From 96428a8f5675ddad1739c8dae32b8064e90b578fbedd1c54aac0186ec484045c Mon Sep 17 00:00:00 2001
From: Johannes Segitz <jsegitz@suse.com>
Date: Tue, 15 Aug 2023 06:16:42 +0000
Subject: [PATCH] Accepting request 1103976 from
 home:jsegitz:branches:security:SELinux

- Update to version 2.221:
  * Allow containers to shutdown sockets inheritted from container
    runtimes
  * Allow spc_t to use execmod libraries on container file systems
  * Add boolean to allow containers to read all cert files
  * More MLS Policy allow rules
  * Allow container runtimes using pasta bind icmp_socket to port_t
  * Fix spc_t transitions from container_runtime_domain

OBS-URL: https://build.opensuse.org/request/show/1103976
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/container-selinux?expand=0&rev=30
---
 container-selinux.changes | 12 ++++++++++++
 container-selinux.spec    |  2 +-
 v2.215.0.tar.gz           |  3 ---
 v2.221.tar.gz             |  3 +++
 4 files changed, 16 insertions(+), 4 deletions(-)
 delete mode 100644 v2.215.0.tar.gz
 create mode 100644 v2.221.tar.gz

diff --git a/container-selinux.changes b/container-selinux.changes
index b85d591..6aa6884 100644
--- a/container-selinux.changes
+++ b/container-selinux.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Aug 15 05:48:12 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
+
+- Update to version 2.221:
+  * Allow containers to shutdown sockets inheritted from container
+    runtimes
+  * Allow spc_t to use execmod libraries on container file systems
+  * Add boolean to allow containers to read all cert files
+  * More MLS Policy allow rules
+  * Allow container runtimes using pasta bind icmp_socket to port_t
+  * Fix spc_t transitions from container_runtime_domain
+
 -------------------------------------------------------------------
 Tue May 23 07:32:16 UTC 2023 - Johannes Segitz <jsegitz@suse.com>
 
diff --git a/container-selinux.spec b/container-selinux.spec
index a173e4f..6d7793f 100644
--- a/container-selinux.spec
+++ b/container-selinux.spec
@@ -26,7 +26,7 @@
 # Version of SELinux we were using
 %define selinux_policyver %(rpm -q selinux-policy --qf '%%{version}')
 Name:           container-selinux
-Version:        2.215.0
+Version:        2.221
 Release:        0
 Summary:        SELinux policies for container runtimes
 License:        GPL-2.0-only
diff --git a/v2.215.0.tar.gz b/v2.215.0.tar.gz
deleted file mode 100644
index 311533a..0000000
--- a/v2.215.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7236e149d4238b996ee94127ecc15ec3c1bceb5d4bc58e397a6e404b42133906
-size 31027
diff --git a/v2.221.tar.gz b/v2.221.tar.gz
new file mode 100644
index 0000000..5cebcf7
--- /dev/null
+++ b/v2.221.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:357adc87e80057e49b6f897ff367e57063c6023bd4f2bc57d5ab965863a0ade9
+size 30720