Fedora 14 Update: selinux-policy-3.9.7-7.fc14
updates at fedoraproject.org
updates at fedoraproject.org
Mon Nov 1 20:51:31 UTC 2010
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-16935
2010-10-29 20:04:01
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 14
Version : 3.9.7
Release : 7.fc14
URL : http://oss.tresys.com/repos/refpolicy/
Summary : SELinux policy configuration
Description :
SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
ChangeLog:
* Thu Oct 28 2010 Dan Walsh <dwalsh at redhat.com> 3.9.7-7
- Dontaudit sandbox sending sigkill to all user domains
- Add policy for rssh_chroot_helper
- Add missing flask definitions
- Allow udev to relabelto removable_t
- Fix label on /var/log/wicd.log
- Transition to initrc_t from init when executing bin_t
- Add audit_access permissions to file
- Make removable_t a device_node
- Fix label on /lib/systemd/*
* Fri Oct 22 2010 Dan Walsh <dwalsh at redhat.com> 3.9.7-6
- Fixes for systemd to manage /var/run
- Dontaudit leaks by firstboot
* Tue Oct 19 2010 Dan Walsh <dwalsh at redhat.com> 3.9.7-5
- Allow chome to create netlink_route_socket
- Add additional MATHLAB file context
- Define nsplugin as an application_domain
- Dontaudit sending signals from sandboxed domains to other domains
- systemd requires init to build /tmp /var/auth and /var/lock dirs
- mount wants to read devicekit_power /proc/ entries
- mpd wants to connect to soundd port
- Openoffice causes a setattr on a lib_t file for normal users, add dontaudit
- Treat lib_t and textrel_shlib_t directories the same
- Allow mount read access on virtual images
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #644036 - SELinux is preventing /usr/bin/mpd "name_connect" access .
https://bugzilla.redhat.com/show_bug.cgi?id=644036
[ 2 ] Bug #644130 - SELinux is preventing /usr/local/MATLAB/R2010b/bin/glnx86/MATLAB from making the program stack executable.
https://bugzilla.redhat.com/show_bug.cgi?id=644130
[ 3 ] Bug #644274 - O SELinux está impedindo o acesso a /bin/mount "read" on sr0
https://bugzilla.redhat.com/show_bug.cgi?id=644274
[ 4 ] Bug #643617 - SELinux is preventing /usr/lib/chromium-browser/chromium-browser "create" access .
https://bugzilla.redhat.com/show_bug.cgi?id=643617
[ 5 ] Bug #645885 - SELinux is preventing /usr/sbin/nrpe "read" access on nrpe.cfg.
https://bugzilla.redhat.com/show_bug.cgi?id=645885
[ 6 ] Bug #646192 - SELinux empêche l'accès en « relabelto » à /usr/bin/chcon on
https://bugzilla.redhat.com/show_bug.cgi?id=646192
[ 7 ] Bug #646206 - SELinux empêche l'accès en « mounton » à /lib/udev/ipod-set-info on /var/run/libgpod/ipodRl
https://bugzilla.redhat.com/show_bug.cgi?id=646206
[ 8 ] Bug #644439 - SELinux is preventing /usr/bin/pulseaudio "getattr" access on /usr/share/alsa/alsa.conf.
https://bugzilla.redhat.com/show_bug.cgi?id=644439
[ 9 ] Bug #646437 - Fail to login to desktop after preupgrading to F14 from F12
https://bugzilla.redhat.com/show_bug.cgi?id=646437
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update selinux-policy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list