemd_unit_file_t
- Merge pull request #215 from bachradsusi/merge-conf-from-fedora
- Allow sysadm_t and staff_t domains to use sudo io logging
- Allow sysadm_t domain create sctp sockets
- Add snapperd_contexts to the policy
- Use system_u:system_r:unconfined_t:s0 in userhelper_context
- Remove unneeded system_u seusers mapping.
- Fedora targeted default user is unconfined_u, root is unconfined_u as well
- Update config to reflect changes in default context for SELinux users related to pam_selinux.so which is now used in systemd-users.
- Change failsafe_context to unconfined_r:unconfined_t:s0
- Update lxc_contexts from Fedora config.tgz
- Add lxc_contexts config file
* Thu Jun 14 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-33
- Merge pull request #60 from vmojzis/rawhide
- Allow tangd_t domain stream connect to sssd
- Allow oddjob_t domain to chat with systemd via dbus
- Allow freeipmi domains to mmap sysfs files
- Fix typo in logwatch interface file
- Allow spamd_t to manage logwatch_cache_t files/dirs
- Allow dnsmasw_t domain to create own tmp files and manage mnt files
- Allow fail2ban_client_t to inherit rlimit information from parent process
- Allow nscd_t to read kernel sysctls
- Label /var/log/conman.d as conman_log_t
- Add dac_override capability to tor_t domain
- Allow certmonger_t to readwrite to user_tmp_t dirs
- Allow abrt_upload_watch_t domain to read general certs
- Allow chornyd_t read phc2sys_t shared memory
- Add several allow rules for pesign policy:
- Add setgid and setuid capabilities to mysqlfd_safe_t domain
- Add tomcat_can_network_connect_db boolean
- Update virt_use_sanlock() boolean to read sanlock state
- Add sanlock_read_state() interface
- Allow zoneminder_t to getattr of fs_t
- Allow rhsmcertd_t domain to send signull to postgresql_t domain
- Add log file type to collectd and allow corresponding access
- Allow policykit_t domain to dbus chat with dhcpc_t
- Adding new boolean keepalived_connect_any()
- Allow amanda to create own amanda_tmpfs_t files
- Allow gdomap_t domain to connect to qdomap_port_t
- Merge pull request #56 from lslebodn/selinux_child
- Merge pull request #58 from milosmalik/fb-dictd-dbus
- Merge pull request #59 from milosmalik/fb-ntop-service
- /usr/libexec/bluetooth/obexd should have only obexd_exec_t instead of bluetoothd_exec_t type
- Allow ntop_t domain to create/map various sockets/files.
- Enable the dictd to communicate via D-bus.
- Allow inetd_child process to chat via dbus with abrt
- Allow zabbix_agent_t domain to connect to redis_port_t
- Allow rhsmcertd_t domain to read xenfs_t files
- Allow zabbix_agent_t to run zabbix scripts
- Fix openvswith SELinux module
- Fix wrong path in tlp context file BZ(1586329)
- Update brltty SELinux module
- Allow rabbitmq_t domain to create own tmp files/dirs
- Allow policykit_t mmap policykit_auth_exec_t files
- Allow ipmievd_t domain to read general certs
- Add sys_ptrace capability to pcp_pmie_t domain
- Allow squid domain to exec ldconfig
- Update gpg SELinux policy module
- Allow mailman_domain to read system network state
- Allow openvswitch_t domain to read neutron state and read/write fixed disk devices
- Allow antivirus_domain to read all domain system state
- Allow targetd_t domain to red gconf_home_t files/dirs
- Label /usr/libexec/bluetooth/obexd as obexd_exec_t
- Add interface nagios_unconfined_signull()
- Fix typos in zabbix.te file
- Add missing requires
- Allow tomcat domain sends email
- Fix typo in sge policy
- Allow certmonger to sends emails
- Allow tomcat_t do mmap tomcat_tmp_t files
- Improve sge_rw_tcp_sockets interface
- Adding new interface: sge_rw_tcp_sockets()
- Update sge_execd_t domain with few rules
- Add new zabbix_run_sudo boolean
- Allow traceroute_t domain to exec bin_t binaries
- Allow systemd_passwd_agent_t domain to list sysfs Allow systemd_passwd_agent_t domain to dac_override
- Add new interface dev_map_sysfs()
- Allow sshd_keygen_t to execute plymouthd
- Allow systemd_networkd_t create and relabel tun sockets
- Add new interface postgresql_signull()
- Merge pull request #214 from wrabcak/fb-dhcpc
