-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-f30b2bffdc 2024-07-19 01:45:23.518925 -------------------------------------------------------------------------------- Name : selinux-policy Product : Fedora 40 Version : 40.24 Release : 1.fc40 URL : https://github.com/fedora-selinux/selinux-policy Summary : SELinux policy configuration Description : SELinux core policy package. Originally based off of reference policy, the policy has been adjusted to provide support for Fedora. -------------------------------------------------------------------------------- Update Information: New F40 selinux-policy build -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 17 2024 Zdenek Pytela <zpytela@xxxxxxxxxx> - 40.24-1 - Allow the staff user use wireshark - Allow locate stream connect to systemd-userdbd - Allow postfix-smtpd read mysql config files - Allow virtnetworkd exec shell when virt_hooks_unconfined is on - Allow systemd-networkd write files in /var/lib/systemd/network - Allow systemd-networkd list /var/lib/systemd/network - Allow abrt-dump-journal read all non_security socket files - Add support for libvirt hooks - Allow to create and delete socket files created by rhsm.service -------------------------------------------------------------------------------- References: [ 1 ] Bug #2255775 - SELinux is preventing smtpd from getattr access on the file /etc/my.cnf https://bugzilla.redhat.com/show_bug.cgi?id=2255775 [ 2 ] Bug #2276917 - SELinux denial for /etc/libvirt/hooks/network https://bugzilla.redhat.com/show_bug.cgi?id=2276917 [ 3 ] Bug #2291296 - wireshark segfaults when run by staff_u - fixable with booleans - perhaps policy can be modified? https://bugzilla.redhat.com/show_bug.cgi?id=2291296 [ 4 ] Bug #2292191 - 40.22-1.fc40 breaks cryptsetup action on startup: related denial logged during boot since update to 40.22-1 -> related device no longer mounted on boot https://bugzilla.redhat.com/show_bug.cgi?id=2292191 [ 5 ] Bug #2292253 - SELinux is preventing zram-generator from 'create' accesses on the lnk_file var-lib-mock.mount. https://bugzilla.redhat.com/show_bug.cgi?id=2292253 [ 6 ] Bug #2292627 - SELinux is preventing systemd-cryptse from 'search' accesses on the directory dev-mapper-luks\x2d41cf8d65\x2daf41\x2d4e50\x2db651\x2dd73a2ce3abea.device.d. https://bugzilla.redhat.com/show_bug.cgi?id=2292627 [ 7 ] Bug #2293467 - SELinux is preventing systemd-fstab-g from 'create' accesses on the file .#50-device-timeout.confa518dc821a64d188. https://bugzilla.redhat.com/show_bug.cgi?id=2293467 [ 8 ] Bug #2295175 - SELinux is preventing abrt-dump-journ from 'getattr' accesses on the sock_file /run/samba/winbindd/pipe. https://bugzilla.redhat.com/show_bug.cgi?id=2295175 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-f30b2bffdc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue