SLFO-pool/libsepol
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main libsepol revision 658ebdc1dadc9aa1926b295480ff7c68

Browse Source
This commit is contained in:
Adrian Schröter 2024-05-03 15:50:25 +02:00
commit 76277ac06a
7 changed files with 884 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

1
baselibs.conf Normal file
View File

@ -0,0 +1 @@
libsepol2

BIN
libsepol-3.5.tar.gz (Stored with Git LFS) Normal file
View File

Binary file not shown.

19
libsepol-3.5.tar.gz.asc Normal file
View File

@ -0,0 +1,19 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQKTBAABCgB9FiEE4WLerRzN0RPwSz1JK77Zyxpo71UFAmP3a19fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEUx
NjJERUFEMUNDREQxMTNGMDRCM0Q0OTJCQkVEOUNCMUE2OEVGNTUACgkQK77Zyxpo
71VUvA//eFowP2yTpqvNzE96VsmNjELos6u/CApUy0KV6UpzEXxuPvslKfp5vK4w
eO41lcm604YZ+k8XA4Z65LlM0v7F0i4JSOfz44FQI2u+6f0PY/Wd7ymACCYKaPUu
NZj3lifJTa9UyfTqVq583oPU7uh5j5Pd/9xbmGgEmtCJ6dTO16dpWgtY+z11pmcm
M4pLQLDYAjrP2X0e9TniynxwTV8Gra+2tB4O3qT4WLBoaOsSuz95b/ts7mdIIE69
VaQmP9p2HQTf4TkFzzW/EJGAtHvd61bCHRu62mIJ65sxE23lGvqAjDDo1dRsKY5F
ADf8E2WKatGRgqDhiyaROzpU5nlerKM84UiJbwcpO86VM+ohtPrk8Tl5VkTZELGS
xeueKqP3Qnko0kqSkswnFynx5m3Y5Sh+tHr80zJ9b4/YwBMH3OD9YEVUpX55aYaT
wU+UDlyUxtpDVe3F0SPeZfc0UGiKwOsn77B0tlE8PdL9izdyyFaaN0k1tRYoEldH
++Vm90Wsx+EvkDb/gS7CboJemz5A5FlNEd7Ym1qu86dwOT5OtZFhqpRSdgPkL/o0
1C94jpONeKgbi88Rzxj21QPuJvkoe0uBqWCXAlALkhX+elQTAGgm6H+gpvgyGraa
0eNvubtQnssite1AxnPukwu3TogRbNbSBjNiCLtm7MvHt83gVro=
=/yww
-----END PGP SIGNATURE-----

402
libsepol.changes Normal file
View File

@ -0,0 +1,402 @@
-------------------------------------------------------------------
Fri Feb 24 07:50:14 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
- Update to version 3.5
* Stricter policy validation
* do not write empty class definitions to allow simpler round-trip tests
* reject attributes in type av rules for kernel policies
- Added additional developer key (Jason Zaman)
-------------------------------------------------------------------
Mon May 9 10:27:53 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
- Update to version 3.4
* Add 'ioctl_skip_cloexec' policy capability
* Add sepol_av_perm_to_string
* Add policy utilities
* Support IPv4/IPv6 address embedding
* Hardened/added many validations
* Add support for file types in writing out policy.conf
* Allow optional file type in genfscon rules
-------------------------------------------------------------------
Thu Nov 11 13:28:14 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Update to version 3.3
* Dropped CVE-2021-36085.patch, CVE-2021-36086.patch, CVE-2021-36087.patch
are all included
* Lot of smaller fixes identified by fuzzing
-------------------------------------------------------------------
Wed Jul 21 13:16:54 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Fix heap-based buffer over-read in ebitmap_match_any (CVE-2021-36087, 1187928.
Added CVE-2021-36087.patch
-------------------------------------------------------------------
Mon Jul 5 11:31:07 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Fix use-after-free in __cil_verify_classperms (CVE-2021-36085, 1187965).
Added CVE-2021-36085.patch
- Fix use-after-free in cil_reset_classpermission (CVE-2021-36086, 1187964).
Added CVE-2021-36086.patch
-------------------------------------------------------------------
Tue Mar 9 09:11:42 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Update to version 3.2
* more space-efficient form of storing filename transitions in the binary
policy and reduced the size of the binary policy
* dropped old and deprecated symbols and functions. Version was bumped to
libsepol.so.2
-------------------------------------------------------------------
Thu Oct 29 10:40:16 UTC 2020 - Ludwig Nussel <lnussel@suse.de>
- install to /usr (boo#1029961)
-------------------------------------------------------------------
Tue Jul 14 08:39:58 UTC 2020 - Johannes Segitz <jsegitz@suse.com>
- Update to version 3.1
* Add support for new polcap genfs_seclabel_symlinks
* Initialize the multiple_decls field of the cil db
* Return error when identifier declared as both type and attribute
* Write CIL default MLS rules on separate lines
* Sort portcon rules consistently
* Remove leftovers of cil_mem_error_handler
* Drop remove_cil_mem_error_handler.patch, is included
-------------------------------------------------------------------
Mon Apr 27 19:35:18 UTC 2020 - Martin Liška <mliska@suse.cz>
- Enable -fcommon in order to fix boo#1160874.
-------------------------------------------------------------------
Tue Mar 3 12:17:04 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
- Update to version 3.0
* cil: Allow validatetrans rules to be resolved
* cil: Report disabling an optional block only at high verbose levels
* cil: do not dereference perm_value_to_cil when it has not been allocated
* cil: fix mlsconstrain segfault
* Further improve binary policy optimization
* Make an unknown permission an error in CIL
* Remove cil_mem_error_handler() function pointer
* Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping
* Add a function to optimize kernel policy
* Add ebitmap_for_each_set_bit macro
Dropped fnocommon.patch as it's included upstream
-------------------------------------------------------------------
Thu Jan 30 14:11:56 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
- Add fnocommon.patch to prevent build failures on gcc10 and
remove_cil_mem_error_handler.patch to prevent build failures due to
leftovers from the removal of cil_mem_error_handler (bsc#1160874)
-------------------------------------------------------------------
Thu Jun 20 10:25:00 UTC 2019 - Martin Liška <mliska@suse.cz>
- Disable LTO due to symbol versioning (boo#1138813).
-------------------------------------------------------------------
Wed Mar 20 15:12:34 UTC 2019 - jsegitz@suse.com
- Update to version 2.9
* Add two new Xen initial SIDs
* Check that initial sid indexes are within the valid range
* Create policydb_sort_ocontexts()
* Eliminate initial sid string definitions in module_to_cil.c
* Rename kernel_to_common.c stack functions
* add missing ibendport port validity check
* destroy the copied va_list
* do not call malloc with 0 byte
* do not leak memory if list_prepend fails
* do not use uninitialized value for low_value
* fix endianity in ibpkey range checks
* ibpkeys.c: fix printf format string specifiers for subnet_prefix
* mark permissive types when loading a binary policy
-------------------------------------------------------------------
Thu Nov 8 09:34:54 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
- Use more %make_install.
-------------------------------------------------------------------
Thu Nov 8 07:19:24 UTC 2018 - jsegitz@suse.com
- Adjusted source urls (bsc#1115052)
-------------------------------------------------------------------
Wed Oct 17 11:54:52 UTC 2018 - jsegitz@suse.com
- Update to version 2.8 (bsc#1111732)
For changes please see
https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt
-------------------------------------------------------------------
Wed May 16 07:13:18 UTC 2018 - mcepl@suse.com
- Rebase to 2.7
For changes please see
https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt
-------------------------------------------------------------------
Fri Nov 24 09:16:47 UTC 2017 - jsegitz@suse.com
- Update to version 2.6. Notable changes:
* Add support for converting extended permissions to CIL
* Create user and role caches when building binary policy
* Check for too many permissions in classes and commons in CIL
* Fix xperm mapping between avrule and avtab
* Produce more meaningful error messages for conflicting type rules in CIL
* Change which attributes CIL keeps in the binary policy
* Warn instead of fail if permission is not resolved
* Ignore object_r when adding userrole mappings to policydb
* Correctly detect unknown classes in sepol_string_to_security_class
* Fix neverallowxperm checking on attributes
* Only apply bounds checking to source types in rules
* Fix CIL and not add an attribute as a type in the attr_type_map
* Fix extended permissions neverallow checking
* Fix CIL neverallow and bounds checking
* Add support for portcon dccp protocol
-------------------------------------------------------------------
Fri Jul 15 14:29:28 UTC 2016 - jengelh@inai.de
- Update RPM groups, trim description and combine filelist entries.
