From fb3c7c3e5a6c350ba20fcbc00366b24ec7009b34 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Mon, 14 Oct 2024 15:08:48 +0200 Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 libsepol revision 658ebdc1dadc9aa1926b295480ff7c68 --- .gitattributes | 23 +++ baselibs.conf | 1 + libsepol-3.5.tar.gz | 3 + libsepol-3.5.tar.gz.asc | 19 ++ libsepol.changes | 402 ++++++++++++++++++++++++++++++++++++++++ libsepol.keyring | 305 ++++++++++++++++++++++++++++++ libsepol.spec | 131 +++++++++++++ 7 files changed, 884 insertions(+) create mode 100644 .gitattributes create mode 100644 baselibs.conf create mode 100644 libsepol-3.5.tar.gz create mode 100644 libsepol-3.5.tar.gz.asc create mode 100644 libsepol.changes create mode 100644 libsepol.keyring create mode 100644 libsepol.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..0e70cfc --- /dev/null +++ b/baselibs.conf @@ -0,0 +1 @@ +libsepol2 diff --git a/libsepol-3.5.tar.gz b/libsepol-3.5.tar.gz new file mode 100644 index 0000000..977bebb --- /dev/null +++ b/libsepol-3.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:78fdaf69924db780bac78546e43d9c44074bad798c2c415d0b9bb96d065ee8a2 +size 497522 diff --git a/libsepol-3.5.tar.gz.asc b/libsepol-3.5.tar.gz.asc new file mode 100644 index 0000000..886b73b --- /dev/null +++ b/libsepol-3.5.tar.gz.asc @@ -0,0 +1,19 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2 + +iQKTBAABCgB9FiEE4WLerRzN0RPwSz1JK77Zyxpo71UFAmP3a19fFIAAAAAALgAo +aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx +NjJERUFEMUNDREQxMTNGMDRCM0Q0OTJCQkVEOUNCMUE2OEVGNTUACgkQK77Zyxpo +71VUvA//eFowP2yTpqvNzE96VsmNjELos6u/CApUy0KV6UpzEXxuPvslKfp5vK4w +eO41lcm604YZ+k8XA4Z65LlM0v7F0i4JSOfz44FQI2u+6f0PY/Wd7ymACCYKaPUu +NZj3lifJTa9UyfTqVq583oPU7uh5j5Pd/9xbmGgEmtCJ6dTO16dpWgtY+z11pmcm +M4pLQLDYAjrP2X0e9TniynxwTV8Gra+2tB4O3qT4WLBoaOsSuz95b/ts7mdIIE69 +VaQmP9p2HQTf4TkFzzW/EJGAtHvd61bCHRu62mIJ65sxE23lGvqAjDDo1dRsKY5F +ADf8E2WKatGRgqDhiyaROzpU5nlerKM84UiJbwcpO86VM+ohtPrk8Tl5VkTZELGS +xeueKqP3Qnko0kqSkswnFynx5m3Y5Sh+tHr80zJ9b4/YwBMH3OD9YEVUpX55aYaT +wU+UDlyUxtpDVe3F0SPeZfc0UGiKwOsn77B0tlE8PdL9izdyyFaaN0k1tRYoEldH +++Vm90Wsx+EvkDb/gS7CboJemz5A5FlNEd7Ym1qu86dwOT5OtZFhqpRSdgPkL/o0 +1C94jpONeKgbi88Rzxj21QPuJvkoe0uBqWCXAlALkhX+elQTAGgm6H+gpvgyGraa +0eNvubtQnssite1AxnPukwu3TogRbNbSBjNiCLtm7MvHt83gVro= +=/yww +-----END PGP SIGNATURE----- diff --git a/libsepol.changes b/libsepol.changes new file mode 100644 index 0000000..bcd7a0c --- /dev/null +++ b/libsepol.changes @@ -0,0 +1,402 @@ +------------------------------------------------------------------- +Fri Feb 24 07:50:14 UTC 2023 - Johannes Segitz + +- Update to version 3.5 + * Stricter policy validation + * do not write empty class definitions to allow simpler round-trip tests + * reject attributes in type av rules for kernel policies +- Added additional developer key (Jason Zaman) + +------------------------------------------------------------------- +Mon May 9 10:27:53 UTC 2022 - Johannes Segitz + +- Update to version 3.4 + * Add 'ioctl_skip_cloexec' policy capability + * Add sepol_av_perm_to_string + * Add policy utilities + * Support IPv4/IPv6 address embedding + * Hardened/added many validations + * Add support for file types in writing out policy.conf + * Allow optional file type in genfscon rules + +------------------------------------------------------------------- +Thu Nov 11 13:28:14 UTC 2021 - Johannes Segitz + +- Update to version 3.3 + * Dropped CVE-2021-36085.patch, CVE-2021-36086.patch, CVE-2021-36087.patch + are all included + * Lot of smaller fixes identified by fuzzing + +------------------------------------------------------------------- +Wed Jul 21 13:16:54 UTC 2021 - Johannes Segitz + +- Fix heap-based buffer over-read in ebitmap_match_any (CVE-2021-36087, 1187928. + Added CVE-2021-36087.patch + +------------------------------------------------------------------- +Mon Jul 5 11:31:07 UTC 2021 - Johannes Segitz + +- Fix use-after-free in __cil_verify_classperms (CVE-2021-36085, 1187965). + Added CVE-2021-36085.patch +- Fix use-after-free in cil_reset_classpermission (CVE-2021-36086, 1187964). + Added CVE-2021-36086.patch + +------------------------------------------------------------------- +Tue Mar 9 09:11:42 UTC 2021 - Johannes Segitz + +- Update to version 3.2 + * more space-efficient form of storing filename transitions in the binary + policy and reduced the size of the binary policy + * dropped old and deprecated symbols and functions. Version was bumped to + libsepol.so.2 + +------------------------------------------------------------------- +Thu Oct 29 10:40:16 UTC 2020 - Ludwig Nussel + +- install to /usr (boo#1029961) + +------------------------------------------------------------------- +Tue Jul 14 08:39:58 UTC 2020 - Johannes Segitz + +- Update to version 3.1 + * Add support for new polcap genfs_seclabel_symlinks + * Initialize the multiple_decls field of the cil db + * Return error when identifier declared as both type and attribute + * Write CIL default MLS rules on separate lines + * Sort portcon rules consistently + * Remove leftovers of cil_mem_error_handler + * Drop remove_cil_mem_error_handler.patch, is included + +------------------------------------------------------------------- +Mon