--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-892 2005-09-19 --------------------------------------------------------------------- Product : Fedora Core 4 Name : selinux-policy-strict Version : 1.25.4 Release : 10.1 Summary : SELinux strict policy configuration Description : Security-enhanced Linux is a patch of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. This package contains the SELinux example policy configuration along with the Flask configuration information and the application configuration files. --------------------------------------------------------------------- * Fri Sep 16 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.25.4-10.1 - Update to match targetd released policy * Sat Jun 25 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-17 - Bump for FC4 * Thu Jun 23 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-16 - Fix postgres to allow it to connect to auth - Change cyrus-imapd to write to /var/spool/imap - Add Russell patches * Mon Jun 20 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-15 - Fix pppd - Fix auditd * Sat Jun 18 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-14 - Add Russell's patch for net_contexts * Fri Jun 17 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-13 - Fix NetworkManager policy - Fix dovecot cert labeleing * Thu Jun 16 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-11 - Fix NetworkManager dhcpd communications - Fix hotplug * Thu Jun 16 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-9 - Update Ivan trusted/untrusted patch - add texrel_shlib_t to targeted * Wed Jun 15 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-7 - Fixed for new cups domain hplip * Mon Jun 13 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-6 - Further cleanup of user separation patches from Ivan * Fri Jun 10 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-5 - Further cleanup of user separation patches from Ivan * Thu Jun 9 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-4 - Add /etc/profile.d/selinux.sh /etc/profile.d/selinux.csh for strict - move ice_tmp_t definition for mls - More cleanup * Wed Jun 8 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-2 - Add alsa policy - Policy cleanup from Ivan * Mon Jun 6 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.18-1 - Upgrade from NSA * Merged minor fixes to pppd.fc and courier.te by Russell Coker. * Removed devfsd policy as suggested by Russell Coker. * Merged patch from Dan Walsh. Includes beginnings of Ivan Gyurdiev's Font Config policy. Don't transition to fsadm_t from unconfined_t (sysadm_t) in targeted policy. Add support for debugfs in modutil. Allow automount to create and delete directories in /root and /home dirs. Move can_ypbind to chkpwd_macro.te. Allow useradd to create additional files and types via the skell mechanism. Other minor cleanups and fixes. * Sat May 28 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.17-4 - Add evolution/thunderbird support for strict policy. Including break out of orbits, fonts, and gnome. All done by Ivan G. * Sat May 28 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.17-3 - Update policy, to remove crond_log_t - Fix selinuxenabled check * Thu May 26 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.17-2 - Fixes to cups/ptal - Change ifconfig scripts back to etc_t * Wed May 25 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.17-1 - Update from NSA * Merged minor fixes by Petre Rodan to the daemontools, dante, gpg, kerberos, and ucspi-tcp policies. * Merged minor fixes by Russell Coker to the bluetooth, crond, initrc, postfix, and udev policies. Modifies constraints so that newaliases can be run. Modifies types.fc so that objects in lost+found directories will not be relabled. * Modified fc rules for nvidia. * Added Chad Sellers policy for polyinstantiation support, which creates the polydir, polyparent, and polymember attributes. Also added the support_polyinstantiation tunable. * Merged patch from Dan Walsh. Includes mount_point attribute, read_font macros and some other policy fixes from Ivan Gyurdiev. Adds privkmsg and secadmfile attributes and ddcprobe policy. Removes the use_syslogng boolean. Many other minor fixes. * Wed May 25 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.16-8 - Fixes for amanda - Add debugfs for insmod - Fixes for automount - Fixes for useradd in strict policy * Tue May 24 2005 Dan Walsh <dwalsh@xxxxxxxxxx> 1.23.16-7 - Don't transition from sysadm_t to fsadm_t in targeted policy - Fix sysadm_crond_tmp_t to tmpfile in targeted - Allow kernel_t to read sysfs_t --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ 48d05ae861ec50ffa81aedab0f137041 SRPMS/selinux-policy-strict-1.25.4-10.1.src.rpm 29df346e2b440337f21c662c603e6ee4 x86_64/selinux-policy-strict-1.25.4-10.1.noarch.rpm eb2bde1461e2c58dbf4a5a0e1da40806 x86_64/selinux-policy-strict-sources-1.25.4-10.1.noarch.rpm 29df346e2b440337f21c662c603e6ee4 i386/selinux-policy-strict-1.25.4-10.1.noarch.rpm eb2bde1461e2c58dbf4a5a0e1da40806 i386/selinux-policy-strict-sources-1.25.4-10.1.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list
