1 |
commit: dbc0cc1a246bd7680fdaa81da3ee493366cf3115 |
2 |
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> |
3 |
AuthorDate: Sat Aug 5 16:59:42 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Sep 8 22:48:51 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=dbc0cc1a |
7 |
|
8 |
Update Changelog for release. |
9 |
|
10 |
policy/modules/contrib/Changelog | 171 +++++++++++++++++++++++++++++++++++++++ |
11 |
1 file changed, 171 insertions(+) |
12 |
|
13 |
diff --git a/policy/modules/contrib/Changelog b/policy/modules/contrib/Changelog |
14 |
index 907847ca..2a6e15b4 100644 |
15 |
--- a/policy/modules/contrib/Changelog |
16 |
+++ b/policy/modules/contrib/Changelog |
17 |
@@ -1,3 +1,174 @@ |
18 |
+* Sat Aug 05 2017 Chris PeBenito <pebenito@××××.org> - 2.20170805 |
19 |
+Chris PeBenito (82): |
20 |
+ Create / to /usr equivalence for bin, sbin, and lib, from Russell Coker. |
21 |
+ Module version bump for usrmerge FC fixes from Jason Zaman. |
22 |
+ mon policy from Russell Coker. |
23 |
+ Module version bump for cups patches from Guido Trentalancia. |
24 |
+ Module version bump for tbird and mozilla printing from Guido |
25 |
+ Trentalancia. |
26 |
+ Revert "cups/lpd: read permission for cupsd_var_run_t socket files" |
27 |
+ Module version bump for cups revert. |
28 |
+ Sort capabilities permissions from Russell Coker. |
29 |
+ Little misc patch from Russell Coker. |
30 |
+ mon: Fix deprecated interface usage. |
31 |
+ dpkg: Updates from Russell Coker. |
32 |
+ Monit policy from Russell Coker and cgzones. |
33 |
+ monit: Fix build error. |
34 |
+ fetchmail, mysql, tor: Misc fixes from Russell Coker. |
35 |
+ Merge branch 'alsa_module' of git://github.com/cgzones/refpolicy-contrib |
36 |
+ Merge branch 'vnstat_module' of git://github.com/cgzones/refpolicy-contrib |
37 |
+ Module version bump for alsa and vnstatd fixes from cgzones. |
38 |
+ Merge branch 'ntp_module' of git://github.com/cgzones/refpolicy-contrib |
39 |
+ Module version bump for ntp fixes from cgzones. |
40 |
+ samba: A few line moves. |
41 |
+ Module version bump for samba patch from Russell Coker. |
42 |
+ Systemd fixes from Russell Coker. |
43 |
+ Xen fixes from Russell Coker. |
44 |
+ mailman: Fixes from Russell Coker. |
45 |
+ MTA fixes from Russell Coker. |
46 |
+ Network daemon patches from Russell Coker. |
47 |
+ apache: Fix CI error. |
48 |
+ Merge branch 'modutils_adapt_interfaces' of |
49 |
+ git://github.com/cgzones/refpolicy-contrib |
50 |
+ Merge branch 'corecmd_read_bin_symlinks' of |
51 |
+ git://github.com/cgzones/refpolicy-contrib |
52 |
+ Module version bumps for fixes from cgzones. |
53 |
+ Merge branch 'mandb' of git://github.com/cgzones/refpolicy-contrib |
54 |
+ Merge branch 'dphysswapfile' of git://github.com/cgzones/refpolicy-contrib |
55 |
+ Module version bump for dphysswapfile and mandb fixes from cgzones. |
56 |
+ Merge branch 'var_run_filecontext' of |
57 |
+ git://github.com/cgzones/refpolicy-contrib |
58 |
+ Merge branch 'vnstatd' of git://github.com/cgzones/refpolicy-contrib |
59 |
+ Module version bump for fixes from cgzones. |
60 |
+ dontaudit net_admin for SO_SNDBUFFORCE |
61 |
+ /var/run -> /run again |
62 |
+ Merge branch 'monit' of git://github.com/cgzones/refpolicy-contrib |
63 |
+ Module version bump for monit patch from cgzones. |
64 |
+ systemd-resolvd, sessions, and tmpfiles take2 |
65 |
+ Misc fc changes from Russell Coker. |
66 |
+ Systemd-related changes from Russell Coker. |
67 |
+ networkmanager: adjust interface docs format. |
68 |
+ wm: interface docs adjustment. |
69 |
+ Module version bump for misc fixes from Guido Trentalancia. |
70 |
+ systemd init from Russell Coker |
71 |
+ misc daemons from Russell Coker. |
72 |
+ logging patches from Russell Coker |
73 |
+ kmod, lvm, brctl patches from Russell Coker |
74 |
+ devicekit, mount, xserver, and selinuxutil from Russell Coker |
75 |
+ some userdomain patches from Russell Coker |
76 |
+ Module version bump for gnome fix from Guido Trentalancia. |
77 |
+ apache: Move blocks. No rule changes. |
78 |
+ Module version bump for changes from Sven Vermeulen and Guido |
79 |
+ Trentalancia. |
80 |
+ login take 4 from Russell Coker. |
81 |
+ Rename apm to acpi from Russell Coker. |
82 |
+ Module version bump for patches from Russell Coker. |
83 |
+ some little misc things from Russell Coker. |
84 |
+ apt/dpkg strict patches from Russell Coker. |
85 |
+ Module version bump for minor fixes from Guido Trentalancia. |
86 |
+ Merge branch 'usr_bin_fc' of |
87 |
+ git://github.com/fishilico/selinux-refpolicy-contrib |
88 |
+ Module version bump for /usr/bin fc fixes from Nicolas Iooss. |
89 |
+ Module version bump for chronyd changes from Luis Ressel. |