- Allow dhcpc_t creating own socket files inside /var/run/ Allow dhcpc_t creating netlink_kobject_uevent_socket, netlink_generic_socket, rawip_socket BZ(1585971)
- Allow confined users get AFS tokens
- Allow sysadm_t domain to chat via dbus
- Associate sysctl_kernel_t type with filesystem attribute
- Allow syslogd_t domain to send signull to nagios_unconfined_plugin_t
- Fix typo in netutils.te file
- Update traceroute_t domain to allow create dccp sockets
- Update ssh_keysign policy
- Allow sshd_t domain to read/write sge tcp sockets
* Wed Jun 6 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-32
- Add dac_override capability to sendmail_t domain
* Wed Jun 6 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-31
- Fix typo in authconfig policy
- Update ctdb domain to support gNFS setup
- Allow authconfig_t dbus chat with policykit
- Allow lircd_t domain to read system state
- Revert "Allow fsdaemon_t do send emails BZ(1582701)"
- Typo in uuidd policy
- Allow tangd_t domain read certs
- Allow vpnc_t domain to read configfs_t files/dirs BZ(1583107)
- Allow vpnc_t domain to read generic certs BZ(1583100)
- Label /var/lib/phpMyAdmin directory as httpd_sys_rw_content_t BZ(1584811)
- Allow NetworkManager_ssh_t domain to be system dbud client
- Allow virt_qemu_ga_t read utmp
- Add capability dac_override to system_mail_t domain
- Update uuidd policy to reflect last changes from base branch
- Add cap dac_override to procmail_t domain
- Allow sendmail to mmap etc_aliases_t files BZ(1578569)
- Add new interface dbus_read_pid_sock_files()
- Allow mpd_t domain read config_home files if mpd_enable_homedirs boolean will be enabled
- Allow fsdaemon_t do send emails BZ(1582701)
- Allow firewalld_t domain to request kernel module BZ(1573501)
- Allow chronyd_t domain to send send msg via dgram socket BZ(1584757)
- Add sys_admin capability to fprint_t SELinux domain
- Allow cyrus_t domain to create own files under /var/run BZ(1582885)
- Allow cachefiles_kernel_t domain to have capability dac_override
- Update policy for ypserv_t domain
- Allow zebra_t domain to bind on tcp/udp ports labeled as qpasa_agent_port_t
- Allow cyrus to have dac_override capability
- Dontaudit action when abrt-hook-ccpp is writing to nscd sockets
- Fix homedir polyinstantion under mls
- Fixed typo in init.if file
- Allow systemd to remove generic tmpt files BZ(1583144)
- Update init_named_socket_activation() interface to also allow systemd create objects in /var/run with proper label during socket activation
- Allow systemd-networkd and systemd-resolved services read system-dbusd socket BZ(1579075)
- Fix typo in authlogin SELinux security module
- Allod nsswitch_domain attribute to be system dbusd client BZ(1584632)
- Allow audisp_t domain to mmap audisp_exec_t binary
- Update ssh_domtrans_keygen interface to allow mmap ssh_keygen_exec_t binary file
- Label tcp/udp ports 2612 as qpasa_agetn_port_t
* Sat May 26 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-30
- Add dac_override to exim policy BZ(1574303)
- Fix typo in conntrackd.fc file
- Allow sssd_t to kill sssd_selinux_manager_t
- Allow httpd_sys_script_t to connect to mongodb_port_t if boolean httpd_can_network_connect_db is turned on
- Allow chronyc_t to redirect ourput to /var/lib /var/log and /tmp
- Allow policykit_auth_t to read udev db files BZ(1574419)
- Allow varnishd_t do be dbus client BZ(1582251)
- Allow cyrus_t domain to mmap own pid files BZ(1582183)
- Allow user_mail_t domain to mmap etc_aliases_t files
- Allow gkeyringd domains to run ssh agents
- Allow gpg_pinentry_t domain read ssh state
- Allow gpg_agent_t to send msgs to syslog/journal
- Add dac_override capability to dovecot_t domain
- Allow nscd_t domain to mmap system_db_t files
- Allow tangd_t domain to create tcp sockets and add new interface tangd_read_db_files
- Allow sysadm_u use xdm
- Allow xdm_t domain to listen ofor unix dgram sockets BZ(1581495)
- Add interface ssh_read_state()
- Fix typo in sysnetwork.if file
- Update dev_map_xserver_misc interface to allo mmaping char devices instead of files
- Allow noatsecure permission for all domain transitions from systemd.