Apr 27 19:35:18 UTC 2020 - Martin Liška + +- Enable -fcommon in order to fix boo#1160874. + +------------------------------------------------------------------- +Tue Mar 3 12:17:04 UTC 2020 - Johannes Segitz + +- Update to version 3.0 + * cil: Allow validatetrans rules to be resolved + * cil: Report disabling an optional block only at high verbose levels + * cil: do not dereference perm_value_to_cil when it has not been allocated + * cil: fix mlsconstrain segfault + * Further improve binary policy optimization + * Make an unknown permission an error in CIL + * Remove cil_mem_error_handler() function pointer + * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping + * Add a function to optimize kernel policy + * Add ebitmap_for_each_set_bit macro + + Dropped fnocommon.patch as it's included upstream + +------------------------------------------------------------------- +Thu Jan 30 14:11:56 UTC 2020 - Johannes Segitz + +- Add fnocommon.patch to prevent build failures on gcc10 and + remove_cil_mem_error_handler.patch to prevent build failures due to + leftovers from the removal of cil_mem_error_handler (bsc#1160874) + +------------------------------------------------------------------- +Thu Jun 20 10:25:00 UTC 2019 - Martin Liška + +- Disable LTO due to symbol versioning (boo#1138813). + +------------------------------------------------------------------- +Wed Mar 20 15:12:34 UTC 2019 - jsegitz@suse.com + +- Update to version 2.9 + * Add two new Xen initial SIDs + * Check that initial sid indexes are within the valid range + * Create policydb_sort_ocontexts() + * Eliminate initial sid string definitions in module_to_cil.c + * Rename kernel_to_common.c stack functions + * add missing ibendport port validity check + * destroy the copied va_list + * do not call malloc with 0 byte + * do not leak memory if list_prepend fails + * do not use uninitialized value for low_value + * fix endianity in ibpkey range checks + * ibpkeys.c: fix printf format string specifiers for subnet_prefix + * mark permissive types when loading a binary policy + +------------------------------------------------------------------- +Thu Nov 8 09:34:54 UTC 2018 - Jan Engelhardt + +- Use more %make_install. + +------------------------------------------------------------------- +Thu Nov 8 07:19:24 UTC 2018 - jsegitz@suse.com + +- Adjusted source urls (bsc#1115052) + +------------------------------------------------------------------- +Wed Oct 17 11:54:52 UTC 2018 - jsegitz@suse.com + +- Update to version 2.8 (bsc#1111732) + For changes please see + https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt + +------------------------------------------------------------------- +Wed May 16 07:13:18 UTC 2018 - mcepl@suse.com + +- Rebase to 2.7 + For changes please see + https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt + +------------------------------------------------------------------- +Fri Nov 24 09:16:47 UTC 2017 - jsegitz@suse.com + +- Update to version 2.6. Notable changes: + * Add support for converting extended permissions to CIL + * Create user and role caches when building binary policy + * Check for too many permissions in classes and commons in CIL + * Fix xperm mapping between avrule and avtab + * Produce more meaningful error messages for conflicting type rules in CIL + * Change which attributes CIL keeps in the binary policy + * Warn instead of fail if permission is not resolved + * Ignore object_r when adding userrole mappings to policydb + * Correctly detect unknown classes in sepol_string_to_security_class + * Fix neverallowxperm checking on attributes + * Only apply bounds checking to source types in rules + * Fix CIL and not add an attribute as a type in the attr_type_map + * Fix extended permissions neverallow checking + * Fix CIL neverallow and bounds checking + * Add support for portcon dccp protocol + +------------------------------------------------------------------- +Fri Jul 15 14:29:28 UTC 2016 - jengelh@inai.de + +- Update RPM groups, trim description and combine filelist entries. + +------------------------------------------------------------------- +Thu Jul 14 14:38:09 UTC 2016 - mpluskal@suse.com + +- Cleanup spec file with spec-cleaner +- Make spec file a bit more easy +- Ship new supbackage (-tools) + +------------------------------------------------------------------- +Thu Jul 14 14:21:46 UTC 2016 - jsegitz@novell.com + +- Without bug number no submit to SLE 12 SP2 is possible, so to make + sle-changelog-checker happy: bsc#988977 + +------------------------------------------------------------------- +Thu Jul 14 07:57:35 UTC 2016 - jsegitz@novell.com + +- Adjusted source link + +------------------------------------------------------------------- +Tue Jul 5 17:11:44 UTC 2016 - i@marguerite.su + +- update version 2.5 + * Fix unused variable annotations + * Fix uninitialized variable in CIL + * Validate extended avrules and permissionxs in CIL + * Add support in CIL for neverallowx + * Fully expand neverallowxperm rules + * Add support for unordered classes to CIL + * Add neverallow support for ioctl extended permissions + * Improve CIL block and macro call recursion