Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

policycoreutils-sandbox-2.6-5.3.8 RPM for s390x

From OpenSuSE Leap 15.3 for s390x

Name: policycoreutils-sandbox Distribution: SUSE Linux Enterprise 15
Version: 2.6 Vendor: SUSE LLC <>
Release: 5.3.8 Build date: Wed May 29 16:36:59 2019
Group: Productivity/Security Build host: s390zp35
Size: 29455 Source RPM: policycoreutils-2.6-5.3.8.src.rpm
Summary: SELinux sandbox utilities
The sandbox package contains the scripts to create graphical sandboxes.






* Wed Mar 27 2019
  - Add a Requires for policycoreutils-python to policycoreutils, so
    that the expected binaries are present (bsc#1130097)
  - Add Requires for python2-setools, python-enum34, python2-setuptools
    and python2-selinux to policycoreutils-python to ensure that it has
    all dependencies met
* Thu Mar 21 2019
  - Add Requires: for policycoreutils-python. policycoreutils-python
    contains binaries necessary for SELinux administration. Packaging
    is suboptimal here, it's already changed in newer versions. For
    now we we just require it to ensure users have the binaries they
    expect (bsc#1130097)
* Thu Apr 26 2018
  - SLE 15 doesn't have the necessary files for policycoreutils-gui,
    don't build it there
* Wed Apr 25 2018
  - Drop the requirement for selinux-policy for the gui tools.
* Tue Mar 27 2018
  - Drop SLE11 support, needs the audit that is not present on SLE11
  - Fix service link to actually work on current releases
  - Drop SUSE_ASNEEDED=0 as it seems to build fine without it
  - Do not depend on systemd, just systemd-rpm-macros
* Wed Mar 21 2018
  - Added CVE-2018-1063.patch to prevent chcon from following symlinks in
    /tmp, /var/tmp, /var/run and /var/lib/debug (bsc#1083624, CVE-2018-1063)
* Tue Mar 20 2018
  - Remove BuildRequires for libcgroup-devel (bsc#1085837)
* Thu Dec 21 2017
  - Removed BuildRequires for setools-devel and added new
    runtime requirement for python2-networkx
* Mon Nov 27 2017
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Fri Nov 24 2017
  - Update to policycoreutils version 2.6. Notable changes:
    * setfiles: reverse the sense of -D option
    * sandbox: Use dbus-run-session instead of dbus-launch when available
    * setfiles: Utility to find security.restorecon_last entries
    * setfiles: Add option to stop setting the digest
    * hll/pp: Change warning for module name not matching filename to match new behavior
    * sepolicy: convert to setools4
    * sandbox: create a new session for sandboxed processes
    * sandbox: do not try to setup directories without -X or -M
    * sandbox: do not run xmodmap in a new X session
    * sandbox: fix file labels on copied files
    * semanage: Fix semanage fcontext -D
    * semanage: Default serange to "s0" for port modify
    * semanage: Use socket.getprotobyname for protocol
    * semanage: Add auditing of changes in records
    * Improve compatibility with Python 3
    * Update sandbox types in sandbox manual
    * hll/pp: Warn if module name different than output filename
  - Update to sepolgen version 2.6. Notable changes:
    * Add support for TYPEBOUNDS statement in INTERFACE policy files
  - Dropped CVE-2016-7545_sandbox_escape.patch
* Mon Dec 19 2016
  - Added CVE-2016-7545_sandbox_escape.patch to fix CVE-2016-7545, bsc#1000998
    Sandboxed session could have escaped to the parent session
* Sat Jul 23 2016
  - Trim description in line with other selinux packages
* Thu Jul 14 2016
  - Changes submitted by MargueriteSu:
    Update to version 2.5
    * sepolicy: Do not overwrite CFLAGS, from Nicolas Iooss.
    * sepolicy: Rename policy global variable conflict, from Nicolas Iooss.
    * newrole: Add missing defined in #if, from Nicolas Iooss.