- Allow systemd to read tangd db files
- Fix typo in ssh.if file
- Allow xdm_t domain to mmap xserver_misc_device_t files
* Thu May 24 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-29
- Fixed typos in devices.if file
* Thu May 24 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-28
- Allow mailman_mail_t domain to search for apache configs
- Allow mailman_cgi_t domain to ioctl an httpd with a unix domain stream sockets.
- Improve procmail_domtrans() to allow mmaping procmail_exec_t
- Allow ptrace arbitrary processes
- Allow jabberd_router_t domain read kerberos keytabs BZ(1573945)
- Allow certmonger to geattr of filesystems BZ(1578755)
- Allow hypervvssd_t domain to read fixed disk devices
- Allow several domains to manage ecryptfs_t filesystem
- Allow userdom_use_user_ttys for loadkeys_t domain
- Add dac_override capability to cachefiles_kernel_t domain
- Allow blueman to execute ldconfig BZ(1577581)
- Allow gpg_pinentry_t domain to read state of gpg_t processes
- Allow xdm_t domain to mmap xserver_misc_device_t files
- Allow xdm_t domain to execute systemd-coredump binary
- Add bridge_socket, dccp_socket, ib_socket and mpls_socket to socket_class_set
- Improve modutils_domtrans_insmod() interface to mmap insmod_exec_t binaries
- Improve iptables_domtrans() interface to allow mmaping iptables_exec_t binary
- Improve auth_domtrans_login_programinterface to allow also mmap login_exec_t binaries
- Improve auth_domtrans_chk_passwd() interface to allow also mmaping chkpwd_exec_t binaries.
- Allow mmap dhcpc_exec_t binaries in sysnet_domtrans_dhcpc interface
- Improve running xorg with proper SELinux domain even if systemd security feature NoNewPrivileges is used
- Associate sysctl_vm_overcommit_t with fs_t
- Allow systemd creating bluetooth sockets
- Allow ssh client to read network sysctl BZ(1574170)
- Allow systemd_resolved_t and systemd_networkd_t to read dbus pid files
* Tue May 22 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-27
- Increase dependency versions of policycoreutils and checkpolicy packages
* Mon May 21 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-26
- Disable secure mode environment cleansing for dirsrv_t
- Allow udev execute /usr/libexec/gdm-disable-wayland in xdm_t domain which allows create /run/gdm/custom.conf with proper xdm_var_run_t label.