-------------------------------------------------------------------
Thu Jul 14 14:38:09 UTC 2016 - mpluskal@suse.com
- Cleanup spec file with spec-cleaner
- Make spec file a bit more easy
- Ship new supbackage (-tools)
-------------------------------------------------------------------
Thu Jul 14 14:21:46 UTC 2016 - jsegitz@novell.com
- Without bug number no submit to SLE 12 SP2 is possible, so to make
sle-changelog-checker happy: bsc#988977
-------------------------------------------------------------------
Thu Jul 14 07:57:35 UTC 2016 - jsegitz@novell.com
- Adjusted source link
-------------------------------------------------------------------
Tue Jul 5 17:11:44 UTC 2016 - i@marguerite.su
- update version 2.5
* Fix unused variable annotations
* Fix uninitialized variable in CIL
* Validate extended avrules and permissionxs in CIL
* Add support in CIL for neverallowx
* Fully expand neverallowxperm rules
* Add support for unordered classes to CIL
* Add neverallow support for ioctl extended permissions
* Improve CIL block and macro call recursion detection
* Fix CIL uninitialized false positive in cil_binary
* Provide error in CIL if classperms are empty
* Add userattribute{set} functionality to CIL
* fix CIL blockinherit copying segfault and add macro restrictions
* fix CIL NULL pointer dereference when copying classpermission/set
* Add CIL support for ioctl whitelists
* Fix memory leak when destroying avtab
* Replace sscanf in module_to_cil
* Improve CIL resolution error messages
* Fix policydb_read for policy versions < 24
* Added CIL bounds checking and refactored CIL Neverallow checking
* Refactored libsepol Neverallow and bounds (hierarchy) checking
* Treat types like an attribute in the attr_type_map
* Add new ebitmap function named ebitmap_match_any()
* switch operations to extended perms
* Write auditadm_r and secadm_r roles to base module when writing CIL
* Fix module to CIL to only associate declared roleattributes with in-scope types
* Don't allow categories/sensitivities inside blocks in CIL
* Replace fmemopen() with internal function in libsepol
* Verify users prior to evaluating users in cil
* Binary modules do not support ioctl rules
* Add support for ioctl command whitelisting
* Don't use symbol versioning for static object files
* Add sepol_module_policydb_to_cil(), sepol_module_package_to_cil(),
and sepol_ppfile_to_module_package()
* Move secilc out of libsepol
* fix building Xen policy with devicetreecon, and add devicetreecon
CIL documentation
* bool_copy_callback set state on creation
* Add device tree ocontext nodes to Xen policy
* Widen Xen IOMEM context entries
* Fix error path in mls_semantic_level_expand()
* Update to latest CIL, includes new name resolution and fixes ordering
issues with blockinherit statements, and bug fixes
- changes in 2.4
* Remove assumption that SHLIBDIR is ../../ relative to LIBDIR
* Fix bugs found by hardened gcc flags
* Build CIL into libsepol. libsepol can be built without CIL by setting the
DISABLE_CIL flag to 'y'
* Add an API function to set target_platform
* Report all neverallow violations
* Improve check_assertions performance
* Allow libsepol C++ static library on device
-------------------------------------------------------------------
Fri May 16 13:06:12 UTC 2014 - vcizek@suse.com
- update to 2.3
* Improve error message for name-based transition conflicts.
* Revert libsepol: filename_trans: use some better sorting to compare and merge.
* Report source file and line information for neverallow failures.
* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
* Add sepol_validate_transition_reason_buffer function from Richard Haines.
- dropped libsepol-2.1.4-role_fix_callback.patch (upstream)
-------------------------------------------------------------------
Thu Oct 31 13:36:48 UTC 2013 - p.drouand@gmail.com
- Update to version 2.2
* Allow constraint denial cause to be determined
- Add kernel policy version 29.
- Add modular policy version 17.
- Add sepol_compute_av_reason_buffer(), sepol_string_to_security
_class(), sepol_string_to_av_perm().
* Support overriding Makefile RANLIB
* Fix man pages
- Remove libsepol-rhat.patch; merged on upstream
-------------------------------------------------------------------
Thu Jun 27 14:37:12 UTC 2013 - vcizek@suse.com
- change the source url to the official 2.1.9 release tarball
-------------------------------------------------------------------
Sat Jun 22 01:40:19 UTC 2013 - crrodriguez@opensuse.org
- Build with LFS_CFLAGS for 32 bit archs
-------------------------------------------------------------------
Fri Apr 5 15:31:13 UTC 2013 - vcizek@suse.com
- remove a debugging artifact in spec
-------------------------------------------------------------------
Thu Apr 4 19:26:35 UTC 2013 - vcizek@suse.com
- fixed source url
-------------------------------------------------------------------
Wed Feb 13 14:34:39 UTC 2013 - vcizek@suse.com
- update to 2.1.9
* filename_trans: use some better sorting to compare and merge
* coverity fixes
* implement default type policy syntax
* Fix memory leak issues found by Klocwork
- added libsepol-rhat.patch
-------------------------------------------------------------------
Mon Jan 7 22:46:48 UTC 2013 - jengelh@inai.de
- Remove obsolete defines/sections
-------------------------------------------------------------------
Mon Dec 10 17:34:14 UTC 2012 - p.drouand@gmail.com
- Update to 2.1.8 version:
* fix neverallow checking on attributes
* Move context_copy() after switch block in ocontext_copy_*().
* check for missing initial SID labeling statement.
* Add always_check_network policy capability
* role_fix_callback skips out-of-scope roles during expansion.