90 |
+ openoffice: Move ooffice_rw_tmp_files() implementation. |
91 |
+ Module version bump for openoffice fix from Guido Trentalancia. |
92 |
+ libmtp: move lines |
93 |
+ Module version bump for fixes from Guido Trentalancia. |
94 |
+ Module version bump for mmap fixes from Stephen Smalley. |
95 |
+ Module version bump for misc patches from Guido Trentalancia. |
96 |
+ gpg: Fix overspecified dependencies in gpg_agent_tmp_filetrans. |
97 |
+ dirmngr: Whitespace fixes. |
98 |
+ Module version bumps for patches from Jason Zaman. |
99 |
+ cgmanager: Move lines |
100 |
+ Module version bumps for patches from Jason Zaman. |
101 |
+ gpg: Module version bump for patch from Guido Trentalancia. |
102 |
+ mozilla: Module version bump for patch from Luis Ressel. |
103 |
+ rkhunter: Fix module version and move lines. |
104 |
+ Module version bump for patches from cgzones. |
105 |
+ chkrootkit: Fix module version. |
106 |
+ Module version bump for patches from cgzones. |
107 |
+ Bump module versions for release. |
108 |
+ |
109 |
+Guido Trentalancia (28): |
110 |
+ cups: read permission for cupsd_var_run_t socket files in |
111 |
+ cups_stream_connect() |
112 |
+ cups/lpd: read permission for cupsd_var_run_t socket files |
113 |
+ thunderbird: allow stream connections to cups so that it can print |
114 |
+ mozilla: allow stream connections to cups so that it can print |
115 |
+ java: enable interactive use |
116 |
+ evolution: add dbus acquire service permission |
117 |
+ evolution: do not audit kernel read state |
118 |
+ evolution: add some critical permissions |
119 |
+ mozilla: read hardware state information |
120 |
+ mozilla: add a permission |
121 |
+ wm: load the NetworkManager applet |
122 |
+ wm: interactive start |
123 |
+ Gnome and Evolution dbus chat permissions |
124 |
+ openoffice: support starting it from the window manager |
125 |
+ evolution: minor fixes and updates |
126 |
+ java: error messages terminal printout |
127 |
+ loadkeys: use init fds (system bootup) |
128 |
+ plymouth: pid interface usability |
129 |
+ shutdown: send msg to syslog |
130 |
+ openoffice: open files retrieved using mozilla |
131 |
+ contrib: new libmtp module |
132 |
+ openoffice: minor update |
133 |
+ gnome: improved integration with openoffice |
134 |
+ cups: let hplip read udev pid files |
135 |
+ dbus: let session bus daemon manage user runtime dirs |
136 |
+ zabbix: Grant zabbix_agent_t to call setrlimit on self |
137 |
+ ntp: fix the drift file context and transition |
138 |
+ gpg: manage user runtime socket files and directories |
139 |
+ |
140 |
+Jason Zaman (12): |
141 |
+ usrmerge: Add missed /usr fcontexts |
142 |
+ java: update fcontexts for new versions of icedtea |
143 |
+ dirmngr: add to roles and allow gpg to domtrans |
144 |
+ gpg dirmngr: create and connect to socket |
145 |
+ dirmngr: fcontext for ~/.gnupg/crls.d/ |
146 |
+ dirmngr: Network rules to connect to keyserver |
147 |
+ cgmanager: add policy from gentoo |
148 |
+ consolekit: Add support for consolekit2 |
149 |
+ consolekit: allow purging tmp |
150 |
+ consolekit: introduce consolekit_use_inhibit_lock interface |
151 |
+ dbus: use consolekit inhibit locks |
152 |
+ networkmanager: use consolekit inhibit locks |
153 |
+ |
154 |
+Luis Ressel (3): |
155 |
+ chronyd: Re-align fc file |
156 |
+ chronyd: Allow init scripts to create /run/chrony |
157 |
+ mozilla: Add fc for the files used by the firefox addon "vimperator" |
158 |
+ |
159 |
+Nicolas Iooss (1): |
160 |
+ Support systems with a single /usr/bin directory |
161 |
+ |
162 |
+Russell Coker (1): |
163 |
+ patch for samba |
164 |
+ |
165 |
+Stephen Smalley (1): |
166 |
+ contrib: allow map permission where needed |
167 |
+ |
168 |
+Sven Vermeulen (1): |
169 |
+ rpc_* interfaces should be wrapped by optional_policy() |
170 |
+ |
171 |
+cgzones (16): |
172 |
+ update ntp module |
173 |
+ update alsa module |
174 |
+ vnstatd: update module |
175 |
+ corecmd_read_bin_symlinks(): remove deprecated and redundant calls |
176 |
+ modutils: adopt calls to new interfaces |
177 |
+ vnstatd: update |
178 |
+ dphysswapfile: update |
179 |
+ monit: update |
180 |
+ mandb: update |
181 |
+ logrotate: reload monit after log rotation |
182 |
+ remove /var/run file context lefovers, add dbus exception |
183 |
+ monit: add syslog access and support for monit systemd service |
184 |
+ rkhunter: add policy module |
185 |
+ arpwatch: align file contexts |
186 |
+ chkrootkit: add policy module |
187 |
+ arpwatch: update |
188 |
+ |
189 |
* Sat Feb 04 2017 Chris PeBenito <pebenito@××××.org> - 2.20170204 |
190 |
Chris PeBenito (41): |
191 |
Module version bump for patches from Jason Zaman. |