    * newrole: Add description of missing parameter -p in newrole man page, from Lukas Vrabec.
    * secon: Add missing descriptions for --*-key params in secon man page, from Lukas Vrabec
    * semanage: List reserve_port_t in semanage port -l, from Petr Lautrbach.
    * chcat: Add a fallback in case os.getlogin() returns nothing, from Laurent Bigonville.
    * semanage: fix 'semanage permissions -l' subcommand, from Petr Lautrbach.
    * semanage: replace string.join() with str.join(), from Petr Lautrbach.
    * Man page warning fixes, from Ville Skyttä.
    * sandbox: Fix sandbox to propagate specified MCS/MLS Security Level, from Miroslav Grepl.
    * semanage: Require at least one argument for 'semanage permissive -d', from Petr Lautrbach.
    * sepolicy: Improve sepolicy command line interface, from Petr Lautrbach.
    * audit2allow/why: ignore setlocale errors, from Petr Lautrbach.
    * semodule: Add --extract/-E, --cil/-c, and --hll/-H to extract modules, from Yuli Khodorkovskiy.
    * audit2allow: Comment constraint rules in output, from Miroslav Grepl via Petr Lautrbach.
    * Fix PEP8 issues, from Jason Zaman.
    * semanage: fix moduleRecords deleteall method, from Stephen Smalley.
    * Improve compatibility with Python 3, from Michal Srb.
    * semanage: Set self.sename to sename after calling semanage_seuser_set_sename(), from Laurent Bigonville.
    * semanage: Fix typo in semanage args for minimium policy store, from Petr Lautrbach.
    * sepolicy: Only invoke RPM on RPM-enabled Linux distributions, from Sven Vermeulen.
    * mcstransd: don't reinvent getpeercon, from Stephen Smalley.
    * setfiles/restorecon: fix -r/-R option, from Petr Lautrbach.
    * org.selinux.policy: Require auth_admin_keep for all actions, from Stephen Smalley.
    * hll: Move core functions of pp to libsepol, from James Carter
    * run_init: Use a ring buffer in open_init_pty, from Jason Zaman.
    * run_init: fix open_init_pty availability check, from Nicolas Iooss.
    * Widen Xen IOMEM context entries, from Daniel De Graaf.
    * Fix -Wformat errors with gcc-5.0.0, from Petr Lautrbach.
    * Fixed typo/grammatical error, from Christopher Peterson.
    * Fix typo in semanage-port man page, from Andrew Spiers.
    Update to version 2.4
    * Fix bugs found by hardened gcc flags, from Nicolas Iooss.
    * Improve support for building with different versions of python from
      Nicolas Iooss.
    * Ensure XDG_RUNTIME_DIR is passed through to the sandbox in seunshare,
      from Dan Walsh
    * Remove cgroups from sandbox, from Dan Walsh
    * Try to use setcurrent before setexec in seunshare, from Andy Lutomirski
    * Stop using the now deprecated flask.h and av_permissions.h, from Stephen Smalley
    * Add a store root path in semodule, from Yuli Khodorkovskiy
    * Add a flag to ignore cached CIL files and recompile HLL modules, from
      Yuli Khodorkovskiy
    * Add and install HLL compiler for policy packages to CIL. The compiler is
      installed in /var/libexec/selinux/hll/ by default, from Steve Lawrence
    * Fixes to pp compiler to better support roles and type attributes, from
      Yuli Khodorkovskiy
    * Deprecate base/upgrade/version in semodule. Calling these commands will
      now call --install on the backend, from Yuli Khodorkovskiy
    * Add ability to install modules with a specified priority, from Caleb
    * Use /tmp for permissive module creation, by Caleb Case
    * Update semanage to use new source policy infrastructure, from Jason Dana
    * Add RuntimeDirectory to mcstrans systemd unit file, from Laurent
* Wed Nov 05 2014
  - added Requires: python-yum, yum-metadata-parser to fix sepolicy



Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Feb 9 15:01:17 2024