-------------------------------------------------------------------
Thu Oct 25 10:47:00 UTC 2012 - vcizek@suse.com
- skip roles which are out of scope when expanding attributes
- needed for building selinux-policy
-------------------------------------------------------------------
Wed Jul 25 11:16:59 UTC 2012 - meissner@suse.com
- updated to 2.1.4
- lots of updates
-------------------------------------------------------------------
Wed Oct 5 15:11:06 UTC 2011 - uli@suse.com
- cross-build fix: use %__cc macro
-------------------------------------------------------------------
Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
- use %_smp_mflags
-------------------------------------------------------------------
Sat Apr 24 11:38:22 UTC 2010 - coolo@novell.com
- buildrequire pkg-config to fix provides
-------------------------------------------------------------------
Thu Feb 25 15:00:29 UTC 2010 - prusnak@suse.cz
- updated to 2.0.41
* changes too numerous to list
-------------------------------------------------------------------
Sun Dec 13 01:35:55 CET 2009 - jengelh@medozas.de
- add baselibs.conf as a source
-------------------------------------------------------------------
Wed Nov 11 18:18:22 UTC 2009 - crrodriguez@opensuse.org
- libsepol-devel Requires glibc-devel
-------------------------------------------------------------------
Fri Jun 19 13:26:45 CEST 2009 - prusnak@suse.cz
- put static library in libsepol-devel-static
-------------------------------------------------------------------
Wed May 27 13:56:59 CEST 2009 - prusnak@suse.cz
- updated to 2.0.36
* fix alias field in module format, caused by boundary format
change from Caleb Case
* fix boolean state smashing from Joshua Brindle
-------------------------------------------------------------------
Mon Dec 1 11:37:58 CET 2008 - prusnak@suse.cz
- updated to 2.0.34
* add bounds support
* fix invalid aliases bug
-------------------------------------------------------------------
Wed Oct 22 16:17:24 CEST 2008 - mrueckert@suse.de
- fix debug_packages_requires define
-------------------------------------------------------------------
Tue Sep 23 12:53:01 CEST 2008 - prusnak@suse.cz
- require only version, not release [bnc#429053]
-------------------------------------------------------------------
Fri Aug 22 14:45:33 CEST 2008 - prusnak@suse.cz
- added baselibs.conf file
-------------------------------------------------------------------
Fri Aug 1 17:32:23 CEST 2008 - ro@suse.de
- fix requires for debuginfo package
-------------------------------------------------------------------
Tue Jul 15 15:35:54 CEST 2008 - prusnak@suse.cz
- initial version 2.0.32
* based on Fedora package by Dan Walsh <dwalsh@redhat.com>

305
libsepol.keyring Normal file
View File

@ -0,0 +1,305 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBE97JQcBEAC/aeBxbuToAJokMiVxtMVFoUMgCbcVQDB21YhMq4i5a/HDzFno
qVPhQjGViGTKXQYR7SnT8CCfC3ggG7hqU0oaWKN3D003V6e/ivTJwMKrQRFqf5/A
vN7ELulXFxEt/ZjYmvTukpW5Li2AU7JBD0aO243Ld9jYdZOZn2zdfA8IpnE9Bmm3
K/LO1Xb2F9ujF9faI5/IlJvdUFk3uiCKTSvM8kGwOmAwBI921Z5x/CYvy5kKEazU
lUxMqECl+Tu2YS6NDhWYNkifAIZ7lsUvGjW3/wfh7AvmAQyt/CxOXu9LL2nGzFhw
CIS4jVIxy5bDswNfHcaMX7B5WEyqTPtjzPAEMiLL4yHJZrHDPd26QHSaqtilVA4K
AeTYbME8iZIdacquFEq02PO9qAM21O48OknCTSolF7z6nBkk6l26W3EL+Gz5I2Et
3S9pab3FMjiiKVavM6UA5D0DQkNxxDn9blDXZyhX4HFrk+NnoETcGYFymPbbijgi
kFC4339/Z1aK31aJLkxiana5mqLthD4jCeg3B8Cp5IurqPr8QEh3FH8ZZhtdx2fX
TXHTmGQF/lXG4tg1eH5cb6wWGU93wD+5mf6czJlUZTY+kdevKtZCQnA0/2ENCOFW
Jdm/oMTUw6ozPd474ctzWKeO78e8yMvZst/Zp3Gq6SD9kcoPgiuMQ+BOkwARAQAB
tCRQZXRyIExhdXRyYmFjaCA8cGxhdXRyYmFAcmVkaGF0LmNvbT6IRgQTEQIABgUC
UGrhaAAKCRDgn+8l2WSErGaNAJ96+VrAVoZPHnycMU37iP/ZTq5oZwCfaDWxlxNS
sQRgd0tvIDLDUY0uSw6IXgQQEQgABgUCT32YIwAKCRD/aJIEAzcfEOK8AP4u7xTn
iIaAvn6H0ql5X5mUeAimPhwP4FUvzkvoBDcY/QD/VPBnW1LoCDe63YboAvbB7BHe
/0yC7rwTQzl6zPmh/iiJARwEEwECAAYFAk+H1m4ACgkQGWJaEyWIEIcxJQf/fRX8
T3fQ5NOhZ6r5AqRMm4wXSWsDk1oDL7Fa2vKcwqiIC4zQoU0Y9+s96GSjFHgP4wpc
f7GHSPZseXp9c4ckIpkuEK2wL+jyPuSSMgmOLEGXBgy6XbWvF5yR7tm3henEcBEn
HjbTwuTO2nM53tmcM/ophq/eK2nErwTKPiDw3aiahNDYNx36wJrSOBGTKySk/F23
R8rQPThdbtvUtmTHDPCsAZKmMBlXOkoFcA1xKZRAMBoiEa9hIqiLBV7Z5oTmVSa8
