1 |
commit: 5954c31f0b864c0f09d9917bdb2652da04b043c4 |
2 |
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> |
3 |
AuthorDate: Sat Feb 4 18:30:54 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 5 06:26:54 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5954c31f |
7 |
|
8 |
Update Changelog and VERSION for release. |
9 |
|
10 |
Changelog | 137 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
11 |
VERSION | 2 +- |
12 |
2 files changed, 138 insertions(+), 1 deletion(-) |
13 |
|
14 |
diff --git a/Changelog b/Changelog |
15 |
index d00f2cf..ba14a4a 100644 |
16 |
--- a/Changelog |
17 |
+++ b/Changelog |
18 |
@@ -1,3 +1,140 @@ |
19 |
+* Sat Feb 04 2017 Chris PeBenito <pebenito@××××.org> - 2.20170204 |
20 |
+Chris PeBenito (55): |
21 |
+ Module version bumps for patches from Guido Trentalancia. |
22 |
+ Update contrib. |
23 |
+ Remove unneeded system_u seusers mapping. |
24 |
+ Update contrib. |
25 |
+ Merge pull request #45 from cgzones/travis2 |
26 |
+ Merge pull request #46 from cgzones/update_readme |
27 |
+ Merge pull request #47 from cgzones/spelling |
28 |
+ Module version bump for xserver patch from Guido Trentalancia |
29 |
+ Update contrib. |
30 |
+ Merge pull request #50 from cgzones/macros |
31 |
+ Merge pull request #48 from cgzones/makefile |
32 |
+ xserver: Rearrange lines |
33 |
+ Module version bump for xserver changes from Guido Trentalancia. |
34 |
+ Merge branch 'dhcp_avahi' of https://github.com/cgzones/refpolicy |
35 |
+ Module version bumps for patches from cgzones. |
36 |
+ Update contrib. |
37 |
+ Merge branch 'syslogd' of git://github.com/cgzones/refpolicy |
38 |
+ Module version bump for journald fixes from cgzones. |
39 |
+ Merge pull request #57 from cgzones/trailing_whitespaces |
40 |
+ modutils: Move lines. |
41 |
+ Module version bumps for openoffice patches from Guido Trentalancia. |
42 |
+ Module version bump for kernel sysctl patch from Luis Ressel |
43 |
+ Update contrib. |
44 |
+ Module version bump for netutils patch from Luis Ressel. |
45 |
+ Module version bump for xserver patch from Guido Trentalancia. |
46 |
+ Module version bumps for patches from Guido Trentalancia. |
47 |
+ rtkit: enable dbus chat with xdm |
48 |
+ xserver: Move interface definition. |
49 |
+ Module version bump for patches from Guido Trentalancia. |
50 |
+ Module version bump for xscreensaver patch from Guido Trentalancia. |
51 |
+ Merge branch 'run_transition' of git://github.com/cgzones/refpolicy |
52 |
+ Module version bumps for /run fc changes from cgzones. |
53 |
+ Module version bump for patches from Guido Trentalancia. |
54 |
+ Merge branch '2016-12-27_systemd' of |
55 |
+ git://github.com/fishilico/selinux-refpolicy-patched |
56 |
+ Module version bump for systemd patch from Nicolas Iooss. |
57 |
+ Merge branch 'usr-fc' of |
58 |
+ git://github.com/fishilico/selinux-refpolicy-patched |
59 |
+ Module version bump for fc updates from Nicolas Iooss. |
60 |
+ Module version bump for patches from Guido Trentalancia. |
61 |
+ xserver: Update from Russell Coker for boinc. |
62 |
+ Module version bump for patches from Guido Trentalancia. |
63 |
+ Merge pull request #62 from cgzones/fix_permission_segenxml |
64 |
+ Merge pull request #94 from cgzones/travis |
65 |
+ Merge branch 'corenetork_module' of git://github.com/cgzones/refpolicy |
66 |
+ Merge branch 'mount_module' of git://github.com/cgzones/refpolicy |
67 |
+ Merge branch 'terminal_module' of git://github.com/cgzones/refpolicy |
68 |
+ Merge branch 'files_search_src' of git://github.com/cgzones/refpolicy |
69 |
+ Merge branch 'unconfined_module' of git://github.com/cgzones/refpolicy |
70 |
+ Merge branch 'auditd_fixes' of git://github.com/cgzones/refpolicy |
71 |
+ Module version bumps for patches from cgzones. |
72 |
+ Module version bump for cpu_online genfscon from Laurent Bigonville. |
73 |
+ Update contrib. |
74 |
