| 1 |
commit: 5954c31f0b864c0f09d9917bdb2652da04b043c4 |
| 2 |
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> |
| 3 |
AuthorDate: Sat Feb 4 18:30:54 2017 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Feb 5 06:26:54 2017 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5954c31f |
| 7 |
|
| 8 |
Update Changelog and VERSION for release. |
| 9 |
|
| 10 |
Changelog | 137 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
| 11 |
VERSION | 2 +- |
| 12 |
2 files changed, 138 insertions(+), 1 deletion(-) |
| 13 |
|
| 14 |
diff --git a/Changelog b/Changelog |
| 15 |
index d00f2cf..ba14a4a 100644 |
| 16 |
--- a/Changelog |
| 17 |
+++ b/Changelog |
| 18 |
@@ -1,3 +1,140 @@ |
| 19 |
+* Sat Feb 04 2017 Chris PeBenito <pebenito@××××.org> - 2.20170204 |
| 20 |
+Chris PeBenito (55): |
| 21 |
+ Module version bumps for patches from Guido Trentalancia. |
| 22 |
+ Update contrib. |
| 23 |
+ Remove unneeded system_u seusers mapping. |
| 24 |
+ Update contrib. |
| 25 |
+ Merge pull request #45 from cgzones/travis2 |
| 26 |
+ Merge pull request #46 from cgzones/update_readme |
| 27 |
+ Merge pull request #47 from cgzones/spelling |
| 28 |
+ Module version bump for xserver patch from Guido Trentalancia |
| 29 |
+ Update contrib. |
| 30 |
+ Merge pull request #50 from cgzones/macros |
| 31 |
+ Merge pull request #48 from cgzones/makefile |
| 32 |
+ xserver: Rearrange lines |
| 33 |
+ Module version bump for xserver changes from Guido Trentalancia. |
| 34 |
+ Merge branch 'dhcp_avahi' of https://github.com/cgzones/refpolicy |
| 35 |
+ Module version bumps for patches from cgzones. |
| 36 |
+ Update contrib. |
| 37 |
+ Merge branch 'syslogd' of git://github.com/cgzones/refpolicy |
| 38 |
+ Module version bump for journald fixes from cgzones. |
| 39 |
+ Merge pull request #57 from cgzones/trailing_whitespaces |
| 40 |
+ modutils: Move lines. |
| 41 |
+ Module version bumps for openoffice patches from Guido Trentalancia. |
| 42 |
+ Module version bump for kernel sysctl patch from Luis Ressel |
| 43 |
+ Update contrib. |
| 44 |
+ Module version bump for netutils patch from Luis Ressel. |
| 45 |
+ Module version bump for xserver patch from Guido Trentalancia. |
| 46 |
+ Module version bumps for patches from Guido Trentalancia. |
| 47 |
+ rtkit: enable dbus chat with xdm |
| 48 |
+ xserver: Move interface definition. |
| 49 |
+ Module version bump for patches from Guido Trentalancia. |
| 50 |
+ Module version bump for xscreensaver patch from Guido Trentalancia. |
| 51 |
+ Merge branch 'run_transition' of git://github.com/cgzones/refpolicy |
| 52 |
+ Module version bumps for /run fc changes from cgzones. |
| 53 |
+ Module version bump for patches from Guido Trentalancia. |
| 54 |
+ Merge branch '2016-12-27_systemd' of |
| 55 |
+ git://github.com/fishilico/selinux-refpolicy-patched |
| 56 |
+ Module version bump for systemd patch from Nicolas Iooss. |
| 57 |
+ Merge branch 'usr-fc' of |
| 58 |
+ git://github.com/fishilico/selinux-refpolicy-patched |
| 59 |
+ Module version bump for fc updates from Nicolas Iooss. |
| 60 |
+ Module version bump for patches from Guido Trentalancia. |
| 61 |
+ xserver: Update from Russell Coker for boinc. |
| 62 |
+ Module version bump for patches from Guido Trentalancia. |
| 63 |
+ Merge pull request #62 from cgzones/fix_permission_segenxml |
| 64 |
+ Merge pull request #94 from cgzones/travis |
| 65 |
+ Merge branch 'corenetork_module' of git://github.com/cgzones/refpolicy |
| 66 |
+ Merge branch 'mount_module' of git://github.com/cgzones/refpolicy |
| 67 |
+ Merge branch 'terminal_module' of git://github.com/cgzones/refpolicy |
| 68 |
+ Merge branch 'files_search_src' of git://github.com/cgzones/refpolicy |
| 69 |
+ Merge branch 'unconfined_module' of git://github.com/cgzones/refpolicy |
| 70 |
+ Merge branch 'auditd_fixes' of git://github.com/cgzones/refpolicy |
| 71 |
+ Module version bumps for patches from cgzones. |
| 72 |
+ Module version bump for cpu_online genfscon from Laurent Bigonville. |
| 73 |
+ Update contrib. |
| 74 |
+ Fix contrib. |
| 75 |
