-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-70c63dd1e2 2022-08-20 01:43:50.147615 --------------------------------------------------------------------------------
Name : selinux-policy Product : Fedora 36 Version : 36.14 Release : 1.fc36 URL : https://github.com/fedora-selinux/selinux-policy Summary : SELinux policy configuration Description : SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora.
-------------------------------------------------------------------------------- Update Information:
New F36 selinux-policy build -------------------------------------------------------------------------------- ChangeLog:
* Thu Aug 11 2022 Zdenek Pytela zpytela@redhat.com - 36.14-1 - Allow nm-dispatcher custom plugin dbus chat with nm - Allow xdm read the kernel key ring - Allow login_userdomain check status of mount units - Allow nm-dispatcher sendmail plugin get status of systemd services - Allow sa-update to get init status and start systemd files - Allow launch-xenstored read filesystem sysctls - Allow openvswitch fsetid capability - Allow openvswitch use its private tmpfs files and dirs - Allow openvswitch search tracefs dirs - Allow services execute systemd-notify - Do not allow login_userdomain use sd_notify() - Allow some domains use sd_notify() - Allow pmdalinux read files on an nfsd filesystem - Allow fedora-third-party read the passwords file - Allow pmie read network state information and network sysctls - Allow sysadm_t to run bpftool on the userdomain attribute - Add the userdom_prog_run_bpf_userdomain() interface - Allow dhclient manage pid files used by chronyd -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1819017 - selinux preventing sa-update.cron (SpamAssassin Updater) from restarting SpamAssassin https://bugzilla.redhat.com/show_bug.cgi?id=1819017 [ 2 ] Bug #2093709 - SELinux is preventing dhclient-script from 'create' accesses on the file eth0.sources. https://bugzilla.redhat.com/show_bug.cgi?id=2093709 [ 3 ] Bug #2103487 - SELinux is preventing install from using the 'fsetid' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=2103487 [ 4 ] Bug #2111834 - avc: denied { status } for auid=1000 uid=1000 gid=1000 path="/proc/self/mountinfo" cmdline="/usr/bin/gnome-shell" function="mac_selinux_filter" https://bugzilla.redhat.com/show_bug.cgi?id=2111834 [ 5 ] Bug #2114498 - SELinux policy prevents xenstored from starting https://bugzilla.redhat.com/show_bug.cgi?id=2114498 [ 6 ] Bug #2116153 - SELinux is preventing pmdalinux from 'search' accesses on the directory /proc/fs/nfsd. https://bugzilla.redhat.com/show_bug.cgi?id=2116153 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-70c63dd1e2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------