* Mon May 21 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-25
- Add dac_override capability to remote_login_t domain
- Allow chrome_sandbox_t to mmap tmp files
- Update ulogd SELinux security policy
- Allow rhsmcertd_t domain send signull to apache processes
- Allow systemd socket activation for modemmanager
- Allow geoclue to dbus chat with systemd
- Fix file contexts on conntrackd policy
- Temporary fix for varnish and apache adding capability for DAC_OVERRIDE
- Allow lsmd_plugin_t domain to getattr lsm_t unix stream sockets
- Add label for /usr/sbin/pacemaker-remoted to have cluster_exec_t
- Allow nscd_t domain to be system dbusd client
- Allow abrt_t domain to read sysctl
- Add dac_read_search capability for tangd
- Allow systemd socket activation for rshd domain
- Add label for /usr/libexec/cyrus-imapd/master as cyrus_exec_t to have proper SELinux domain transition from init_t to cyrus_t
- Allow kdump_t domain to map /boot files
- Allow conntrackd_t domain to send msgs to syslog
- Label /usr/sbin/nhrpd and /usr/sbin/pimd binaries as zebra_exec_t
- Allow swnserve_t domain to stream connect to sasl domain
- Allow smbcontrol_t to create dirs with samba_var_t label
- Remove execstack,execmem and execheap from domains setroubleshootd_t, locate_t and podsleuth_t to increase security. BZ(1579760)
- Allow tangd to read public sssd files BZ(1509054)
- Allow geoclue start with nnp systemd security feature with proper SELinux Domain transition BZ(1575212)
- Allow ctdb_t domain modify ctdb_exec_t files
- Allow firewalld_t domain to create netlink_netfilter sockets
- Allow radiusd_t domain to read network sysctls
- Allow pegasus_t domain to mount tracefs_t filesystem
- Allow psad_t domain to read all domains state
- Allow tomcat_t domain to connect to mongod_t tcp port
- Allow dovecot and postfix to connect to systemd stream sockets
- Make nmbd_t domain dbus system client BZ(1569856)
- Merge pull request #55 from SISheogorath/fix/tlp-policy
- Merge pull request #54 from tmzullinger/rawhide
- Allow also listing system_dbusd_var_run_t dirs in dbusd_read_pid_files macro BZ(1566168)
- Allow gssproxy_t domain to read gssd_t state BZ(1572945)
- Allow create systemd to mount pid files
- Add files_map_boot_files() interface
- Remove execstack,execmem and execheap from domain fsadm_t to increase security. BZ(1579760)
- Fix typo xserver SELinux module
- Allow systemd to mmap files with var_log_t label
- Allow x_userdomains read/write to xserver session
- Allow users staff and sysadm to run wireshark on own domain
- Fix typos s/xserver/xdm/ for allow creating xserver misc devices
- Allow systemd-bootchart to create own tmpfs files
- Merge pull request #213 from tmzullinger/rawhide
- Allow xdm_t domain to install Nouveau drivers BZ(1570996)
- Allow unconfined_domain_type to create libs filetrans named content BZ(1513806)
* Sat Apr 28 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-24
- Allow unconfined_domain_type to create libs filetrans named content BZ(1513806)
* Fri Apr 27 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-23
- Allow dnssec_trigger_t domain to read system network state BZ(1570205)
- Add dac_override capability to mailman_mail_t domain
- Add dac_override capability to radvd_t domain
- Update openvswitch policy
- Add dac_override capability to oddjob_homedir_t domain
- Allow slapd_t domain to mmap slapd_var_run_t files
- Rename tang policy to tangd
- Allow virtd_t domain to relabel virt_var_lib_t files
- Allow logrotate_t domain to stop services via systemd
- Add tang policy
- Allow mozilla_plugin_t to create mozilla.pdf file in user homedir with label mozilla_home_t
- Allow snapperd_t daemon to create unlabeled dirs.
- Make httpd_var_run_t mountpoint
- Allow hsqldb_t domain to mmap own temp files
- We have inconsistency in cgi templates with upstream, we use _content_t, but refpolicy use httpd__content_t. Created aliasses to make it consistence
- Allow Openvswitch adding netdev bridge ovs 2.7.2.10 FDP
- Add new Boolean tomcat_use_execmem
- Allow nfsd_t domain to read/write sysctl fs files
- Allow conman to read system state
- Allow brltty_t domain to be dbusd system client
- Allow zebra_t domain to bind on babel udp port
- Allow freeipmi domain to read sysfs_t files
- Allow targetd_t domain mmap lvm config files
- Allow abrt_t domain to manage kdump crash files
- gnome_data_filetrans macro should be in optional block
- Allow netutils_t domain to create bluetooth sockets
- Allow traceroute to bind on generic sctp node
- Allow traceroute to search network sysctls
- Allow systemd to use virtio console
- Label /dev/op_panel and /dev/opal-prd as opal_device_t
- Label /run/ebtables.lock as iptables_var_run_t
- Allow udev_t domain to manage udev_rules_t char files.
- Assign babel_port_t label to udp port 6696
- Add new interface lvm_map_config
- Merge pull request #212 from stlaz/patch-1
- Allow local_login_t reads of udev_var_run_t context
* Wed Apr 18 2018 Lukas Vrabec <lvrabec(a)redhat.com> - 3.14.1-22
- Allow networkmanager domain to write to ecryptfs_t files BZ(1566706)
- Allow l2tpd domain to stream connect to sssd BZ(1568160)
- Dontaudit abrt_t to write to lib_t dirs BZ(1566784)
- Allow NetworkManager_ssh_t domain transition to insmod_t BZ(1567630)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1594271 - SELinux is preventing cups-pdf from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1594271
[ 2 ] Bug #1594584 - SELinux is preventing lvm2-activation from 'map' accesses on the file /etc/lvm/lvm.conf.
https://bugzilla.redhat.com/show_bug.cgi?id=1594584
[ 3 ] Bug #1582812 - SELinux is preventing load_policy from 'append' accesses on the unix_stream_socket unix_stream_socket.
https://bugzilla.redhat.com/show_bug.cgi?id=1582812
[ 4 ] Bug #1562818 - SELinux is preventing colord from 'getattr' accesses on the file /home/joselopez/.local/share/icc/edid-2c9488b2554b3ed4515286be48e867af.icc.
https://bugzilla.redhat.com/show_bug.cgi?id=1562818
[ 5 ] Bug #1584167 - SELinux prevents sshd from reading the file /run/cockpit/active.motd
https://bugzilla.redhat.com/show_bug.cgi?id=1584167
[ 6 ] Bug #1594018 - SELinux is preventing upowerd from 'add_name' accesses on the diret��rio history-rate-DELL_7P3X953I-43-06BF.dat.JNBWKZ.
https://bugzilla.redhat.com/show_bug.cgi?id=1594018
[ 7 ] Bug #1596443 - SELinux is preventing multiqueue0:src from 'read' accesses on the file mmap_min_addr.
https://bugzilla.redhat.com/show_bug.cgi?id=1596443
[ 8 ] Bug #1589534 - SELinux is preventing charon-nm from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1589534
[ 9 ] Bug #1594541 - SELinux is preventing dotlockfile from 'link' accesses on the archivo .lk012504ANTRO-XPRMNT.
https://bugzilla.redhat.com/show_bug.cgi?id=1594541
[ 10 ] Bug #1553761 - SELinux is preventing gsd-smartcard from 'map' accesses on the file /etc/pki/ca-trust/source/README.
https://bugzilla.redhat.com/show_bug.cgi?id=1553761
[ 11 ] Bug #1592223 - SELinux is preventing bluetoothd from 'listen' accesses on the bluetooth_socket Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1592223
[ 12 ] Bug #1594590 - SELinux is preventing rm from 'unlink' accesses on the archivo .deliver_lock.
https://bugzilla.redhat.com/show_bug.cgi?id=1594590
[ 13 ] Bug #1593496 - SELinux is preventing upowerd from 'write' accesses on the directory /var/lib/upower.
https://bugzilla.redhat.com/show_bug.cgi?id=1593496
[ 14 ] Bug #1585971 - SELinux is preventing dhcpcd from 'create' accesses on the netlink_generic_socket Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1585971
[ 15 ] Bug #1590830 - collectd write_prometheus plugin fails to start due to SELinux restrictions
https://bugzilla.redhat.com/show_bug.cgi?id=1590830
[ 16 ] Bug #1592083 - SELinux is preventing touch from 'create' accesses on the archivo mail.
https://bugzilla.redhat.com/show_bug.cgi?id=1592083
[ 17 ] Bug #1585358 - SELinux is preventing mpd from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1585358
[ 18 ] Bug #1586329 - SELinux is preventing iw from 'write' accesses on the file /run/tlp/lock_tlp.
https://bugzilla.redhat.com/show_bug.cgi?id=1586329
[ 19 ] Bug #1590686 - SELinux is preventing fprintd from 'read' accesses on the directory tmp.
https://bugzilla.redhat.com/show_bug.cgi?id=1590686
[ 20 ] Bug #1592108 - SELinux is preventing (fprintd) from 'read' accesses on the directory /var/lib/fprint.
https://bugzilla.redhat.com/show_bug.cgi?id=1592108
[ 21 ] Bug #1592640 - SELinux is preventing colord from 'map' accesses on the arquivo /home/robinson/.local/share/icc/edid-250f1a28fe7af6f8910c63034b4f9bb3.icc.
https://bugzilla.redhat.com/show_bug.cgi?id=1592640
[ 22 ] Bug #1596941 - SELinux is preventing cockpit-ssh from 'read' accesses on the file unix.
