Hello, A 3.2-rc2 release candidate for the SELinux userspace is now available at: https://github.com/SELinuxProject/selinux/wiki/Releases Please give it a test and let us know if there are any issues. If there are specific changes that you think should be called out in release notes for packagers and users in the final release announcement, let us know. Thanks to all the contributors to this release candidate! User-visible changes since 3.2-rc1 ---------------------------------- * Improved usability of `getseuser` * Fixed several issues in cil code found by OSS-FUZZ * `setfiles` doesn't abort on labeling errors * libsemanage tries to sync data to prevent empty files in SELinux module store Development-relevant changes since 3.2-rc1 ------------------------------------------ * `scripts/release` was improved to be more robust and release a source repository Packaging-relevant changes since 3.2-rc1 ---------------------------------------- * Source repository snapshot selinux-3.2-rc2.tar.gz is available on the release page Shortlog of changes since the 3.2-rc1 release ----------------------------------------------- Christian Göttsche (2): libselinux: accept const fromcon in get_context API libselinux: update getseuser James Carter (3): libsepol/cil: Update symtab nprim field when adding or removing datums libsepol/cil: Fix heap-use-after-free in __class_reset_perm_values() libsepol/cil: Fix heap-use-after-free when using optional blockinherit Nicolas Iooss (4): GitHub Actions: run SELinux testsuite in Fedora virtual machine libsepol/cil: fix memory leak when a constraint expression is too deep libsepol/cil: unlink blockinherit->block link when destroying a block scripts/release: make the script more robust, and release a source repository snapshot Petr Lautrbach (5): setfiles: Do not abort on labeling error setfiles: drop ABORT_ON_ERRORS and related code libsemanage: sync filesystem with sandbox policycoreutils/setfiles: Drop unused nerr variable Update VERSIONs to 3.2-rc2 for release. Vit Mojzis (1): python/sepolgen: allow any policy statement in if(n)def