BolBpOtR38sIjAWh9MtJoFFfx8Q575TC9bfpW3Kc/IRPJE55Myn/8Kbl7YJBU+gO
/v2yjKIT+hRb0MUOEIkBHAQTAQIABgUCT457oQAKCRCUZdkzlNzEiUhHB/9WN9s3
d5V/rjy9e8Ny2xd+5yXfuLpi57YI4mIZi5k6s3vBjFW8fa2jw/dXndhX06oOkmXY
1dSujVWJSMUe4gqnbdVu3IEBiyst5MyYcuOdeVpQ9KvolQMdRCEIXfgFOTXt73Lu
1eUSyEVhXI+Ua6bsmHJqscHatF2NCTyTJOqZDjIePD+c/8eW9XF2Bv6ZOa51M9UF
p85PVH0wn9I3bHhtyVPhxDSGM0TL9OwXNV25CPzI04wUb2vqnVVv67XCfcFMA0iH
nlH1oOHckUUhX+MFOTG6TFHmLIZCJHneeXR7SqdAXGl+EUZyWHRGS2OsdncMEDNy
5hennjRW71qr1C48iQIcBBABAgAGBQJPht1GAAoJEMI9kbsdgkTfgW0QAJ+o/BZI
i2TWU1cTQc4zVi4dcV8wZREXUCi2yQlq3C2MbL2gNRCSN+w9E6daOAf2zTEPZSaV
OuMl9aIF0fSRMuITFVQ6a+cz1UUxGFjFBkzCId5ybgVnkhZTPh7TmgYKQcVsyzBc
SgQb6qpu058s2lfrvLL8kzpZ77w+JdX9za9oSukflLxgKFvnAP2URY0zZo8E5SZv
M40zX98QV3wAXp9RVg3uG27IbWfnNO/6ijCY7ZzS16slEaYyBW4u6AgScoqFpD4f
Urpt1knuZfjHHHmLMTJh5iGL0OEEdLAIuFZH5iKWqRzlTSesX7dn4Jv1McemmLTv
U4hDulesaxBKkPMZFcLDScoQGbQuLXet7xw6gcyU8PREdZkQhFkZJhfVgoG1W6/i
SlKrwY3zmVlIMoZE21skFLtCPi/I6U6sE7V7LJ3iV6lAJ7ZGLeBT3ut6Tna04z58
AiJvPtVvhrSptumGvPo9UxsMaIHEz3b5il0PJkbIvvAniDoOFFFwRRBqGVnWfvL5
hDrQROzO3v6QPTxmLYGgmmIwewV+hqzami3tV48XEa63C+rSn44dJWXCQuA5o5E8
e6YsDy4ncEaUlMewStQHYQSB1z9O/W+xnMQjdmL6GrDWBxuR7bUiLxoN+yFt4pb2
FgkCGdabxV0XefzRRfkSDnqLJussKMTKIARhiQIcBBABAgAGBQJPvJhEAAoJEE4F
9mOnpBuefJMP/iBVurwfmRrt9V1ICdfrn+QWfnGSobNukKSNyp7/m4jYK91i2N5D
grqybsjlEujK78QT8k9sJEeK5ywRqTjZYBlJG179afbJNCkhvSZDTBcm+4z4fHsN
LHZHXY/2shniYaj+sS10btj1WiD0z9cbHvDkipLDYMXbKJhAlew7MeOmF9gHwl+i
qNb/veSfgTYhEm0K5aF+Ilkn4YQZx5IEit50fejTVOG1sB6H+DM9EXcVTXfrXPID
Wxe2YZ6rCeE0vWykdGWm5vdy8BdDxFJis12IVkHnOiE236Iv6rNVZpQmj69hlqXU
Kjn+uggc3mcl5/ySnWeBpgq9/WEhW+x1CyKVVAhcoVYx3jtpTpbyA+vVbb5TjLD6
r45dquJ6juCkfv868xJ7/fA6EZUPwomszABWevczjCjYIzrOXDE8Z2W1Aj4jEMPw
1MZOY1OtEBFhFBoVDKp3VKtW3ixKR6h6Cuk4bihZfJr+/hJ5ccPi+3y++9fcDizM
Hvdrfnkh9vJFcMRHcR8V9blz4GdHdvGF8BNMTpPQArPUarfRebbJxMZgIBnbIEp7
Bp6BOnHc78ToA9NdSdVZMg9BrLxPiJVSIsWztbVQUxj9G+Yi8ooUhBZybk7Qv7bs
8kr5hLFSijUi+3WlyVO561tFs3xWdHcr0+nm5ngovPpmR9+YmDaw5K7viQIcBBMB
CAAGBQJRBnyHAAoJENmwV3vZPpj8yhQP/3HGZds8vZm2jqoQJexDUYW7J2JiVRHE
OxVSK5zW1KASgNvxdxeXfuX8gpfVCZym8cw/N5PSDyw3AhdKcvoE0KcVx+t3S0TP
y4E/FWfMyIbBoc/WQHpWzqw1XfX4IlxPPwEcds51dmeEepdJvTZKieoBh5ZVKUTT
wSO+rQchZGfo0gZ0aq/qJwETGvImNLdkKFEWm+AAnCxU7l/oEoehmcSfv25BHhc8
fC7FFubiF/qJgRs6ETseh3qRPNL29giHK5MVPPkrP9jGUyhlf+NMhixfSdnev5Oy
G6vyJRcmEq+9dWUbKsY7Ydd8S4ikmoTHj+oz2NQ0/QQTto/Nnp8E/terj0PH2Wdm
5JDWN5fEQSk74A0PbGaeMIevcR+BhmuuEJLExCG8mHvDKmTO7fQPjUEc849Ki2Yz
tYtx4daZi6LRa6r1faGibmOrXVfAAIS2Y2I/+h1eMXSi98rR3yWP+SK+CtcBl038
40lqlVIuRExLvVLp6Wf66tH0d+zAR8zsg+3RxHA3Wg0iFeYrXj5cFa+/C9qV+7Eb
ZR/EPwrQlczABGWkaVXyVem7MNXwRyu8uKkqmqJBZol6vriRpBvyocS1Pr4k2gaT
KaiGt95VqDEqY/MNZHi/Vr2WBnBjUVNEc1U8zQ/wtaU32rQKthymgHCSFMxXVgnU
4FKuQz0gza+yiQI4BBMBAgAiBQJPeyUHAhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIe
AQIXgAAKCRBjqK1LmCxDc8tTD/9nOHx/Hl1m6qKLf7yxPoSdeJNJXmDkIVUqOJTZ
cUZWyjXeTEEl/0I5EICTRAmwdyzNCsRP88FTmfrpr5sS8TbJDsY7mxOjc6Be0pvc
naKo8M3pyKUfQVbYO9Zn4wTqCzza7Le7R0ROW7Up55zkvXXbf8vSTiL0KZI7QUyN
k31XKdm+A6JoO4uKlP4Se4buOeaAIuqzz5K9KXBogyk6ouOpe/vaK7I/TMbNV05q
0zDAf3lejwlOxaOFiTV0vEl3d7BFcV76cmI1E05w7nsI09avDS+2p67HJEtelmEl
Ris0YarT9VbnbdRfw+XFilakKb0Jf11v7kEtiLIBFrG0ZiABGSFDsuE57hePeAvw
PtQWyQXVK+DZfczx9m46yXqmJE7LxkK9YnIDuKVIOaAuOeobZKgsQrj0aqqxgwGQ
ceeE5XYD8LwqN9fmj0CZTpVryLlg/3XqadA3t6EyvRQ5x4d7MBNL8p+B7fevrzPi
jZw2ICdRRGsNXn2HjxQAqG7xAaNmaS25w8qgE+DM3x6R0m8M1DpOdmTp5Jfyq1CD
sYV7X+HcUUuie9Ec2/h1kt62Py4GjDuUNASX275J4LiphPHTvI8dKU5VREfbo6qf
m1T15hTIWtY/L8hoSd3iyWWkS5N44H0Y4lFG+JTafoV6bwcCGHhVpeZBVSoNmj8s
IJ5xVokCHAQSAQgABgUCWWMlagAKCRAyfirUINN1OOtFD/4jW0ZMGigpruCnvY0n
r47rA12X6dJ6+KIBE+XBQxuaQRjM5u44geksDwrqZ0nXrNvsa4SVwAhKVOrgMJVd
zvUa1m2yeNCFHOTjln6QGjZ5f3a6aj6n/X5tlPptdklUr9ucEwXVd5fFMpWAiwaq
Zt38I2u0Pi+/qHDt0kLyRSukmRPzRuS/kO1ugGO4aoO+sanVDl2Pq6LIwubL1Unk
2HUerg8VCAyQrxYtZtHccoyhmBTlAb+EmZnUVbQZ3Uy3eA89OuNTBhJWCk8vqROF
m257MiH6gvG/V8CTrJfzlpE+s9E6kxXhXpQWZUwtwWObq7vrJVkJhRwBsO9N2erx
e+biBauFErYQPw3bg6xL1BJLxDWnKUlMWs5o+h7lyjp+1B/gbnnlrUIlpW8IKVZR
HwRUPGRN07SbbEO1lDk5uJDMk+r2KrOUNVYCEp794P014xodkLvB8X7ml6tcABE4
V9d4uVDX3SsktOLMvtWgnL6xWMoBYiVOXi3Rsm8vESBOb8JFQL/ItciUyAioM4Zj
q5eqotVq90HMBO9kqcjCYsYEs6RACRmyE+TNmzGoucIPTwPEi5Ib4gj+LG6iPOBp
rk5DSjD7F0/wnQPoq8PYHIufb4+PgOXKf/ROQXDRLeD6eZBtPcDUJOgW19m7QcXZ
