Fedora 9 Update: selinux-policy-3.3.1-74.fc9

updates at fedoraproject.org updates at fedoraproject.org
Fri Jul 4 03:40:05 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-5973
2008-07-04 02:08:36
--------------------------------------------------------------------------------

Name        : selinux-policy
Product     : Fedora 9
Version     : 3.3.1
Release     : 74.fc9
URL         : http://serefpolicy.sourceforge.net
Summary     : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2624.

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul  1 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-74
- Make virtd an unconfined domain
* Sun Jun 29 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-73
- Allow exim to use system_cron pipes
- Allow gdm to read rpm database
- Allow nsplugin to read mplayer config files
- Allow login programs to write to /var/run/pam directory (Encrypted directories)
- Fixes for courier domain
- Add courier domain to mls policy
* Mon Jun 23 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-72
- Fix file context of real player
* Mon Jun 23 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-71
- Allow system_mail_t to exec other mail clients
- Label mogrel_rails as an apache server
* Mon Jun 23 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-70
- Apply unconfined_execmem_exec_t to haskell programs
* Sun Jun 22 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-69
- Fix prelude file context
* Sun Jun 22 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-68
- Allow virt to getsched and setsched on qemu 
- Allow networkmanager to getattr on fixed disk
* Wed Jun  4 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-66
- Add slattach policy for eparis testing
* Mon Jun  2 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-65
- Allow bootloader to run mount in the users role
* Mon Jun  2 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-64
- Allow policykit_resolve to ptrace all levels
* Fri May 30 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-63
- Allow policykit_resolve to ptrace user processes
* Fri May 30 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-61
- Allow policykit_resolve to read users process table
* Thu May 29 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-60
- Allow policykit_resolve to read polkit_var_lib
- Other policykit fixes
* Thu May 29 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-59
- Allow oddjob to change roles
* Thu May 29 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-58
- Allow policykit_resolve to getattr hal
- Allow pyzor_t manage files user_pyzor_home_t
* Wed May 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-57
- Allow dhcpc sys_nice
- Allow handling of /var/run/video.rom
- Allow policykit_resolve to use dbus
* Wed May 21 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-56
- Fix vncserver transition to work properly in unconfined environment.
- Allow virsh to run
* Tue May 20 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-55
- More fixes for spamassassin
* Tue May 20 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-54
- Allow spamassassin_t to be run by system_r
* Mon May 19 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-53
- Add mono_exec to podsleuth
* Fri May 16 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-52
- Allow httpd_suexec_t to use cgi scripts in home dir
- Allow httpd_syexec_t to connect to mysql
- Allow sasl to communicate with kerberos rhost cache
- Fix vncserver to work again
- Allow procmail to ioctl spamasssin_exec_t
* Tue May 13 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-51
- Dontaudit dhcpc_t reading of domains state
* Mon May 12 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-50
- Add sys_nice for audispd
* Thu May  8 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-49
- Allow libvirtd sys_nice
- Fixes for policykit
- Allow dovecot getattr all filesystem directories
* Wed May  7 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-48
- Allow amanada to create data files
* Wed May  7 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-47
- Fix initial install, semanage setup
* Tue May  6 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-46
- Allow system_r for httpd_unconfined_script_t
* Wed Apr 30 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-45
- Remove dmesg boolean
- Allow user domains to read/write game data
* Mon Apr 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-44
- Change unconfined_t to transition to unconfined_mono_t when running mono
- Change XXX_mono_t to transition to XXX_t when executing bin_t files, so gnome-do will work
* Mon Apr 28 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-43
- Remove old booleans from targeted-booleans.conf file
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the package-announce mailing list