detection + * Fix CIL uninitialized false positive in cil_binary + * Provide error in CIL if classperms are empty + * Add userattribute{set} functionality to CIL + * fix CIL blockinherit copying segfault and add macro restrictions + * fix CIL NULL pointer dereference when copying classpermission/set + * Add CIL support for ioctl whitelists + * Fix memory leak when destroying avtab + * Replace sscanf in module_to_cil + * Improve CIL resolution error messages + * Fix policydb_read for policy versions < 24 + * Added CIL bounds checking and refactored CIL Neverallow checking + * Refactored libsepol Neverallow and bounds (hierarchy) checking + * Treat types like an attribute in the attr_type_map + * Add new ebitmap function named ebitmap_match_any() + * switch operations to extended perms + * Write auditadm_r and secadm_r roles to base module when writing CIL + * Fix module to CIL to only associate declared roleattributes with in-scope types + * Don't allow categories/sensitivities inside blocks in CIL + * Replace fmemopen() with internal function in libsepol + * Verify users prior to evaluating users in cil + * Binary modules do not support ioctl rules + * Add support for ioctl command whitelisting + * Don't use symbol versioning for static object files + * Add sepol_module_policydb_to_cil(), sepol_module_package_to_cil(), + and sepol_ppfile_to_module_package() + * Move secilc out of libsepol + * fix building Xen policy with devicetreecon, and add devicetreecon + CIL documentation + * bool_copy_callback set state on creation + * Add device tree ocontext nodes to Xen policy + * Widen Xen IOMEM context entries + * Fix error path in mls_semantic_level_expand() + * Update to latest CIL, includes new name resolution and fixes ordering + issues with blockinherit statements, and bug fixes +- changes in 2.4 + * Remove assumption that SHLIBDIR is ../../ relative to LIBDIR + * Fix bugs found by hardened gcc flags + * Build CIL into libsepol. libsepol can be built without CIL by setting the + DISABLE_CIL flag to 'y' + * Add an API function to set target_platform + * Report all neverallow violations + * Improve check_assertions performance + * Allow libsepol C++ static library on device + +------------------------------------------------------------------- +Fri May 16 13:06:12 UTC 2014 - vcizek@suse.com + +- update to 2.3 + * Improve error message for name-based transition conflicts. + * Revert libsepol: filename_trans: use some better sorting to compare and merge. + * Report source file and line information for neverallow failures. + * Fix valgrind errors in constraint_expr_eval_reason from Richard Haines. + * Add sepol_validate_transition_reason_buffer function from Richard Haines. +- dropped libsepol-2.1.4-role_fix_callback.patch (upstream) + +------------------------------------------------------------------- +Thu Oct 31 13:36:48 UTC 2013 - p.drouand@gmail.com + +- Update to version 2.2 + * Allow constraint denial cause to be determined + - Add kernel policy version 29. + - Add modular policy version 17. + - Add sepol_compute_av_reason_buffer(), sepol_string_to_security + _class(), sepol_string_to_av_perm(). + * Support overriding Makefile RANLIB + * Fix man pages +- Remove libsepol-rhat.patch; merged on upstream + +------------------------------------------------------------------- +Thu Jun 27 14:37:12 UTC 2013 - vcizek@suse.com + +- change the source url to the official 2.1.9 release tarball + +------------------------------------------------------------------- +Sat Jun 22 01:40:19 UTC 2013 - crrodriguez@opensuse.org + +- Build with LFS_CFLAGS for 32 bit archs + +------------------------------------------------------------------- +Fri Apr 5 15:31:13 UTC 2013 - vcizek@suse.com + +- remove a debugging artifact in spec + +------------------------------------------------------------------- +Thu Apr 4 19:26:35 UTC 2013 - vcizek@suse.com + +- fixed source url + +------------------------------------------------------------------- +Wed Feb 13 14:34:39 UTC 2013 - vcizek@suse.com + +- update to 2.1.9 + * filename_trans: use some better sorting to compare and merge + * coverity fixes + * implement default type policy syntax + * Fix memory leak issues found by Klocwork +- added libsepol-rhat.patch + +------------------------------------------------------------------- +Mon Jan 7 22:46:48 UTC 2013 - jengelh@inai.de + +- Remove obsolete defines/sections + +------------------------------------------------------------------- +Mon Dec 10 17:34:14 UTC 2012 - p.drouand@gmail.com + +- Update to 2.1.8 version: + * fix neverallow checking on attributes + * Move context_copy() after switch block in ocontext_copy_*(). + * check for missing initial SID labeling statement. + * Add always_check_network policy capability + * role_fix_callback skips out-of-scope roles during expansion. + +------------------------------------------------------------------- +Thu Oct 25 10:47:00 UTC 2012 - vcizek@suse.com + +- skip roles which are out of scope when expanding attributes +- needed for building selinux-policy + +------------------------------------------------------------------- +Wed Jul 25 11:16:59 UTC 2012 - meissner@suse.com + +- updated