8fvo6B91COe9jTF/H/i3A7NjR7kCDQRPeyUHARAAqWwarw5fCeuYxIT4zlnM3A1Q
flnxuxgRwe0+kcUjRSGocpg6s8e982Q+p+DZ2aIDwz6KWHUSeeruQHxdGw2ZYHm5
fPlRIDxxqGsu+Bn+pNAfnKRJKeT2lkBxxKlyDaLVYNvYU7H9btLG/so4HHPvVh8N
zLaQobIJPEXOTfF769RSXC/scp0r1AnCyMH4Lyx2DzwWBiEab8+HpP84B72hn7Q3
58jMKzG4IvJGna0m+z0IHHlnky+wkDdQfPEzyRairf0MTHV2j8vgq9z+F1cuVd/0
BFRVIs67QgqiYMRzAHgj+UMcGBFpgNs8VMxgP7f0FAxW3HCrdgXaXSgRbRy5YhPs
p/RR8PfCWso4QCccXgpK6TBA/TdmhhyNauOLG5niykPBLiGwmpn6u36i14JBMvI4
Ir79ifWH13o44xKGxi5LLCZcWqvSXkIBRFZen9IydD4JGD3ddUcU3FS8uEQeNe3M
XPSx3KCnQLXIAU3GVzz2Di/njPUu607xU52vSHReG25yRTYxwzIW//V6JscQbHpK
U1FxJtgxqE6Ttlv48FnGWC1a3YYpJJBfG/PBHVpPeH1E3BQPdCPgodGG0vFxjP1i
JJazBmtCaQODkFuaDISg54KgHFe4MUWLespQT1YfePwCDM/vsJn6gcRExT/BzIE1
RAKSwS48K7vQf+JUUrcAEQEAAYkCHwQYAQIACQUCT3slBwIbDAAKCRBjqK1LmCxD
c3oLEAC+jboRrs0H9hhC3DuSfPwVtshfbMR1gy68ND57avA9+ZIBn2SwedrTdwyO
DcC9LxPd9W1wu6L4uJBz0rGs7/lj1HJGHye6rJFlQ9cg7R7AA3bsLnSaQH5X2eFS
LzCaiexVMORcvXp58PyHaR+ywvrm5+l0+iofaCr1ZqfgUBDrHYrI1cPOPE4YpPoE
tPFrwIyvZvoO/vhRcCstPOYl7rqmab4veHlNUD788c80Wc+jOIEGs/qQqv+cn+iP
h7vBvuZ6tn6BTfhuxUZMeyiZid0gBLBtzNt1fTCljjePWW4U3ucVvtWrf0yiqDRs
zSGLNO4wKUdvxOCee8jFo87AKoO+4Uw0YldI4R5dAycN0RxYt8/kqyvuonupq6vF
hD4+tqvanTPHRbPsuV91E8dJ8ZcuxozscYYvjbfNzwBtsFRaapoVS7sj567r8c8q
1RXPA78eOg4igs7eDzyv2Po51SEOya9iZtmQqc2WU+UDSbg6eOpih5TQZL0st6t/
qTOnDPLykrghXffncN3V/xqbS3mzKzzry1Q5eAZvYUphu6y6ScvFPDbPKWEktc2s
RzPCqjGj7kv2ZcdUkSI/xGn3n5x3eXyJZrB/QtjuX29fEhY5g9eBQi3FUxu28Id2
X2xqPbDiUkoT8aaT1tjqE48HwDZo9XEoP1Ra9XeBwBHPN4xYLrkCDQRaJtJKARAA
yFAHZDfb0VKjM+TtXp1gE76MMEyvWMda80wJH/YOTBd8MAoreFpJZKqvnX/C5r2y
QVF7NC9z0+GC84gmLWOzFF/E2gzzZrY6lgl2PXoUblFVD8CmiOLLA2+nVg8luarg
N9dK5QDqr456mGwUuvHZw9ifINBojqaupMF5wRPhx1BNkrScopQ+PdTZsj3rNMEh
grwqvsYwpebxHV5XxuS3AdMfIOMjuE3kSNlWJiplgNDeO3a8LUCPpekXDkrtK/p/
SX3XPKN9y7ouWx+jzG1GECWW5vwQG47qWMnm5aoOCOpM6QNdwgBSSFQKDzO3B5HX
nOAlBD86fRcNwcu3KLvO5B3E1opgqQPehE5Opx75hs03eqc/htXSprQkuVM6sT/T
/OaJ/tDXNg6J1yYyAZ4XoamkZCSTFjiBIp63yQPyHgBlcaWkW7h72y57UQ0NGaBZ
qpLMha50xFnfPT+z0QY02JbrSfAnU0GjJJ5ASafAzMAded5Ez2lEZDVLf8Iq22r/
R5YQfdj9N33GLgM29Ndy+Am5RTChyVY/Y8I+DfMT4RDWr8q3ahitPw1x6Yz0Q7xu
03Mn9jXBIMsUAU2KQfBiNMzzqNah4aFIzd8P0cmN+qgHjWAMq80hWWFBq+F7p1/j
4CgKj+YaiwtgA8Vocd2Saqd5PRjQGdNEhL3Itw7wIFUAEQEAAYkEbAQYAQgAIBYh
BOhTwYSLAYXPQoZN82OorUuYLENzBQJaJtJKAhsCAkAJEGOorUuYLENzwXQgBBkB
CAAdFiEE1qW2HJpVNBaCkttnviIJHj72InUFAlom0koACgkQviIJHj72InUPYA//
VUwLwo6bM9jKIVj7XEe7au+yIHR/zQYfWNfANIz8gq+wfVrEIPSExXmxKLnZ6kKi
/ftzNKVHcylCOjTErfbAkH3boCBvMlhk7jyq6UNRdSE9Yn1vGLIhzEj/coSyljVE
yha/wB9gD+pKZrVxJ1PggyhIYnM+HdHKtSl4U/lBPTagZrlO5JA+InDL9v275FU6
LVJKrMcwl0rNl6EZrKzrk92MLxe1/iKl1hEGvqYjJQhI4H4UGRjYy20XM0NQF0Os
56nKNK1AtnW9RedgoiJJEdejddNb9bx+HvajbrN4NtBwAvLBAxmqfC2tmW7ModnE
XTvCEqZe/D2lQddfqFskO+YZUzGcH8XqCs82L9X4G/vmwo50iaCckFSnUnPvbzxI
9s1DCuoUpXZkPd/Q8WaiUWMLP85z5RST6zB+exPelXosKVNOGw4fxaUoljFkud5f
vke5XHgKZP6q/oaUVC6LGNwfQu2xttKMDHsnYtE1W18j7YN8xwiLwonF7r0wAoaq
rEPIM9JZ4WuzQwebIPr/qb4ZOi+BRPmM5ltHoZUp6VbTnhuZvLTNB69adGJ4A1V4
WgWyfByUmeoohHNCIah3WnVvweFILDic545BKJ9o5/fNycWFjIHIMw62Xf8Coagu
n/rW7cGT2H4E/hU9HdFRbNyCCObEkzQysvONpJdJ52PO5BAAir2DfkUamdoHx38S
O58QPVNVI6S80r+on50PhfN/lG+dumuh8yfN8TLLyMnVWpzdBlBTcgNC39SfZnLB
fQ5ugoYAif+DJ/B2SmfEnSMmjFEG4ymU2l80HD6h7ScW6jM72J0WjMoz5JagTTnX
+O8YenUWoQ8ucAAZ5JtYHQtGUCycyNzm7r5Iod4UZEpiDtTSw7tkptUhPhmZGexA
sNqQfBsCB9whqSH1aGPQ67mvvwKz4NwzdcB21nTh3zWNXlOy95Hz8Kfjvdzp288h
+cDY/i4KVMJoIO/6NcbZ/1oUi4mFgI75N1izuqMCxdaeAlR5tEWIdt9K5gPD3b96
ot0oPUeh9/gydblg60OmnoSx0IO4g15G1S2eJ3Da8g97Nf7F2bJxcir0Vv4a8qsg
Owq7RU7wc5tW+Itr9ETXV2wQdiWtquPiarNLYyG+ZTv0FrOD2sMMHhZWznTafe4l
p/pKh3/6R7Vzd9/sBQ+jHaemMf9tWaRkmw6rkSpy+UfebYVlQdIVZL/JNHWs+4mg
cEwdVzg4+VO5KpPeqYova9u8PWXcPjMdmzWlpEt11heJp7Hio9T/Rik/rVdTTvQy
YUZgTxnjdNsw8e7/otgGnD2nlWPdVnCfZ502XgsbH7TmEgAHMzbcjsmhDji4+hNu
iGZhcX8NQYnqHYth2nzUBUKVIVa5Ag0EWibZHQEQAL2TUrLoAh72w8/GuCytdF7R
3Jhyge5/N5TeMWyyXf5LhxG69gLN1l9F92N8drif4LFNo53vGR5/AmAalpH0olu7
x2oebrUYiJLllswJFTwUBbqiFV4OoTAWs8DNmO07jU5Ol5cKs+7kfkBOD+QOdpvO
UPYfwlYCqvQNhFGEW0lSKFdR7L3MrTfBKNSLkTX5gdQL986ltL6aw033jkJ5A0E3
guNqn1DXzcWSHRabhDwLQ5LVY3xrRe2pIAtEIYBn4RXpSuZBU/08ILj8nSGgpA+/
Zt+kECytQYA7cWezDvzTiLZNjs7ckDyAYNhfp/A5UkxRd0PsVfsszY+kRKoB0+uO
qY+odPxw9+rbsZiCoe/c3iE/1GO33DGYdgVslPRgIfDZkyIA79Vy+82aIavn3RkW