+ Fix contrib. |
75 |
+ Module version bump for cups patch from Guido Trentalancia. |
76 |
+ Module version bump for xkb fix from Jason Zaman. |
77 |
+ Bump module versions for release. |
78 |
+ |
79 |
+Guido Trentalancia (19): |
80 |
+ xserver: remove unneeded user content permissions |
81 |
+ xserver: remove unneeded user content permissions |
82 |
+ Apache OpenOffice module (base policy part) |
83 |
+ xserver: enable dbus messaging with devicekit power |
84 |
+ authlogin: indentation/whitespace fix |
85 |
+ wm: update the window manager (wm) module and enable its role template |
86 |
+ (v7) |
87 |
+ userdomain: separate optional conditionals for gnome and wm role templates |
88 |
+ udev: manage tmpfs files and directories |
89 |
+ udev: always enable kernel module loading |
90 |
+ base: enable the xscreensaver role |
91 |
+ bootloader: stricter permissions and more tailored file contexts |
92 |
+ modutils: update to run in confined mode |
93 |
+ base: use new genhomedircon template for username |
94 |
+ kernel: missing permissions for confined execution |
95 |
+ xserver: introduce new fc and interface to manage X session logs |
96 |
+ kernel: add missing plymouth interface |
97 |
+ xserver: restrict executable memory permissions |
98 |
+ init: support sysvinit |
99 |
+ udev: execute HPLIP applications in their own domain |
100 |
+ |
101 |
+Guido Trentalancia via refpolicy (4): |
102 |
+ Let users read/manage symlinks on fs that do not support xattr |
103 |
+ Let unprivileged users list mounted filesystems |
104 |
+ Let the user list noxattr fs directories |
105 |
+ sysadm: add the shutdown role |
106 |
+ |
107 |
+Jason Zaman (1): |
108 |
+ xserver: allow X roles to read xkb libs to set keymaps |
109 |
+ |
110 |
+Laurent Bigonville (1): |
111 |
+ Use genfscon to label /sys/devices/system/cpu/online as cpu_online_t |
112 |
+ |
113 |
+Luis Ressel (3): |
114 |
+ system/modutils: Add kernel_search_key(kmod_t) |
115 |
+ kernel.if: Allow listing /proc/sys/net/unix |
116 |
+ netutils: Label iptstate as netutils_t |
117 |
+ |
118 |
+Nicolas Iooss (4): |
119 |
+ systemd: add systemd-backlight policy |
120 |
+ systemd: add systemd-binfmt policy |
121 |
+ Allow searching /proc/sys/fs when using /proc/sys/fs/binfmt_misc |
122 |
+ Add file contexts in /usr for /bin, /usr/sbin and /usr/lib |
123 |
+ |
124 |
+Russell Coker (1): |
125 |
+ single binary modutils |
126 |
+ |
127 |
+Stephen Smalley (2): |
128 |
+ refpolicy: Define extended_socket_class policy capability and socket |
129 |
+ classes |
130 |
+ refpolicy: drop unused socket security classes |
131 |
+ |
132 |
+cgzones (21): |
133 |
+ update .travis.yml |
134 |
+ update README |
135 |
+ fix spelling |
136 |
+ update Makefile |
137 |
+ update policy/support macros |
138 |
+ review |
139 |
+ keep 2 empty lines in front of a new section |
140 |
+ using intermediate target instead of splitting up conf files generation |
141 |
+ define filecontext for /run/agetty.reload |
142 |
+ allow dhcp_t to domtrans into avahi |
143 |
+ fix syslogd audits |
144 |
+ remove trailing whitespaces |
145 |
+ transition file contexts to /run |
146 |
+ fix permission of installed segenxml.py by install-headers |
147 |
+ auditd / auditctl: fix audits |
148 |
+ add files_search_src() |
149 |
+ update unconfined module * grant capability2:wake_alarm * remove |
150 |
+ deprecated interfaces |
151 |
+ update terminal module |
152 |
+ update corenetwork module |
153 |
+ use travis cache |
154 |
+ update mount module |
155 |
+ |
156 |
* Sun Oct 23 2016 Chris PeBenito <pebenito@××××.org> - 2.20161023 |
157 |
Chris PeBenito (94): |
158 |
Module version bump for systemd-user-sessions fc entry from Dominick Grift |
159 |
|
160 |
diff --git a/VERSION b/VERSION |
161 |
index f011019..395af8d 100644 |
162 |
--- a/VERSION |
163 |
+++ b/VERSION |
164 |
@@ -1 +1 @@ |
165 |
-2.20161023 |
166 |
+2.20170204 |