+ Module version bump for cups patch from Guido Trentalancia. |
| 76 |
+ Module version bump for xkb fix from Jason Zaman. |
| 77 |
+ Bump module versions for release. |
| 78 |
+ |
| 79 |
+Guido Trentalancia (19): |
| 80 |
+ xserver: remove unneeded user content permissions |
| 81 |
+ xserver: remove unneeded user content permissions |
| 82 |
+ Apache OpenOffice module (base policy part) |
| 83 |
+ xserver: enable dbus messaging with devicekit power |
| 84 |
+ authlogin: indentation/whitespace fix |
| 85 |
+ wm: update the window manager (wm) module and enable its role template |
| 86 |
+ (v7) |
| 87 |
+ userdomain: separate optional conditionals for gnome and wm role templates |
| 88 |
+ udev: manage tmpfs files and directories |
| 89 |
+ udev: always enable kernel module loading |
| 90 |
+ base: enable the xscreensaver role |
| 91 |
+ bootloader: stricter permissions and more tailored file contexts |
| 92 |
+ modutils: update to run in confined mode |
| 93 |
+ base: use new genhomedircon template for username |
| 94 |
+ kernel: missing permissions for confined execution |
| 95 |
+ xserver: introduce new fc and interface to manage X session logs |
| 96 |
+ kernel: add missing plymouth interface |
| 97 |
+ xserver: restrict executable memory permissions |
| 98 |
+ init: support sysvinit |
| 99 |
+ udev: execute HPLIP applications in their own domain |
| 100 |
+ |
| 101 |
+Guido Trentalancia via refpolicy (4): |
| 102 |
+ Let users read/manage symlinks on fs that do not support xattr |
| 103 |
+ Let unprivileged users list mounted filesystems |
| 104 |
+ Let the user list noxattr fs directories |
| 105 |
+ sysadm: add the shutdown role |
| 106 |
+ |
| 107 |
+Jason Zaman (1): |
| 108 |
+ xserver: allow X roles to read xkb libs to set keymaps |
| 109 |
+ |
| 110 |
+Laurent Bigonville (1): |
| 111 |
+ Use genfscon to label /sys/devices/system/cpu/online as cpu_online_t |
| 112 |
+ |
| 113 |
+Luis Ressel (3): |
| 114 |
+ system/modutils: Add kernel_search_key(kmod_t) |
| 115 |
+ kernel.if: Allow listing /proc/sys/net/unix |
| 116 |
+ netutils: Label iptstate as netutils_t |
| 117 |
+ |
| 118 |
+Nicolas Iooss (4): |
| 119 |
+ systemd: add systemd-backlight policy |
| 120 |
+ systemd: add systemd-binfmt policy |
| 121 |
+ Allow searching /proc/sys/fs when using /proc/sys/fs/binfmt_misc |
| 122 |
+ Add file contexts in /usr for /bin, /usr/sbin and /usr/lib |
| 123 |
+ |
| 124 |
+Russell Coker (1): |
| 125 |
+ single binary modutils |
| 126 |
+ |
| 127 |
+Stephen Smalley (2): |
| 128 |
+ refpolicy: Define extended_socket_class policy capability and socket |
| 129 |
+ classes |
| 130 |
+ refpolicy: drop unused socket security classes |
| 131 |
+ |
| 132 |
+cgzones (21): |
| 133 |
+ update .travis.yml |
| 134 |
+ update README |
| 135 |
+ fix spelling |
| 136 |
+ update Makefile |
| 137 |
+ update policy/support macros |
| 138 |
+ review |
| 139 |
+ keep 2 empty lines in front of a new section |
| 140 |
+ using intermediate target instead of splitting up conf files generation |
| 141 |
+ define filecontext for /run/agetty.reload |
| 142 |
+ allow dhcp_t to domtrans into avahi |
| 143 |
+ fix syslogd audits |
| 144 |
+ remove trailing whitespaces |
| 145 |
+ transition file contexts to /run |
| 146 |
+ fix permission of installed segenxml.py by install-headers |
| 147 |
+ auditd / auditctl: fix audits |
| 148 |
+ add files_search_src() |
| 149 |
+ update unconfined module * grant capability2:wake_alarm * remove |
| 150 |
+ deprecated interfaces |
| 151 |
+ update terminal module |
| 152 |
+ update corenetwork module |
| 153 |
+ use travis cache |
| 154 |
+ update mount module |
| 155 |
+ |
| 156 |
* Sun Oct 23 2016 Chris PeBenito <pebenito@××××.org> - 2.20161023 |
| 157 |
Chris PeBenito (94): |
| 158 |
Module version bump for systemd-user-sessions fc entry from Dominick Grift |
| 159 |
|
| 160 |
diff --git a/VERSION b/VERSION |
| 161 |
index f011019..395af8d 100644 |
| 162 |
--- a/VERSION |
| 163 |
+++ b/VERSION |
| 164 |
@@ -1 +1 @@ |
| 165 |
-2.20161023 |
| 166 |
+2.20170204 |
Archives