https://bugzilla.redhat.com/show_bug.cgi?id=1596941
[ 23 ] Bug #1594221 - conntrackd can't start due to selinux
https://bugzilla.redhat.com/show_bug.cgi?id=1594221
[ 24 ] Bug #1589339 - SELinux prevents p11_child from write permissions
https://bugzilla.redhat.com/show_bug.cgi?id=1589339
[ 25 ] Bug #1594585 - SELinux is preventing (upowerd) from 'mounton' accesses on the directory /var/lib/upower.
https://bugzilla.redhat.com/show_bug.cgi?id=1594585
[ 26 ] Bug #1578872 - SELinux is preventing dovecot from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1578872
[ 27 ] Bug #1593808 - SELinux is preventing statusjson.cgi from 'map' accesses on the file /etc/nagios/cgi.cfg.
https://bugzilla.redhat.com/show_bug.cgi?id=1593808
[ 28 ] Bug #1584185 - nfs mount with krb5 fails when selinux is enforcing
https://bugzilla.redhat.com/show_bug.cgi?id=1584185
[ 29 ] Bug #1588206 - SELinux is preventing abrt-action-gen from 'map' accesses on the file /home/fedora/.dropbox-dist/dropbox-lnx.x86_64-50.3.69/_functools.so.
https://bugzilla.redhat.com/show_bug.cgi?id=1588206
[ 30 ] Bug #1575234 - SELinux is preventing gssproxy from 'getattr' accesses on the file /usr/sbin/rpc.gssd.
https://bugzilla.redhat.com/show_bug.cgi?id=1575234
[ 31 ] Bug #1585443 - SELinux is preventing 6F75747075743A4D792050756C7365 from 'map' accesses on the file 2F6D656D66643A70756C7365617564696F202864656C6574656429.
https://bugzilla.redhat.com/show_bug.cgi?id=1585443
[ 32 ] Bug #1596482 - SELinux is preventing pmdaproc from 'sys_ptrace' accesses on the cap_userns Unknown.
https://bugzilla.redhat.com/show_bug.cgi?id=1596482
[ 33 ] Bug #1595889 - SELinux is preventing upowerd from 'read' accesses on the file /var/lib/upower/history-time-empty-DELL_GR5D371-71-47253.dat.
https://bugzilla.redhat.com/show_bug.cgi?id=1595889
[ 34 ] Bug #1589483 - SELinux is preventing nm-l2tp-service from using the 'signull' accesses on a process.
https://bugzilla.redhat.com/show_bug.cgi?id=1589483
[ 35 ] Bug #1594012 - SELinux is preventing sendmail from 'getattr' accesses on the archivo /root/.esmtp_queue/livIOS8d/mail.
https://bugzilla.redhat.com/show_bug.cgi?id=1594012
[ 36 ] Bug #1595458 - Lots of SELinux denials for sssd_selinux_manager_t
https://bugzilla.redhat.com/show_bug.cgi?id=1595458
[ 37 ] Bug #1575369 - Conntrackd does not start up due to selinux policy
https://bugzilla.redhat.com/show_bug.cgi?id=1575369
[ 38 ] Bug #1590476 - SELinux is preventing init_t from sending dbus command to oddjob
https://bugzilla.redhat.com/show_bug.cgi?id=1590476
[ 39 ] Bug #1590446 - selinux-policy blocks motion access to v4l camera
https://bugzilla.redhat.com/show_bug.cgi?id=1590446
[ 40 ] Bug #1592555 - Zoneminder policy in SELinux still prevents Zoneminder from working
https://bugzilla.redhat.com/show_bug.cgi?id=1592555
[ 41 ] Bug #1594554 - SELinux is preventing upowerd from 'open' accesses on the chr_file /dev/input/event0.
https://bugzilla.redhat.com/show_bug.cgi?id=1594554
[ 42 ] Bug #1418463 - selinux policy will not allow tigervnc-server to start
https://bugzilla.redhat.com/show_bug.cgi?id=1418463
[ 43 ] Bug #1590627 - SELinux is preventing xplayer-video-t from using the 'dac_read_search' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1590627
[ 44 ] Bug #1591729 - cgit not able to access gitolite3 repositories (selinux)
https://bugzilla.redhat.com/show_bug.cgi?id=1591729
[ 45 ] Bug #1596362 - SELinux is preventing sendmail from 'read' accesses on the carpeta .esmtp_queue.