JARvUwk3Wv6HlQMTUK0XqdOJ6KtJeL2gyKUeWjY1jmcAi2/9P08qThf6RofdSiJw
zGuRPfi0AIbDGLhUhFhYv5mq7ET5vBeoC9sYnSnddvJERREJo73on/bD3nUS9kSu
kVFC7jPMKWagyI1vCRDxB16xJqqMyKuUfIUjxP0Fmtds9rN1U1TB/JEsWKXWr+SB
eNd4kOiN7vdSLIaGqGVU6URu6cbMLAQHOu1B09MN4VCvjvr/il7S/i6B01iQv+Bj
wjOh2fjt3VcfrwC5FKvPABEBAAGJAjYEGAEKACAWIQToU8GEiwGFz0KGTfNjqK1L
mCxDcwUCWibZHQIbIAAKCRBjqK1LmCxDc9BID/wJkZPFANsPaguQZvq3IQIizkDV
Gx/An1qPRH8e4Q7f2SLzIzzx/CLwXkB/M1yZjCnSvHJgMNgzSK05tK8D1YEHxgVn
Y8pPVgevBPNZud76ymZBgNF0W37QrHQku+C/tJi9DWM10JrOLEfVIAz075OfmgXJ
tUeNFq9axBgenUK9djmQ4c4QMeHPfukbAW/JXIV1JhLk9ZPT7RdT+DpSrYd4UK6u
FQa4NcnpYDoim+a7S9uLwanJ6JYJGgbvqypsF9Dt13SgMxQeK17BYaos/UqKiR72
G7mn0JuSNjAZmMlZkRXpYfE6YgJ8VwFE94gnI7wp9r+9UF9BmP1+GqzewdJ8AYh0
ogHe1fSoqExF279CgzXhhDXIrzQlNRQ5ysosO3pAmKcXVRD85xhCoYEJdpGTU4oY
W66KPXpC52dfnr5phs0+W1/twuzU7tqh1BxHGYxKDFIT/ZyS2E9gGxc9a4MxhkJv
d7okxax2cIjuI+mg8UAmYh3tJYl5tdnGe2hfpjBntPHnz9AwsSrEx8QTFBMAWDz+
jC/EIbXYpqFqsuvgakvHRpTf1AQl6cbUuoYvCJCH1XGx6PD4yR5tkkTrOGztcGl6
et3lz04U61v8ajHBqX/pRfPtrraNnvAM2knD3E58Lf95f/nr7p0tV59EWP8s4i72
t4zhuhOJjZ2YaPVALQ==
=UVQc
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFMyh7gBEADHbVdNWxivgqISiinIAE7gOl9vFemvnqfzn7hdfw2y02hUzojd
0HzEJsyqxGBYHpdNYoiLbCYNubMDA/Xd0Att2D7fIAuNFo3gnKEm27xLSzjC02bk
h2Pxp9d92dxPXsk+zDvY74Vwem74Yon824ESurH4gTK/HsiX2Y+7+5z3Ep07xC7p
IA0RzD3zlKhfT9dpS0QR2LP1utFcT40eEjSZY8QK3iKapNtyvIrpKpkWx0tZTWwX
+F8IoL9MzJBi5L/pS8fyUOkyBVIwdRXLNuX+sle+llH7i+6DWsWHEphiZ3ObiXDm
iXKBu/I0useEE4K7TmOLqqeEZl+CTU6YWJLPpD38pq+p64TlAcT7rZSmRUr7zY0a
X1gsXqm7e95Txm6UYy3Xth1jmZ0PuHjCBIvy8foxZVKGsR34ntAYcZzZhDca+J2S
WyL/YcQbSFhad1N1ZpCXj4eYGQIg57b1OLrabopdSQ73s8uGdS12aNQKcehkAvKs
Pab45Qxk7PWGNXuvHGYFCvedl8Gh/MUy3UqlXE58GBob9ldB+7eaO5VgR0GydSFO
cbRDDpXBdWbsq4u0BDT3uB4FZTqYC3i83NFdCSppxG6aXDl4Hux+Fq7FcjFV7scw
e/ndpnLMzj0oSyOmq6GZfvbZKRbyPztYxrEIoDw1mgvJQhm2AnfnhoOWVwARAQAB
tCJKYXNvbiBaYW1hbiA8amFzb256YW1hbkBnbWFpbC5jb20+iQJXBBMBCABBAhsD
Ah4BAheABQsJCAcDBRUKCQgLBRYCAwEAAhkBFiEEYxkc6UGDCYaJyrjbfvE37JNb
Dq8FAl1mIt8FCQw1xCcACgkQfvE37JNbDq8mKA/7BnUyy3K0nEboJfXKP7mbI7vH
hnDYP9ojwi6Lv7BJLOGNVmHDrZa9HA8uzH7AZIIf1XLOWd+bABqHETETElckXK+x
gtE9GUQO0DQRVH2gCyJUaLtYgK/VD2GRXLlFRUA81XLmU0pNZVIRL6u5P1RbHjdd
G01NgzH2sDKtmAtIashj25YD5m2RukTDfGYDMujjxR2bBRp8QnNiDHp93pYmF6oR
iElJKrUOhBS7Mw2Cuy7GhcvPmFsUY7o/Kq+4bu9DzZOMrPTmVQMF//PV5JChWCou
Aqv1Qybrt5I4/OzOVX+9bID7xowueMbTlak/1yqmgGNmFA5jN5XDuwZxoOX7F/m2
ITJPRADEvZZLNF0kdj4zcLvk+/C8ofwcPcltO9SmDYwi3aKuMifVHqQnaG+Tu4qI
okSA+Vngamvy0BFBLjjZ1DZhRBS4GELzprzQ4brBqmdFnwtGnc3GOHK5Q8teZeRW
SbCh1u7CNBNXIdnTX5VlGonxjAO27ISDP7oaQyiJetnMy2W2qEG1DIDnLJtlPwDR
+UFO5kBHdJSnuTnCl20XUADeH0tx4jHAAYcIyx0tvJCuOWylMG8yVadxS73IA6a9
GA+fOku9XBh4eP5vIoMRfuVwDDu2y2n5J68OCfshs3JllGImrWUzR8hpZmjXmpAZ
VjN4Ft83ZEvUEntlI620NUphc29uIFphbWFuIChHZW50b28gRGV2ZWxvcGVyKSA8
cGVyZmluaW9uQGdlbnRvby5vcmc+iQJUBBMBCAA+AhsDBQsJCAcDBRUKCQgLBRYD
AgEAAh4BAheAFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIucFCQw1xCcACgkQ
fvE37JNbDq8dtA//cUEBx8rIvXyO14TcUu5o3Cc2DRhFxLwVIPOnw6cfZYhRrIKr
2wegsllvV4vJ+KJoIBvlw83VAunHt07N2+hF72LM6qPWkX055gY5PkFSGPBpybZk
oevE9rI+8p7aOqu0Qns4O3juDMava+nSnHjmZCJO7wnjrkGC57eBwI7Z3H32EFIU
b+IvOivBFA6iSeXkmEg1ub3iaA2vXdKOGDfoxrEjSJWt04q8VDUmtscKRkRrc1AX
XToVzcSd4w8C6j4tlOk8DbCLfyf8M3cDeETzyD6ICYWkSN1OxYFopNvsty2L9xQ2
oTCp/1CjJTO2mxOY7K75vLr8MNYnVrYPzCruazt0YetOY74raTMFhnA6mQapcM+c
L0DKylIOHra/jSj7WQCy/xujMWZKDg8LfcfTuknSFPXVL6s95TYwBayRkVhFs73c
Z5Tpk4dAxSLZI040uExlFmzqwaMRoAhLJShhe/QRGu5rBnjtaKRYl08Hnb2gLc+0
LH1gsGIvrsB89coa4y5Grues0mw9Bbk5tjGJHWlSgGG6NPds/L2RWCsXgkb4qn6p
Prsq6dyA8qp7O4LiZkzvKpFxmpO3ggIeIh17N21piUs9awnFySLR68gv0E6OnLdL
s2fpRYclaw2DxS4WHloWfW2MoV/b4K+GzovlVGAi19gwzBVk1uHneB504eW0IUph
c29uIFphbWFuIDxqYXNvbkBwZXJmaW5pb24uY29tPokCVAQTAQgAPgIbAwIeAQIX
gAULCQgHAwUVCgkICwUWAgMBABYhBGMZHOlBgwmGicq4237xN+yTWw6vBQJdZiLm
BQkMNcQnAAoJEH7xN+yTWw6vzScQAMABgqR/v0b/Cj/qhUGhW5ReUoqDGkPTWqT/
ZJHoEtG21v8zmFaGJSw0hGzR8LBKPUcBIgcoe4ahPoNkD8ThvY/FgNV/VbjPmbwM
QqCEy8J3ZR3Tgrv03SGhW4BbWPkLwKEsXQc6hhvJxUMo35ORwUX549DrKb4/jSZs
6El3ONkeyeShnrc8dtKZeL+w4p01WbZ13Z4cwhM9bEsyMDVSv64y8QQZXeK8V0lK
jMbLNywf39AjjHKAo4o09hL75/BC8XW9Eqi5IKGRD8uWdvBB7o+xaAVY5WBMLQqL
GEaXvcc4r7tod17At0E59OfBQyJpp5vfEZXPzmkjC97iIXfUzhdqfuuEBfkfoZc9