to 2.1.4 + - lots of updates + +------------------------------------------------------------------- +Wed Oct 5 15:11:06 UTC 2011 - uli@suse.com + +- cross-build fix: use %__cc macro + +------------------------------------------------------------------- +Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de + +- use %_smp_mflags + +------------------------------------------------------------------- +Sat Apr 24 11:38:22 UTC 2010 - coolo@novell.com + +- buildrequire pkg-config to fix provides + +------------------------------------------------------------------- +Thu Feb 25 15:00:29 UTC 2010 - prusnak@suse.cz + +- updated to 2.0.41 + * changes too numerous to list + +------------------------------------------------------------------- +Sun Dec 13 01:35:55 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source + +------------------------------------------------------------------- +Wed Nov 11 18:18:22 UTC 2009 - crrodriguez@opensuse.org + +- libsepol-devel Requires glibc-devel + +------------------------------------------------------------------- +Fri Jun 19 13:26:45 CEST 2009 - prusnak@suse.cz + +- put static library in libsepol-devel-static + +------------------------------------------------------------------- +Wed May 27 13:56:59 CEST 2009 - prusnak@suse.cz + +- updated to 2.0.36 + * fix alias field in module format, caused by boundary format + change from Caleb Case + * fix boolean state smashing from Joshua Brindle + +------------------------------------------------------------------- +Mon Dec 1 11:37:58 CET 2008 - prusnak@suse.cz + +- updated to 2.0.34 + * add bounds support + * fix invalid aliases bug + +------------------------------------------------------------------- +Wed Oct 22 16:17:24 CEST 2008 - mrueckert@suse.de + +- fix debug_packages_requires define + +------------------------------------------------------------------- +Tue Sep 23 12:53:01 CEST 2008 - prusnak@suse.cz + +- require only version, not release [bnc#429053] + +------------------------------------------------------------------- +Fri Aug 22 14:45:33 CEST 2008 - prusnak@suse.cz + +- added baselibs.conf file + +------------------------------------------------------------------- +Fri Aug 1 17:32:23 CEST 2008 - ro@suse.de + +- fix requires for debuginfo package + +------------------------------------------------------------------- +Tue Jul 15 15:35:54 CEST 2008 - prusnak@suse.cz + +- initial version 2.0.32 + * based on Fedora package by Dan Walsh + diff --git a/libsepol.keyring b/libsepol.keyring new file mode 100644 index 0000000..8a24537 --- /dev/null +++ b/libsepol.keyring @@ -0,0 +1,305 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBE97JQcBEAC/aeBxbuToAJokMiVxtMVFoUMgCbcVQDB21YhMq4i5a/HDzFno +qVPhQjGViGTKXQYR7SnT8CCfC3ggG7hqU0oaWKN3D003V6e/ivTJwMKrQRFqf5/A +vN7ELulXFxEt/ZjYmvTukpW5Li2AU7JBD0aO243Ld9jYdZOZn2zdfA8IpnE9Bmm3 +K/LO1Xb2F9ujF9faI5/IlJvdUFk3uiCKTSvM8kGwOmAwBI921Z5x/CYvy5kKEazU +lUxMqECl+Tu2YS6NDhWYNkifAIZ7lsUvGjW3/wfh7AvmAQyt/CxOXu9LL2nGzFhw +CIS4jVIxy5bDswNfHcaMX7B5WEyqTPtjzPAEMiLL4yHJZrHDPd26QHSaqtilVA4K +AeTYbME8iZIdacquFEq02PO9qAM21O48OknCTSolF7z6nBkk6l26W3EL+Gz5I2Et +3S9pab3FMjiiKVavM6UA5D0DQkNxxDn9blDXZyhX4HFrk+NnoETcGYFymPbbijgi +kFC4339/Z1aK31aJLkxiana5mqLthD4jCeg3B8Cp5IurqPr8QEh3FH8ZZhtdx2fX +TXHTmGQF/lXG4tg1eH5cb6wWGU93wD+5mf6czJlUZTY+kdevKtZCQnA0/2ENCOFW +Jdm/oMTUw6ozPd474ctzWKeO78e8yMvZst/Zp3Gq6SD9kcoPgiuMQ+BOkwARAQAB +tCRQZXRyIExhdXRyYmFjaCA8cGxhdXRyYmFAcmVkaGF0LmNvbT6IRgQTEQIABgUC +UGrhaAAKCRDgn+8l2WSErGaNAJ96+VrAVoZPHnycMU37iP/ZTq5oZwCfaDWxlxNS +sQRgd0tvIDLDUY0uSw6IXgQQEQgABgUCT32YIwAKCRD/aJIEAzcfEOK8AP4u7xTn +iIaAvn6H0ql5X5mUeAimPhwP4FUvzkvoBDcY/QD/VPBnW1LoCDe63YboAvbB7BHe +/0yC7rwTQzl6zPmh/iiJARwEEwECAAYFAk+H1m4ACgkQGWJaEyWIEIcxJQf/fRX8 +T3fQ5NOhZ6r5AqRMm4wXSWsDk1oDL7Fa2vKcwqiIC4zQoU0Y9+s96GSjFHgP4wpc +f7GHSPZseXp9c4ckIpkuEK2wL+jyPuSSMgmOLEGXBgy6XbWvF5yR7tm3henEcBEn +HjbTwuTO2nM53tmcM/ophq/eK2nErwTKPiDw3aiahNDYNx36wJrSOBGTKySk/F23 +R8rQPThdbtvUtmTHDPCsAZKmMBlXOkoFcA1xKZRAMBoiEa9hIqiLBV7Z5oTmVSa8 +BolBpOtR38sIjAWh9MtJoFFfx8Q575TC9bfpW3Kc/IRPJE55Myn/8Kbl7YJBU+gO +/v2yjKIT+hRb0MUOEIkBHAQTAQIABgUCT457oQAKCRCUZdkzlNzEiUhHB/9WN9s3 +d5V/rjy9e8Ny2xd+5yXfuLpi57YI4mIZi5k6s3vBjFW8fa2jw/dXndhX06oOkmXY +1dSujVWJSMUe4gqnbdVu3IEBiyst5MyYcuOdeVpQ9KvolQMdRCEIXfgFOTXt73Lu +1eUSyEVhXI+Ua6bsmHJqscHatF2NCTyTJOqZDjIePD+c/8eW9XF2Bv6ZOa51M9UF +p85PVH0wn9I3bHhtyVPhxDSGM0TL9OwXNV25CPzI04wUb2vqnVVv67XCfcFMA0iH +nlH1oOHckUUhX+MFOTG6TFHmLIZCJHneeXR7SqdAXGl+EUZyWHRGS2OsdncMEDNy +5hennjRW71qr1C48iQIcBBABAgAGBQJPht1GAAoJEMI9kbsdgkTfgW0QAJ+o/BZI +i2TWU1cTQc4zVi4dcV8wZREXUCi2yQlq3C2MbL2gNRCSN+w9E6daOAf2zTEPZSaV +OuMl9aIF0fSRMuITFVQ6a+cz1UUxGFjFBkzCId5ybgVnkhZTPh7TmgYKQcVsyzBc +SgQb6qpu058s2lfrvLL8kzpZ77w+JdX9za9oSukflLxgKFvnAP2URY0zZo8E5SZv +M40zX98QV3wAXp9RVg3uG27IbWfnNO/6ijCY7ZzS16slEaYyBW4u6AgScoqFpD4f +Urpt1knuZfjHHHmLMTJh5iGL0OEEdLAIuFZH5iKWqRzlTSesX7dn4Jv1McemmLTv +U4hDulesaxBKkPMZFcLDScoQGbQuLXet7xw6gcyU8PREdZkQhFkZJhfVgoG1W6/i +SlKrwY3zmVlIMoZE21skFLtCPi/I6U6sE7V7LJ3iV6lAJ7ZGLeBT3ut6Tna04z58 +AiJvPtVvhrSptumGvPo9UxsMaIHEz3b5il0PJkbIvvAniDoOFFFwRRBqGVnWfvL5 +hDrQROzO3v6QPTxmLYGgmmIwewV+hqzami3tV48XEa63C+rSn44dJWXCQuA5o5E8 +e6YsDy4ncEaUlMewStQHYQSB1z9O/W+xnMQjdmL6GrDWBxuR7bUiLxoN+yFt4pb2 +FgkCGdabxV0XefzRRfkSDnqLJussKMTKIARhiQIcBBABAgAGBQJPvJhEAAoJEE4F +9mOnpBuefJMP/iBVurwfmRrt9V1ICdfrn+QWfnGSobNukKSNyp7/m4jYK91i2N5D +grqybsjlEujK78QT8k9sJEeK5ywRqTjZYBlJG179afbJNCkhvSZDTBcm+4z4fHsN +LHZHXY/2shniYaj+sS10btj1WiD0z9cbHvDkipLDYMXbKJhAlew7MeOmF9gHwl+i +qNb/veSfgTYhEm0K5aF+Ilkn4YQZx5IEit50fejTVOG1sB6H+DM9EXcVTXfrXPID +Wxe2YZ6rCeE0vWykdGWm5vdy8BdDxFJis12IVkHnOiE236Iv6rNVZpQmj69hlqXU +Kjn+uggc3mcl5/ySnWeBpgq9/WEhW+x1CyKVVAhcoVYx3jtpTpbyA+vVbb5TjLD6 +r45dquJ6juCkfv868xJ7/fA6EZUPwomszABWevczjCjYIzrOXDE8Z2W1Aj4jEMPw +1MZOY1OtEBFhFBoVDKp3VKtW3ixKR6h6Cuk4bihZfJr+/hJ5ccPi+3y++9fcDizM +Hvdrfnkh9vJFcMRHcR8V9blz4GdHdvGF8BNMTpPQArPUarfRebbJxMZgIBnbIEp7 +Bp6BOnHc78ToA9NdSdVZMg9BrLxPiJVSIsWztbVQUxj9G+Yi8ooUhBZybk7Qv7bs +8kr5hLFSijUi+3WlyVO561tFs3xWdHcr0+nm5ngovPpmR9+YmDaw5K7viQIcBBMB +CAAGBQJRBnyHAAoJENmwV3vZPpj8yhQP/3HGZds8vZm2jqoQJexDUYW7J2JiVRHE +OxVSK5zW1KASgNvxdxeXfuX8gpfVCZym8cw/N5PSDyw3AhdKcvoE0KcVx+t3S0TP +y4E/FWfMyIbBoc/WQHpWzqw1XfX4IlxPPwEcds51dmeEepdJvTZKieoBh5ZVKUTT +wSO+rQchZGfo0gZ0aq/qJwETGvImNLdkKFEWm+AAnCxU7l/oEoehmcSfv25BHhc8 +fC7FFubiF/qJgRs6ETseh3qRPNL29giHK5MVPPkrP9jGUyhlf+NMhixfSdnev5Oy +G6vyJRcmEq+9dWUbKsY7Ydd8S4ikmoTHj+oz2NQ0/QQTto/Nnp8E/terj0PH2Wdm +5JDWN5fEQSk74A0PbGaeMIevcR+BhmuuEJLExCG8mHvDKmTO7fQPjUEc849Ki2Yz +tYtx4daZi6LRa6r1faGibmOrXVfAAIS2Y2I/+h1eMXSi98rR3yWP+SK+CtcBl038 +40lqlVIuRExLvVLp6Wf66tH0d+zAR8zsg+3RxHA3Wg0iFeYrXj5cFa+/C9qV+7Eb +ZR/EPwrQlczABGWkaVXyVem7MNXwRyu8uKkqmqJBZol6vriRpBvyocS1Pr4k2gaT +KaiGt95VqDEqY/MNZHi/Vr2WBnBjUVNEc1U8zQ/wtaU32rQKthymgHCSFMxXVgnU +4FKuQz0gza+yiQI4BBMBAgAiBQJPeyUHAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe +AQIXgAAKCRBjqK1LmCxDc8tTD/9nOHx/Hl1m6qKLf7yxPoSdeJNJXmDkIVUqOJTZ +cUZWyjXeTEEl/0I5EICTRAmwdyzNCsRP88FTmfrpr5sS8TbJDsY7mxOjc6Be0pvc +naKo8M3pyKUfQVbYO9Zn4wTqCzza7Le7R0ROW7Up55zkvXXbf8vSTiL0KZI7QUyN +k31XKdm+A6JoO4uKlP4Se4buOeaAIuqzz5K9KXBogyk6ouOpe/vaK7I/TMbNV05q +0zDAf3lejwlOxaOFiTV0vEl3d7BFcV76cmI1E05w7nsI09avDS+2p67HJEtelmEl +Ris0YarT9VbnbdRfw+XFilakKb0Jf11v7kEtiLIBFrG0ZiABGSFDsuE57hePeAvw +PtQWyQXVK+DZfczx9m46yXqmJE7LxkK9YnIDuKVIOaAuOeobZKgsQrj0aqqxgwGQ +ceeE5XYD8LwqN9fmj0CZTpVryLlg/3XqadA3t6EyvRQ5x4d7MBNL8p+B7fevrzPi +jZw2ICdRRGsNXn2HjxQAqG7xAaNmaS25w8qgE+DM3x6R0m8M1DpOdmTp5Jfyq1CD +sYV7X+HcUUuie9Ec2/h1kt62Py4GjDuUNASX275J4LiphPHTvI8dKU5VREfbo6qf +m1T15hTIWtY/L8hoSd3iyWWkS5N44H0Y4lFG+JTafoV6bwcCGHhVpeZBVSoNmj8s +IJ5xVokCHAQSAQgABgUCWWMlagAKCRAyfirUINN1OOtFD/4jW0ZMGigpruCnvY0n +r47rA12X6dJ6+KIBE+XBQxuaQRjM5u44geksDwrqZ0nXrNvsa4SVwAhKVOrgMJVd +zvUa1m2yeNCFHOTjln6QGjZ5f3a6aj6n/X5tlPptdklUr9ucEwXVd5fFMpWAiwaq +Zt38I2u0Pi+/qHDt0kLyRSukmRPzRuS/kO1ugGO4aoO+sanVDl2Pq6LIwubL1Unk +2HUerg8VCAyQrxYtZtHccoyhmBTlAb+EmZnUVbQZ3Uy3eA89OuNTBhJWCk8vqROF +m257MiH6gvG/V8CTrJfzlpE+s9E6kxXhXpQWZUwtwWObq7vrJVkJhRwBsO9N2erx +e+biBauFErYQPw3bg6xL1BJLxDWnKUlMWs5o+h7lyjp+1B/gbnnlrUIlpW8IKVZR +HwRUPGRN07SbbEO1lDk5uJDMk+r2KrOUNVYCEp794P014xodkLvB8X7ml6tcABE4 +V9d4uVDX3SsktOLMvtWgnL6xWMoBYiVOXi3Rsm8vESBOb8JFQL/ItciUyAioM4Zj +q5eqotVq90HMBO9kqcjCYsYEs6RACRmyE+TNmzGoucIPTwPEi5Ib4gj+LG6iPOBp +rk5DSjD7F0/wnQPoq8PYHIufb4+PgOXKf/ROQXDRLeD6eZBtPcDUJOgW19m7QcXZ +8fvo6B91COe9jTF/H/i3A7NjR7kCDQRPeyUHARAAqWwarw5fCeuYxIT4zlnM3A1Q +flnxuxgRwe0+kcUjRSGocpg6s8e982Q+p+DZ2aIDwz6KWHUSeeruQHxdGw2ZYHm5 +fPlRIDxxqGsu+Bn+pNAfnKRJKeT2lkBxxKlyDaLVYNvYU7H9btLG/so4HHPvVh8N +zLaQobIJPEXOTfF769RSXC/scp0r1AnCyMH4Lyx2DzwWBiEab8+HpP84B72hn7Q3 +58jMKzG4IvJGna0m+z0IHHlnky+wkDdQfPEzyRairf0MTHV2j8vgq9z+F1cuVd/0 +BFRVIs67QgqiYMRzAHgj+UMcGBFpgNs8VMxgP7f0FAxW3HCrdgXaXSgRbRy5YhPs +p/RR8PfCWso4QCccXgpK6TBA/TdmhhyNauOLG5niykPBLiGwmpn6u36i14JBMvI4 +Ir79ifWH13o44xKGxi5LLCZcWqvSXkIBRFZen9IydD4JGD3ddUcU3FS8uEQeNe3M +XPSx3KCnQLXIAU3GVzz2Di/njPUu607xU52vSHReG25yRTYxwzIW//V6JscQbHpK +U1FxJtgxqE6Ttlv48FnGWC1a3YYpJJBfG/PBHVpPeH1E3BQPdCPgodGG0vFxjP1i +JJazBmtCaQODkFuaDISg54KgHFe4MUWLespQT1YfePwCDM/vsJn6gcRExT/BzIE1 +RAKSwS48K7vQf+JUUrcAEQEAAYkCHwQYAQIACQUCT3slBwIbDAAKCRBjqK1LmCxD +c3oLEAC+jboRrs0H9hhC3DuSfPwVtshfbMR1gy68ND57avA9+ZIBn2SwedrTdwyO +DcC9LxPd9W1wu6L4uJBz0rGs7/lj1HJGHye6rJFlQ9cg7R7AA3bsLnSaQH5X2eFS +LzCaiexVMORcvXp58PyHaR+ywvrm5+l0+iofaCr1ZqfgUBDrHYrI1cPOPE4YpPoE +tPFrwIyvZvoO/vhRcCstPOYl7rqmab4veHlNUD788c80Wc+jOIEGs/qQqv+cn+iP +h7vBvuZ6tn6BTfhuxUZMeyiZid0gBLBtzNt1fTCljjePWW4U3ucVvtWrf0yiqDRs +zSGLNO4wKUdvxOCee8jFo87AKoO+4Uw0YldI4R5dAycN0RxYt8/kqyvuonupq6vF +hD4+tqvanTPHRbPsuV91E8dJ8ZcuxozscYYvjbfNzwBtsFRaapoVS7sj567r8c8q +1RXPA78eOg4igs7eDzyv2Po51SEOya9iZtmQqc2WU+UDSbg6eOpih5TQZL0st6t/ +qTOnDPLykrghXffncN3V/xqbS3mzKzzry1Q5eAZvYUphu6y6ScvFPDbPKWEktc2s +RzPCqjGj7kv2ZcdUkSI/xGn3n5x3eXyJZrB/QtjuX29fEhY5g9eBQi3FUxu28Id2 +X2xqPbDiUkoT8aaT1tjqE48HwDZo9XEoP1Ra9XeBwBHPN4xYLrkCDQRaJtJKARAA +yFAHZDfb0VKjM+TtXp1gE76MMEyvWMda80wJH/YOTBd8MAoreFpJZKqvnX/C5r2y +QVF7NC9z0+GC84gmLWOzFF/E2gzzZrY6lgl2PXoUblFVD8CmiOLLA2+nVg8luarg +N9dK5QDqr456mGwUuvHZw9ifINBojqaupMF5wRPhx1BNkrScopQ+PdTZsj3rNMEh +grwqvsYwpebxHV5XxuS3AdMfIOMjuE3kSNlWJiplgNDeO3a8LUCPpekXDkrtK/p/ +SX3XPKN9y7ouWx+jzG1GECWW5vwQG47qWMnm5aoOCOpM6QNdwgBSSFQKDzO3B5HX +nOAlBD86fRcNwcu3KLvO5B3E1opgqQPehE5Opx75hs03eqc/htXSprQkuVM6sT/T +/OaJ/tDXNg6J1yYyAZ4XoamkZCSTFjiBIp63yQPyHgBlcaWkW7h72y57UQ0NGaBZ +qpLMha50xFnfPT+z0QY02JbrSfAnU0GjJJ5ASafAzMAded5Ez2lEZDVLf8Iq22r/ +R5YQfdj9N33GLgM29Ndy+Am5RTChyVY/Y8I+DfMT4RDWr8q3ahitPw1x6Yz0Q7xu +03Mn9jXBIMsUAU2KQfBiNMzzqNah4aFIzd8P0cmN+qgHjWAMq80hWWFBq+F7p1/j +4CgKj+YaiwtgA8Vocd2Saqd5PRjQGdNEhL3Itw7wIFUAEQEAAYkEbAQYAQgAIBYh +BOhTwYSLAYXPQoZN82OorUuYLENzBQJaJtJKAhsCAkAJEGOorUuYLENzwXQgBBkB +CAAdFiEE1qW2HJpVNBaCkttnviIJHj72InUFAlom0koACgkQviIJHj72InUPYA// +VUwLwo6bM9jKIVj7XEe7au+yIHR/zQYfWNfANIz8gq+wfVrEIPSExXmxKLnZ6kKi +/ftzNKVHcylCOjTErfbAkH3boCBvMlhk7jyq6UNRdSE9Yn1vGLIhzEj/coSyljVE +yha/wB9gD+pKZrVxJ1PggyhIYnM+HdHKtSl4U/lBPTagZrlO5JA+InDL9v275FU6 +LVJKrMcwl0rNl6EZrKzrk92MLxe1/iKl1hEGvqYjJQhI4H4UGRjYy20XM0NQF0Os +56nKNK1AtnW9RedgoiJJEdejddNb9bx+HvajbrN4NtBwAvLBAxmqfC2tmW7ModnE +XTvCEqZe/D2lQddfqFskO+YZUzGcH8XqCs82L9X4G/vmwo50iaCckFSnUnPvbzxI +9s1DCuoUpXZkPd/Q8WaiUWMLP85z5RST6zB+exPelXosKVNOGw4fxaUoljFkud5f +vke5XHgKZP6q/oaUVC6LGNwfQu2xttKMDHsnYtE1W18j7YN8xwiLwonF7r0wAoaq +rEPIM9JZ4WuzQwebIPr/qb4ZOi+BRPmM5ltHoZUp6VbTnhuZvLTNB69adGJ4A1V4 +WgWyfByUmeoohHNCIah3WnVvweFILDic545BKJ9o5/fNycWFjIHIMw62Xf8Coagu +n/rW7cGT2H4E/hU9HdFRbNyCCObEkzQysvONpJdJ52PO5BAAir2DfkUamdoHx38S +O58QPVNVI6S80r+on50PhfN/lG+dumuh8yfN8TLLyMnVWpzdBlBTcgNC39SfZnLB +fQ5ugoYAif+DJ/B2SmfEnSMmjFEG4ymU2l80HD6h7ScW6jM72J0WjMoz5JagTTnX ++O8YenUWoQ8ucAAZ5JtYHQtGUCycyNzm7r5Iod4UZEpiDtTSw7tkptUhPhmZGexA +sNqQfBsCB9whqSH1aGPQ67mvvwKz4NwzdcB21nTh3zWNXlOy95Hz8Kfjvdzp288h ++cDY/i4KVMJoIO/6NcbZ/1oUi4mFgI75N1izuqMCxdaeAlR5tEWIdt9K5gPD3b96 +ot0oPUeh9/gydblg60OmnoSx0IO4g15G1S2eJ3Da8g97Nf7F2bJxcir0Vv4a8qsg +Owq7RU7wc5tW+Itr9ETXV2wQdiWtquPiarNLYyG+ZTv0FrOD2sMMHhZWznTafe4l +p/pKh3/6R7Vzd9/sBQ+jHaemMf9tWaRkmw6rkSpy+UfebYVlQdIVZL/JNHWs+4mg +cEwdVzg4+VO5KpPeqYova9u8PWXcPjMdmzWlpEt11heJp7Hio9T/Rik/rVdTTvQy +YUZgTxnjdNsw8e7/otgGnD2nlWPdVnCfZ502XgsbH7TmEgAHMzbcjsmhDji4+hNu +iGZhcX8NQYnqHYth2nzUBUKVIVa5Ag0EWibZHQEQAL2TUrLoAh72w8/GuCytdF7R +3Jhyge5/N5TeMWyyXf5LhxG69gLN1l9F92N8drif4LFNo53vGR5/AmAalpH0olu7 +x2oebrUYiJLllswJFTwUBbqiFV4OoTAWs8DNmO07jU5Ol5cKs+7kfkBOD+QOdpvO +UPYfwlYCqvQNhFGEW0lSKFdR7L3MrTfBKNSLkTX5gdQL986ltL6aw033jkJ5A0E3 +guNqn1DXzcWSHRabhDwLQ5LVY3xrRe2pIAtEIYBn4RXpSuZBU/08ILj8nSGgpA+/ +Zt+kECytQYA7cWezDvzTiLZNjs7ckDyAYNhfp/A5UkxRd0PsVfsszY+kRKoB0+uO +qY+odPxw9+rbsZiCoe/c3iE/1GO33DGYdgVslPRgIfDZkyIA79Vy+82aIavn3RkW +JARvUwk3Wv6HlQMTUK0XqdOJ6KtJeL2gyKUeWjY1jmcAi2/9P08qThf6RofdSiJw +zGuRPfi0AIbDGLhUhFhYv5mq7ET5vBeoC9sYnSnddvJERREJo73on/bD3nUS9kSu +kVFC7jPMKWagyI1vCRDxB16xJqqMyKuUfIUjxP0Fmtds9rN1U1TB/JEsWKXWr+SB +eNd4kOiN7vdSLIaGqGVU6URu6cbMLAQHOu1B09MN4VCvjvr/il7S/i6B01iQv+Bj +wjOh2fjt3VcfrwC5FKvPABEBAAGJAjYEGAEKACAWIQToU8GEiwGFz0KGTfNjqK1L +mCxDcwUCWibZHQIbIAAKCRBjqK1LmCxDc9BID/wJkZPFANsPaguQZvq3IQIizkDV +Gx/An1qPRH8e4Q7f2SLzIzzx/CLwXkB/M1yZjCnSvHJgMNgzSK05tK8D1YEHxgVn +Y8pPVgevBPNZud76ymZBgNF0W37QrHQku+C/tJi9DWM10JrOLEfVIAz075OfmgXJ +tUeNFq9axBgenUK9djmQ4c4QMeHPfukbAW/JXIV1JhLk9ZPT7RdT+DpSrYd4UK6u +FQa4NcnpYDoim+a7S9uLwanJ6JYJGgbvqypsF9Dt13SgMxQeK17BYaos/UqKiR72 +G7mn0JuSNjAZmMlZkRXpYfE6YgJ8VwFE94gnI7wp9r+9UF9BmP1+GqzewdJ8AYh0 +ogHe1fSoqExF279CgzXhhDXIrzQlNRQ5ysosO3pAmKcXVRD85xhCoYEJdpGTU4oY +W66KPXpC52dfnr5phs0+W1/twuzU7tqh1BxHGYxKDFIT/ZyS2E9gGxc9a4MxhkJv +d7okxax2cIjuI+mg8UAmYh3tJYl5tdnGe2hfpjBntPHnz9AwsSrEx8QTFBMAWDz+ +jC/EIbXYpqFqsuvgakvHRpTf1AQl6cbUuoYvCJCH1XGx6PD4yR5tkkTrOGztcGl6 +et3lz04U61v8ajHBqX/pRfPtrraNnvAM2knD3E58Lf95f/nr7p0tV59EWP8s4i72 +t4zhuhOJjZ2YaPVALQ== +=UVQc +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFMyh7gBEADHbVdNWxivgqISiinIAE7gOl9vFemvnqfzn7hdfw2y02hUzojd +0HzEJsyqxGBYHpdNYoiLbCYNubMDA/Xd0Att2D7fIAuNFo3gnKEm27xLSzjC02bk +h2Pxp9d92dxPXsk+zDvY74Vwem74Yon824ESurH4gTK/HsiX2Y+7+5z3Ep07xC7p +IA0RzD3zlKhfT9dpS0QR2LP1utFcT40eEjSZY8QK3iKapNtyvIrpKpkWx0tZTWwX ++F8IoL9MzJBi5L/pS8fyUOkyBVIwdRXLNuX+sle+llH7i+6DWsWHEphiZ3ObiXDm +iXKBu/I0useEE4K7TmOLqqeEZl+CTU6YWJLPpD38pq+p64TlAcT7rZSmRUr7zY0a +X1gsXqm7e95Txm6UYy3Xth1jmZ0PuHjCBIvy8foxZVKGsR34ntAYcZzZhDca+J2S +WyL/YcQbSFhad1N1ZpCXj4eYGQIg57b1OLrabopdSQ73s8uGdS12aNQKcehkAvKs +Pab45Qxk7PWGNXuvHGYFCvedl8Gh/MUy3UqlXE58GBob9ldB+7eaO5VgR0GydSFO +cbRDDpXBdWbsq4u0BDT3uB4FZTqYC3i83NFdCSppxG6aXDl4Hux+Fq7FcjFV7scw +e/ndpnLMzj0oSyOmq6GZfvbZKRbyPztYxrEIoDw1mgvJQhm2AnfnhoOWVwARAQAB +tCJKYXNvbiBaYW1hbiA8amFzb256YW1hbkBnbWFpbC5jb20+iQJXBBMBCABBAhsD +Ah4BAheABQsJCAcDBRUKCQgLBRYCAwEAAhkBFiEEYxkc6UGDCYaJyrjbfvE37JNb +Dq8FAl1mIt8FCQw1xCcACgkQfvE37JNbDq8mKA/7BnUyy3K0nEboJfXKP7mbI7vH +hnDYP9ojwi6Lv7BJLOGNVmHDrZa9HA8uzH7AZIIf1XLOWd+bABqHETETElckXK+x +gtE9GUQO0DQRVH2gCyJUaLtYgK/VD2GRXLlFRUA81XLmU0pNZVIRL6u5P1RbHjdd +G01NgzH2sDKtmAtIashj25YD5m2RukTDfGYDMujjxR2bBRp8QnNiDHp93pYmF6oR +iElJKrUOhBS7Mw2Cuy7GhcvPmFsUY7o/Kq+4bu9DzZOMrPTmVQMF//PV5JChWCou +Aqv1Qybrt5I4/OzOVX+9bID7xowueMbTlak/1yqmgGNmFA5jN5XDuwZxoOX7F/m2 +ITJPRADEvZZLNF0kdj4zcLvk+/C8ofwcPcltO9SmDYwi3aKuMifVHqQnaG+Tu4qI +okSA+Vngamvy0BFBLjjZ1DZhRBS4GELzprzQ4brBqmdFnwtGnc3GOHK5Q8teZeRW +SbCh1u7CNBNXIdnTX5VlGonxjAO27ISDP7oaQyiJetnMy2W2qEG1DIDnLJtlPwDR ++UFO5kBHdJSnuTnCl20XUADeH0tx4jHAAYcIyx0tvJCuOWylMG8yVadxS73IA6a9 +GA+fOku9XBh4eP5vIoMRfuVwDDu2y2n5J68OCfshs3JllGImrWUzR8hpZmjXmpAZ +VjN4Ft83ZEvUEntlI620NUphc29uIFphbWFuIChHZW50b28gRGV2ZWxvcGVyKSA8 +cGVyZmluaW9uQGdlbnRvby5vcmc+iQJUBBMBCAA+AhsDBQsJCAcDBRUKCQgLBRYD +AgEAAh4BAheAFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIucFCQw1xCcACgkQ +fvE37JNbDq8dtA//cUEBx8rIvXyO14TcUu5o3Cc2DRhFxLwVIPOnw6cfZYhRrIKr +2wegsllvV4vJ+KJoIBvlw83VAunHt07N2+hF72LM6qPWkX055gY5PkFSGPBpybZk +oevE9rI+8p7aOqu0Qns4O3juDMava+nSnHjmZCJO7wnjrkGC57eBwI7Z3H32EFIU +b+IvOivBFA6iSeXkmEg1ub3iaA2vXdKOGDfoxrEjSJWt04q8VDUmtscKRkRrc1AX +XToVzcSd4w8C6j4tlOk8DbCLfyf8M3cDeETzyD6ICYWkSN1OxYFopNvsty2L9xQ2 +oTCp/1CjJTO2mxOY7K75vLr8MNYnVrYPzCruazt0YetOY74raTMFhnA6mQapcM+c +L0DKylIOHra/jSj7WQCy/xujMWZKDg8LfcfTuknSFPXVL6s95TYwBayRkVhFs73c +Z5Tpk4dAxSLZI040uExlFmzqwaMRoAhLJShhe/QRGu5rBnjtaKRYl08Hnb2gLc+0 +LH1gsGIvrsB89coa4y5Grues0mw9Bbk5tjGJHWlSgGG6NPds/L2RWCsXgkb4qn6p +Prsq6dyA8qp7O4LiZkzvKpFxmpO3ggIeIh17N21piUs9awnFySLR68gv0E6OnLdL +s2fpRYclaw2DxS4WHloWfW2MoV/b4K+GzovlVGAi19gwzBVk1uHneB504eW0IUph +c29uIFphbWFuIDxqYXNvbkBwZXJmaW5pb24uY29tPokCVAQTAQgAPgIbAwIeAQIX +gAULCQgHAwUVCgkICwUWAgMBABYhBGMZHOlBgwmGicq4237xN+yTWw6vBQJdZiLm +BQkMNcQnAAoJEH7xN+yTWw6vzScQAMABgqR/v0b/Cj/qhUGhW5ReUoqDGkPTWqT/ +ZJHoEtG21v8zmFaGJSw0hGzR8LBKPUcBIgcoe4ahPoNkD8ThvY/FgNV/VbjPmbwM +QqCEy8J3ZR3Tgrv03SGhW4BbWPkLwKEsXQc6hhvJxUMo35ORwUX549DrKb4/jSZs +6El3ONkeyeShnrc8dtKZeL+w4p01WbZ13Z4cwhM9bEsyMDVSv64y8QQZXeK8V0lK +jMbLNywf39AjjHKAo4o09hL75/BC8XW9Eqi5IKGRD8uWdvBB7o+xaAVY5WBMLQqL +GEaXvcc4r7tod17At0E59OfBQyJpp5vfEZXPzmkjC97iIXfUzhdqfuuEBfkfoZc9 +aqBo0chedltXatlwHbr1BZ2zP/LtIPH0+G8/t/iP/KoKWMUXzqPOQmK9XP9ryDvN +HCMogbDMAOYzbGAvY9+eDwW1Oc++eMRrRmbPxY5jRShYMYxzAG3iYEUST62Pxxu4 +tNzYdKc1t0JZHx1S+9jVTpplGuUnRbcLbrwaoqVxmikCdSHbZ3Q75NizFr4zC2n8 +VXj7WNHiCVh4E2hD/aXINbyFHfaukojVVSe2NjSHaCQx64CJbFKeaks25f4+m9GR +ZPTceAlYub9A6lcVlyugdAI0flQCnjz3gOye9CoIWjloOzfH7RXpKol7BrnBISme +L9kh6fIduQINBFzabgEBEADm+3+ZRXtW1Y7KB0QO3iG6tXG0acc95bh2rO6djhP8 +xV4vV6a6hI691SQorLxKCjpZSzshczJlmMZ3SRuMh7VSefc7w59ElBLoWDhuEKs5 +c3gtxAmzxICWNo/IJnnb5h1s3hG8kmPzKdaskdbAttQq4YGk2GAYS9LvmKLPwAu/ +iSaGfAr7RJPSQxvW2i2y1OdhF4ibuVJT1TGa8z1IsU8rf5Ybx1AdkjPnazoE16+j +rs763tnSzT3kpJeymMppkHMJIkO7u7D4bDR+qi10EsfF0inzmhimH5k/ng87+qi6 +UwryvUorJPSbjRLq/n07y2LDwkdOrW3XsLyU7RAfgZ4FUfvpUqkLZqB+GmgVccsy +2bC/T7JMSPZsIlk/KysIl3kK2wg7oNRKJqtMTPhpzEiIGaEjJNa1S7c8jswSL97y +/S/ok8iYaluHTSTHMJrdzriSP0irWzC8MJJNcUZgsP2NGWfjc9l0VlMqOdyW1mtf +PXY+uONeAlM8x5KwMJ/r4nsixodozkI7BOx16F59fjMfc9ywZH3o/rNOoG/+P9rS +ABO6p/zg0e8uNyAE2KobjAfvWxYLoaT6ngYbXGgC4E6DKjnxI3n0EEMjdfALzcmK ++SNiYtxtUQ4g3rFcOxt8U43ObZO85yuTI8TCQT+03/vLzzMOTTAfwn3Slu8ORsVq +tQARAQABiQI8BBgBCAAmAhsgFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIxUF +CQKN3hQACgkQfvE37JNbDq/P6BAAlt4eEQcxin9m5eayHEvnSgjYk99FT1asgfqD +z8d6qVBTKsFxNXvm19Ps294bD2oO02hzScyVlY28dKH38MkGOmslxkMB7yO/6vAh +/d1IixZNz+dQeWtb7XmNySj4/AVH8ODRK2gs0rVrcAH5gsjWlgBFzywmdODFE5iQ +VH8OJ6msT00gvkkvKaKU2K0q7A3DOGTy9Lzk8A3co39JzzR8E44kgJzLC1JASuoL +1LaIe5Fg8VMkDpr5Uchzi2NnaXtuaNNerappRf9Jrga54vQDdAmW02NCcea4Oj4O +zKpC0bOU6N50HsmeQjKEk0sgJrIKdg65k8rlrF2uQl0wBsy9EyWgJgL0rPYOceD6 +d6yEfy9i3G8fPvzCIoBUntZHGGpHDx8ZpYjP2qhg6Vj/ultHfQBk+A7D4V+NU2qy +4+RSTMyIJjUAAgX4WWlxipuy1mRnfJGf/ZuLBAOVST2Igtk4E6cKNagCv3vJEfJi +aak8TQhi/Z9hFsHpN+RhEldqaPOd4yym2iKnoYX98wJsryrsZc2tHIwGQXi+lkNe +cLJYokWXbKnLdlfwkWrziTFAAekIBdQ2HrhXFq9EdfIWgv4PHA+goPXDjIzyhFD2 +5D5NX3YxUGfMWzWyxfg36hJAjbyv/wcdPDJVaYGxSK2Dap4KZOGA+L0lE0mLZN+T +28FSbHO5Ag0EVCGdywEQAMzu5hN79Cwleh7TvQueT6WjsajCVZ8wm4JfZ+D/uCmu +V3z9TKIzJ9TyZ1qAhCGetXUvocq6ZCq18Zii/qBDmfN3e7RvcNrcRNuR51frgPIt +HGHFnjsW2vaVnIARJyHOtKYW5u7m2tUa9JMHFpzRqwNiu2nFw/LZhfO+DeAjAMd5 +1mdJSCuWww7l+xZWQPha1pyxS6BQCB8qC4BOTdW2EkBSIUAaucHX3iaiGQINXuFG +OUVcsPhtcsmmDzqD8JuxuGfzit8LZ4qauh+CeKsACt0fRWjGsSO+veihOaSUxv6N +6jwvOO1oCZzA5lI2zN4QQQs9JPmSt+W+ePBUeCFOCT5lELu4+P4WWc9el6LhHj/O +fsMongI6jvpGWnirzmw9joLKWMaam8MT2S1c9nmYtNramI1lzeJWYU3VFgJpc5DZ +klb6IROb0oEgmbUSIZwap/MB/G9N216mr3V15AKEnt4vqu6ol0CKB3jrMafGCDrH +UIoOd8FCwK1VBRWsnjKLXa+mgGCaWSPau6hcvOuV2/Zq6s77iaQQ82+0qkdno6l9 +nhdmZsLxnZuGOUfwtn1PFdjQ4/3/mgL0KxloqSwdMHpgancOMT+tJnebOCGg/iFC +yXSSNm8zek/lREGevH+3AUIKTY3JhfdvG7qo3zW7u+C0QlFnrj/pUSFs6JMW3hMB +ABEBAAGJBFsEGAEIACYCGwIWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCXWYjCQUJ +C0auPgIpwV0gBBkBAgAGBQJUIZ3LAAoJECu+2csaaO9VpE8P/2FSNpVsqHNxejzF +JYRjpbsOOhIUj/wovCTz9q7nvbGxd2Tq4Cs91aXPmjhZhO/9q+RySCDFKsmmxx54 +nyC6nZaxN4XAvxi5CVNKYdSq+WfuVuex2czF4l9irFYZsrAxxBdQeE47zJNKDEKL +kMnonGBxeJ3NBJWB7HOSsiz4LARfYLohOAqAd500ek8tAHpDLopsD6YQxZv+zgD2 +SzqaQYLtL996OE47+WnZpFVdmnj7JFCfJbDi7w+dhlf/+HPf+r78TQPpl1btlfeE +kSyQr50XRLw6ctJGA62Co7eHVIMDvsidTUo2yMdUQjd9huepSoIq0spPF5yX79xK +6KdnjpkPvmgN3XqJUQVd+JlIEGisMmn01Bz5OeJl0OkWO5aIIJ93pisU7sJJhMw7 +YsZCovzguqFXNnI/nus9SNRtrvMTItiDkOocrPfEff8IpJ/956iZPH3bIaez53gi +XSEvaZXbVhyVYlbVW2Wgwkm/64K4G5+9cUguTomIGcDovXuEHSg0n3QnZ2FFjfsv +VwQ38G3abEErF7APDx36WUJ3GbA2FFr0xqmHN1YQpObIcepWwkXQUCC7CHLQWRcl +CnYvSgtX/pFJ3qt+rrL0vMhosBGGIUJORadPjABPugG5Nf/WV64pBZHOq9A5dZKM +OJg2vpgqVi3YlNHG66oE1oSupFVzCRB+8Tfsk1sOr/zyD/9rLFX27Blv1D8DjqV6 +P9IzWR/YDC4AhYG+fdllq4+N/XO2gG8bYHlbh+rd5KHrCn/t3OYg1xOAqdO8lCqP +1jhkjbOdw2aIsL8pdh7/zZEwPXFCJREWWa30a4IqfvQG2f+kiPBYOtMFy5dmZj6j +N4mD75jbU6Nfhlb2UX7L0T0wLUtOOQhrlqBfXNKASbDAOn5zrvtz0tjRMcE7xPsF +o9/3x+/xElkLkJnUzF1LH/n6T24ZseBqB6WNCPi9nqWbx1AGTK9jeWDjQJ1/Nvj+ +YX6PPOfwpZquKvLi6ZiS5nR1wssz9iv93iL78o90Hd/z0wM9Dimi5njwEyl3Eocf +ZbpATMt8zWVDNxmrkYT33PRYy9V7G/O8aJnTkuSTOglo7akHMlJEhYfDLrmZtQnM +X2H5A/vO1JkJntC6kG7mIKn2q2U8CSYwfMqdscYDEHXaKTSPj225S6Xskw9nSuj8 +HcboihKRosViuoX5NLF2Wu/hXryd0grv0WgHjpuqClQbMlmsd1mcVThzh84KLSlu +QgkabK3rbvDviEOOQ7fxfTj1MR3FzfYovY4TVrO8fjTAk5Rj4f/nlcgiiaCpQlFl +wTwcxDBL1s6MXv7aoAzyqpTBQ6vSFXWK5Ur+7roEkTAUEj8akgmxC9JzJqComHrw +vebSMV7XavdmfCvUXszFeQ/jNbkCDQRTMoe4ARAAz6Zr1rgM2fwNSuaOM9jmYRkU +GM6km1DIDLl/PiFJ/54jGn46pX5nQE+oiZ7Dr4hFIfxn8eEwlQVFGo0lzcNn5JP1 +RGJFdAfLamTmaKrXl1cWayOtTvouuKfFEXH+BC/pPyy87tNiCki0NkzN59j8Plcc +ZZ0LRZWsyhLSQcBQh5xkei9Zvaen+nPTLSg6eIF1hFLoSa8lPZqBX8D2OMJxutKV +umhlO1DPzRX/mIpo0LwiYYu8/CX3ptaBMrrlnk7rZHIVk0vDjB0eVg2DEt+vEU3k +5FQkV/1RYgSlBA0kP8tgKBrve1I4KUorJLAZmX5i0BRrzAqpL1DWdhR+9IpYRKae +a6PYjBMghkWRw7st0XVB7x/boZE6eKswaxywGoc0kw3luR1RpF3Gg95N+2hfHixQ +1OhoPeqzQ+3AHlkr/vbhjtakkiPqLfuk+Ux9B6MISIeuWF/EKtyurWyDMTryKOgg +tj7YuTMtaDV7r8gLbOlMPpGGjBiBh566GR1SKDAUNGlGzp1dKOhWXVqaMwFt9Mja +y8ESH6hEJreQx2Q6R6XgXzWysQqM0RBMXh8p8yEV6mr3Ma8lNJM45tmOTfrazlrm +9PM1kzV646J72mxXr6qr4Q1cvr+xJQdvbXOocdYMmW/R+f1tPcvnlRkMyB7wzEtS +OGi9G6ErhhvNUSoZtlUAEQEAAYkCPAQYAQgAJgIbDBYhBGMZHOlBgwmGicq4237x +N+yTWw6vBQJdZiL4BQkMNcRAAAoJEH7xN+yTWw6vfCkQAIxkDpI+rVDrstPN+uoe +pfnaOlYCBVrzITIG+HYAeGj1nuZHMeg2AztVoeJ9FWq9z2xVuo4GIFyfFggZMEVS +Dyjgjojq0d8jEmOaUKFNnPMAAErGJEVHmQSAbp67lkwtcHZkkWgXKQ9FLx6z17U0 +66H4svf/RTNiAxqgFu5UdLgfxULbnvoqI6+rWYggVWdlbm2dmoUwLRJsQrI6GMBS +jL6nWwu8tAQBk9Vzo1nj0l5M5i0R/PhbcsnUynlWxBVCGNxnMYydNbjpzNC2qnSy +ibyx0exiJM5HjYlDy82yr4LI9iN28wKmSxTOvCHN+QaQZ5adlDquhGwFm8TRRsm1 +FDsVcmrjPTcGUsKfIAOyeiSHZO2tMU/CTvEYRNw09geVeOvIwNSXS8oblC1b3P1j +UP67CKVAYBnBFx7bMujlGyNJY8jGNEEBrDqxfYEAIEhyKNd0tWc86B1tqz/ArRvc +XfPof/cQcFVHpfpJ/NS+b4KrRvJHzV884N709JmrFZVVAR/2I/GmZ0wdCmBoZtH8 ++IpwyMey0HIfa5dOtZw6jAAB5mkCBEs/P7VPrwzTpXcPBKFfj1R/iqpT7YvNk8Gh +l4xDVhZI8IpQ7j1RtJoULvAwmH0z/M5kS2N0ADxEo3mPgm1CaFudP4JijV3HX7Rx +IuOUseqwzF197kqA16in1P25 +=f80i +-----END PGP PUBLIC KEY BLOCK----- diff --git a/libsepol.spec b/libsepol.spec new file mode 100644 index 0000000..4a3874e --- /dev/null +++ b/libsepol.spec @@ -0,0 +1,131 @@ +# +# spec file for package libsepol +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define libname libsepol2 + +Name: libsepol +Version: 3.5 +Release: 0 +Summary: SELinux binary policy manipulation library +License: LGPL-2.1-or-later +Group: Development/Libraries/C and C++ +URL: https://github.com/SELinuxProject/selinux/wiki/Releases +Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz +Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz.asc +Source2: libsepol.keyring +Source3: baselibs.conf +BuildRequires: flex +BuildRequires: pkgconfig +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%description +libsepol provides an API for the manipulation of SELinux binary +policies. It is used by checkpolicy (the policy compiler) and similar +tools, as well as by programs like load_policy that need to perform +specific transformations on binary policies such as customizing +policy boolean settings. + +%package utils +Summary: SELinux binary policy manipulation tools +Group: System/Base + +%description utils +libsepol provides an API for the manipulation of SELinux binary +policies. It is used by checkpolicy (the policy compiler) and similar +tools, as well as by programs like load_policy that need to perform +specific transformations on binary policies such as customizing +policy boolean settings. + +%package -n %{libname} +Summary: SELinux binary policy manipulation library +Group: System/Libraries + +%description -n %{libname} +libsepol provides an API for the manipulation of SELinux binary +policies. It is used by checkpolicy (the policy compiler) and similar +tools, as well as by programs like load_policy that need to perform +specific transformations on binary policies such as customizing +policy boolean settings. + +(Security-enhanced Linux is a feature of the kernel and some +utilities that implement mandatory access control policies, such as +Type Enforcement, Role-based Access Control and Multi-Level +Security.) + +%package devel +Summary: Development files for SELinux's binary policy manipulation library +Group: Development/Libraries/C and C++ +Requires: %{libname} = %{version} +Requires: glibc-devel + +%description devel +The libsepol-devel package contains the libraries and header files +needed for developing applications that manipulate binary SELinux +policies. + +%package devel-static +Summary: Static archives for SELinux's binary policy manipulation library +Group: Development/Libraries/C and C++ +Requires: libsepol-devel = %{version} + +%description devel-static +The libsepol-devel-static package contains the static libraries +needed for developing applications that manipulate binary SELinux +policies. + +%prep +%setup -q + +%build +%define _lto_cflags %{nil} +export CFLAGS="%{optflags} -fcommon" +make %{?_smp_mflags} + +%install +%make_install LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig + +%files utils +%defattr(-,root,root) +%{_bindir}/chkcon +%{_bindir}/sepol_check_access +%{_bindir}/sepol_compute_av +%{_bindir}/sepol_compute_member +%{_bindir}/sepol_compute_relabel +%{_bindir}/sepol_validate_transition +%{_mandir}/man8/*.8%{ext_man} +%{_mandir}/ru/man8/*.8%{ext_man} + +%files -n %{libname} +%defattr(-,root,root) +%{_libdir}/libsepol.so.* + +%files devel +%defattr(-,root,root) +%{_libdir}/libsepol.so +%{_mandir}/man3/*.3%{ext_man} +%{_includedir}/sepol/ +%{_libdir}/pkgconfig/libsepol.pc + +%files devel-static +%defattr(-,root,root) +%{_libdir}/libsepol.a + +%changelog