https://bugzilla.redhat.com/show_bug.cgi?id=1596362
[ 46 ] Bug #1588726 - SELinux is preventing systemd-machine from 'sendto' accesses on the unix_dgram_socket /run/systemd/journal/socket.
https://bugzilla.redhat.com/show_bug.cgi?id=1588726
[ 47 ] Bug #1589337 - SELinux denial - dbus / libvirt
https://bugzilla.redhat.com/show_bug.cgi?id=1589337
[ 48 ] Bug #1592084 - SELinux is preventing gdk-pixbuf-thum from using the 'dac_override' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1592084
[ 49 ] Bug #1592085 - SELinux is preventing gdk-pixbuf-thum from using the 'dac_read_search' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1592085
[ 50 ] Bug #1592145 - SELinux is preventing qemu-ga from 'read' accesses on the file dev.
https://bugzilla.redhat.com/show_bug.cgi?id=1592145
[ 51 ] Bug #1562382 - SELinux is preventing tlp from 'write' accesses on the Datei lock_tlp.
https://bugzilla.redhat.com/show_bug.cgi?id=1562382
[ 52 ] Bug #1594395 - SELinux is preventing NetworkManager from 'getattr' accesses on the file /var/lib/expressvpn/resolv.conf.
https://bugzilla.redhat.com/show_bug.cgi?id=1594395
[ 53 ] Bug #1605058 - SELinux is preventing openct-control from 'map' accesses on the file /run/openct/status.
https://bugzilla.redhat.com/show_bug.cgi?id=1605058
[ 54 ] Bug #1599001 - SELinux is preventing df from 'getattr' accesses on the filesystem /.
https://bugzilla.redhat.com/show_bug.cgi?id=1599001
[ 55 ] Bug #1594598 - SELinux is preventing qemu-system-aar from 'search' accesses on the directory 1178.
https://bugzilla.redhat.com/show_bug.cgi?id=1594598
[ 56 ] Bug #1608282 - SELinux is preventing java from search access on the directory /sys/fs/cgroup
https://bugzilla.redhat.com/show_bug.cgi?id=1608282
[ 57 ] Bug #1584892 - SELinux is preventing abrt-action-gen from 'map' accesses on the �������� /home/mastaiza/.local/share/torbrowser/tbb/x86_64/tor-browser_ru/Browser/libplds4.so.
https://bugzilla.redhat.com/show_bug.cgi?id=1584892
[ 58 ] Bug #1607048 - SELinux is preventing mktemp from 'write' accesses on the directory .esmtp_queue.
https://bugzilla.redhat.com/show_bug.cgi?id=1607048
[ 59 ] Bug #1598958 - Mailman AVCs on F28
https://bugzilla.redhat.com/show_bug.cgi?id=1598958
[ 60 ] Bug #1607460 - SELinux is preventing ldconfig from 'map' accesses on the Datei /usr/lib64/liblvm2cmd.so.2.02.
https://bugzilla.redhat.com/show_bug.cgi?id=1607460
[ 61 ] Bug #1600552 - SELinux is preventing winbindd from 'name_connect' accesses on the tcp_socket port 49261.
https://bugzilla.redhat.com/show_bug.cgi?id=1600552
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-1050fb248b' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months
Fedora 28 Update: file-roller-3.28.1-1.fc28
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2018-0a097ca765
2018-07-29 03:19:11.836698
--------------------------------------------------------------------------------
Name : file-roller
Product : Fedora 28
Version : 3.28.1
Release : 1.fc28
URL : https://wiki.gnome.org/Apps/FileRoller
Summary : Tool for viewing and creating archives
Description :
File Roller is an application for creating and viewing archives files,
such as tar or zip files.
--------------------------------------------------------------------------------
Update Information:
file-roller 3.28.1 release. * Keep "create" button disabled until a file name
is entered (#789766) * Translation updates
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 25 2018 Kalev Lember <klember(a)redhat.com> - 3.28.1-1
- Update to 3.28.1
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-0a097ca765' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 10 months