aqBo0chedltXatlwHbr1BZ2zP/LtIPH0+G8/t/iP/KoKWMUXzqPOQmK9XP9ryDvN
HCMogbDMAOYzbGAvY9+eDwW1Oc++eMRrRmbPxY5jRShYMYxzAG3iYEUST62Pxxu4
tNzYdKc1t0JZHx1S+9jVTpplGuUnRbcLbrwaoqVxmikCdSHbZ3Q75NizFr4zC2n8
VXj7WNHiCVh4E2hD/aXINbyFHfaukojVVSe2NjSHaCQx64CJbFKeaks25f4+m9GR
ZPTceAlYub9A6lcVlyugdAI0flQCnjz3gOye9CoIWjloOzfH7RXpKol7BrnBISme
L9kh6fIduQINBFzabgEBEADm+3+ZRXtW1Y7KB0QO3iG6tXG0acc95bh2rO6djhP8
xV4vV6a6hI691SQorLxKCjpZSzshczJlmMZ3SRuMh7VSefc7w59ElBLoWDhuEKs5
c3gtxAmzxICWNo/IJnnb5h1s3hG8kmPzKdaskdbAttQq4YGk2GAYS9LvmKLPwAu/
iSaGfAr7RJPSQxvW2i2y1OdhF4ibuVJT1TGa8z1IsU8rf5Ybx1AdkjPnazoE16+j
rs763tnSzT3kpJeymMppkHMJIkO7u7D4bDR+qi10EsfF0inzmhimH5k/ng87+qi6
UwryvUorJPSbjRLq/n07y2LDwkdOrW3XsLyU7RAfgZ4FUfvpUqkLZqB+GmgVccsy
2bC/T7JMSPZsIlk/KysIl3kK2wg7oNRKJqtMTPhpzEiIGaEjJNa1S7c8jswSL97y
/S/ok8iYaluHTSTHMJrdzriSP0irWzC8MJJNcUZgsP2NGWfjc9l0VlMqOdyW1mtf
PXY+uONeAlM8x5KwMJ/r4nsixodozkI7BOx16F59fjMfc9ywZH3o/rNOoG/+P9rS
ABO6p/zg0e8uNyAE2KobjAfvWxYLoaT6ngYbXGgC4E6DKjnxI3n0EEMjdfALzcmK
+SNiYtxtUQ4g3rFcOxt8U43ObZO85yuTI8TCQT+03/vLzzMOTTAfwn3Slu8ORsVq
tQARAQABiQI8BBgBCAAmAhsgFiEEYxkc6UGDCYaJyrjbfvE37JNbDq8FAl1mIxUF
CQKN3hQACgkQfvE37JNbDq/P6BAAlt4eEQcxin9m5eayHEvnSgjYk99FT1asgfqD
z8d6qVBTKsFxNXvm19Ps294bD2oO02hzScyVlY28dKH38MkGOmslxkMB7yO/6vAh
/d1IixZNz+dQeWtb7XmNySj4/AVH8ODRK2gs0rVrcAH5gsjWlgBFzywmdODFE5iQ
VH8OJ6msT00gvkkvKaKU2K0q7A3DOGTy9Lzk8A3co39JzzR8E44kgJzLC1JASuoL
1LaIe5Fg8VMkDpr5Uchzi2NnaXtuaNNerappRf9Jrga54vQDdAmW02NCcea4Oj4O
zKpC0bOU6N50HsmeQjKEk0sgJrIKdg65k8rlrF2uQl0wBsy9EyWgJgL0rPYOceD6
d6yEfy9i3G8fPvzCIoBUntZHGGpHDx8ZpYjP2qhg6Vj/ultHfQBk+A7D4V+NU2qy
4+RSTMyIJjUAAgX4WWlxipuy1mRnfJGf/ZuLBAOVST2Igtk4E6cKNagCv3vJEfJi
aak8TQhi/Z9hFsHpN+RhEldqaPOd4yym2iKnoYX98wJsryrsZc2tHIwGQXi+lkNe
cLJYokWXbKnLdlfwkWrziTFAAekIBdQ2HrhXFq9EdfIWgv4PHA+goPXDjIzyhFD2
5D5NX3YxUGfMWzWyxfg36hJAjbyv/wcdPDJVaYGxSK2Dap4KZOGA+L0lE0mLZN+T
28FSbHO5Ag0EVCGdywEQAMzu5hN79Cwleh7TvQueT6WjsajCVZ8wm4JfZ+D/uCmu
V3z9TKIzJ9TyZ1qAhCGetXUvocq6ZCq18Zii/qBDmfN3e7RvcNrcRNuR51frgPIt
HGHFnjsW2vaVnIARJyHOtKYW5u7m2tUa9JMHFpzRqwNiu2nFw/LZhfO+DeAjAMd5
1mdJSCuWww7l+xZWQPha1pyxS6BQCB8qC4BOTdW2EkBSIUAaucHX3iaiGQINXuFG
OUVcsPhtcsmmDzqD8JuxuGfzit8LZ4qauh+CeKsACt0fRWjGsSO+veihOaSUxv6N
6jwvOO1oCZzA5lI2zN4QQQs9JPmSt+W+ePBUeCFOCT5lELu4+P4WWc9el6LhHj/O
fsMongI6jvpGWnirzmw9joLKWMaam8MT2S1c9nmYtNramI1lzeJWYU3VFgJpc5DZ
klb6IROb0oEgmbUSIZwap/MB/G9N216mr3V15AKEnt4vqu6ol0CKB3jrMafGCDrH
UIoOd8FCwK1VBRWsnjKLXa+mgGCaWSPau6hcvOuV2/Zq6s77iaQQ82+0qkdno6l9
nhdmZsLxnZuGOUfwtn1PFdjQ4/3/mgL0KxloqSwdMHpgancOMT+tJnebOCGg/iFC
yXSSNm8zek/lREGevH+3AUIKTY3JhfdvG7qo3zW7u+C0QlFnrj/pUSFs6JMW3hMB
ABEBAAGJBFsEGAEIACYCGwIWIQRjGRzpQYMJhonKuNt+8Tfsk1sOrwUCXWYjCQUJ
C0auPgIpwV0gBBkBAgAGBQJUIZ3LAAoJECu+2csaaO9VpE8P/2FSNpVsqHNxejzF
JYRjpbsOOhIUj/wovCTz9q7nvbGxd2Tq4Cs91aXPmjhZhO/9q+RySCDFKsmmxx54
nyC6nZaxN4XAvxi5CVNKYdSq+WfuVuex2czF4l9irFYZsrAxxBdQeE47zJNKDEKL
kMnonGBxeJ3NBJWB7HOSsiz4LARfYLohOAqAd500ek8tAHpDLopsD6YQxZv+zgD2
SzqaQYLtL996OE47+WnZpFVdmnj7JFCfJbDi7w+dhlf/+HPf+r78TQPpl1btlfeE
kSyQr50XRLw6ctJGA62Co7eHVIMDvsidTUo2yMdUQjd9huepSoIq0spPF5yX79xK
6KdnjpkPvmgN3XqJUQVd+JlIEGisMmn01Bz5OeJl0OkWO5aIIJ93pisU7sJJhMw7
YsZCovzguqFXNnI/nus9SNRtrvMTItiDkOocrPfEff8IpJ/956iZPH3bIaez53gi
XSEvaZXbVhyVYlbVW2Wgwkm/64K4G5+9cUguTomIGcDovXuEHSg0n3QnZ2FFjfsv
VwQ38G3abEErF7APDx36WUJ3GbA2FFr0xqmHN1YQpObIcepWwkXQUCC7CHLQWRcl
CnYvSgtX/pFJ3qt+rrL0vMhosBGGIUJORadPjABPugG5Nf/WV64pBZHOq9A5dZKM
OJg2vpgqVi3YlNHG66oE1oSupFVzCRB+8Tfsk1sOr/zyD/9rLFX27Blv1D8DjqV6
P9IzWR/YDC4AhYG+fdllq4+N/XO2gG8bYHlbh+rd5KHrCn/t3OYg1xOAqdO8lCqP
1jhkjbOdw2aIsL8pdh7/zZEwPXFCJREWWa30a4IqfvQG2f+kiPBYOtMFy5dmZj6j
N4mD75jbU6Nfhlb2UX7L0T0wLUtOOQhrlqBfXNKASbDAOn5zrvtz0tjRMcE7xPsF
o9/3x+/xElkLkJnUzF1LH/n6T24ZseBqB6WNCPi9nqWbx1AGTK9jeWDjQJ1/Nvj+
YX6PPOfwpZquKvLi6ZiS5nR1wssz9iv93iL78o90Hd/z0wM9Dimi5njwEyl3Eocf
ZbpATMt8zWVDNxmrkYT33PRYy9V7G/O8aJnTkuSTOglo7akHMlJEhYfDLrmZtQnM
X2H5A/vO1JkJntC6kG7mIKn2q2U8CSYwfMqdscYDEHXaKTSPj225S6Xskw9nSuj8
HcboihKRosViuoX5NLF2Wu/hXryd0grv0WgHjpuqClQbMlmsd1mcVThzh84KLSlu
QgkabK3rbvDviEOOQ7fxfTj1MR3FzfYovY4TVrO8fjTAk5Rj4f/nlcgiiaCpQlFl
wTwcxDBL1s6MXv7aoAzyqpTBQ6vSFXWK5Ur+7roEkTAUEj8akgmxC9JzJqComHrw
vebSMV7XavdmfCvUXszFeQ/jNbkCDQRTMoe4ARAAz6Zr1rgM2fwNSuaOM9jmYRkU
GM6km1DIDLl/PiFJ/54jGn46pX5nQE+oiZ7Dr4hFIfxn8eEwlQVFGo0lzcNn5JP1
RGJFdAfLamTmaKrXl1cWayOtTvouuKfFEXH+BC/pPyy87tNiCki0NkzN59j8Plcc
ZZ0LRZWsyhLSQcBQh5xkei9Zvaen+nPTLSg6eIF1hFLoSa8lPZqBX8D2OMJxutKV
umhlO1DPzRX/mIpo0LwiYYu8/CX3ptaBMrrlnk7rZHIVk0vDjB0eVg2DEt+vEU3k
5FQkV/1RYgSlBA0kP8tgKBrve1I4KUorJLAZmX5i0BRrzAqpL1DWdhR+9IpYRKae
a6PYjBMghkWRw7st0XVB7x/boZE6eKswaxywGoc0kw3luR1RpF3Gg95N+2hfHixQ
1OhoPeqzQ+3AHlkr/vbhjtakkiPqLfuk+Ux9B6MISIeuWF/EKtyurWyDMTryKOgg
tj7YuTMtaDV7r8gLbOlMPpGGjBiBh566GR1SKDAUNGlGzp1dKOhWXVqaMwFt9Mja
y8ESH6hEJreQx2Q6R6XgXzWysQqM0RBMXh8p8yEV6mr3Ma8lNJM45tmOTfrazlrm
9PM1kzV646J72mxXr6qr4Q1cvr+xJQdvbXOocdYMmW/R+f1tPcvnlRkMyB7wzEtS
OGi9G6ErhhvNUSoZtlUAEQEAAYkCPAQYAQgAJgIbDBYhBGMZHOlBgwmGicq4237x
N+yTWw6vBQJdZiL4BQkMNcRAAAoJEH7xN+yTWw6vfCkQAIxkDpI+rVDrstPN+uoe
pfnaOlYCBVrzITIG+HYAeGj1nuZHMeg2AztVoeJ9FWq9z2xVuo4GIFyfFggZMEVS
Dyjgjojq0d8jEmOaUKFNnPMAAErGJEVHmQSAbp67lkwtcHZkkWgXKQ9FLx6z17U0
66H4svf/RTNiAxqgFu5UdLgfxULbnvoqI6+rWYggVWdlbm2dmoUwLRJsQrI6GMBS
jL6nWwu8tAQBk9Vzo1nj0l5M5i0R/PhbcsnUynlWxBVCGNxnMYydNbjpzNC2qnSy
ibyx0exiJM5HjYlDy82yr4LI9iN28wKmSxTOvCHN+QaQZ5adlDquhGwFm8TRRsm1
FDsVcmrjPTcGUsKfIAOyeiSHZO2tMU/CTvEYRNw09geVeOvIwNSXS8oblC1b3P1j
UP67CKVAYBnBFx7bMujlGyNJY8jGNEEBrDqxfYEAIEhyKNd0tWc86B1tqz/ArRvc
XfPof/cQcFVHpfpJ/NS+b4KrRvJHzV884N709JmrFZVVAR/2I/GmZ0wdCmBoZtH8
+IpwyMey0HIfa5dOtZw6jAAB5mkCBEs/P7VPrwzTpXcPBKFfj1R/iqpT7YvNk8Gh
l4xDVhZI8IpQ7j1RtJoULvAwmH0z/M5kS2N0ADxEo3mPgm1CaFudP4JijV3HX7Rx
IuOUseqwzF197kqA16in1P25
=f80i
-----END PGP PUBLIC KEY BLOCK-----

131
libsepol.spec Normal file
View File

@ -0,0 +1,131 @@
#
# spec file for package libsepol
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define libname libsepol2
Name: libsepol
Version: 3.5
Release: 0
Summary: SELinux binary policy manipulation library
License: LGPL-2.1-or-later
Group: Development/Libraries/C and C++
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz
Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz.asc
Source2: libsepol.keyring
Source3: baselibs.conf
BuildRequires: flex
BuildRequires: pkgconfig
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing
policy boolean settings.
%package utils
Summary: SELinux binary policy manipulation tools
Group: System/Base
%description utils
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing
policy boolean settings.
%package -n %{libname}
Summary: SELinux binary policy manipulation library
Group: System/Libraries
%description -n %{libname}
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing
policy boolean settings.
(Security-enhanced Linux is a feature of the kernel and some
utilities that implement mandatory access control policies, such as
Type Enforcement, Role-based Access Control and Multi-Level
Security.)
%package devel
Summary: Development files for SELinux's binary policy manipulation library
Group: Development/Libraries/C and C++
Requires: %{libname} = %{version}
Requires: glibc-devel
%description devel
The libsepol-devel package contains the libraries and header files
needed for developing applications that manipulate binary SELinux
policies.
%package devel-static
Summary: Static archives for SELinux's binary policy manipulation library
Group: Development/Libraries/C and C++
Requires: libsepol-devel = %{version}
%description devel-static
The libsepol-devel-static package contains the static libraries
needed for developing applications that manipulate binary SELinux
policies.
%prep
%setup -q
%build
%define _lto_cflags %{nil}
export CFLAGS="%{optflags} -fcommon"
make %{?_smp_mflags}
%install
%make_install LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}"
%post -n %{libname} -p /sbin/ldconfig
%postun -n %{libname} -p /sbin/ldconfig
%files utils
%defattr(-,root,root)
%{_bindir}/chkcon
%{_bindir}/sepol_check_access
%{_bindir}/sepol_compute_av
%{_bindir}/sepol_compute_member
%{_bindir}/sepol_compute_relabel
%{_bindir}/sepol_validate_transition
%{_mandir}/man8/*.8%{ext_man}
%{_mandir}/ru/man8/*.8%{ext_man}
%files -n %{libname}
%defattr(-,root,root)
%{_libdir}/libsepol.so.*
%files devel
%defattr(-,root,root)
%{_libdir}/libsepol.so
%{_mandir}/man3/*.3%{ext_man}
%{_includedir}/sepol/
%{_libdir}/pkgconfig/libsepol.pc
%files devel-static
%defattr(-,root,root)
%{_libdir}/libsepol.a
%changelog