rpm/libsepol
SHA256
1
0
Fork 0
forked from pool/libsepol
Code Pull Requests Activity

Accepting request 406824 from home:MargueriteSu:branches:security:SELinux

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/406824
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsepol?expand=0&rev=53
This commit is contained in:
Johannes Segitz 2016-07-13 07:20:10 +00:00 committed by Git OBS Bridge
parent 65a06fd460
commit 5bf1c1c3b5
4 changed files with 65 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libsepol-2.3.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cc8d8642c3b7b95d6928d65dcbca2ab0627abc1c05166637851e63c1a6eae68f
size 209570

3
libsepol-2.5.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2bdeec56d0a08b082b93b40703b4b3329cc5562152f7254d8f6ef6b56afe850a
size 438730

56
libsepol.changes
View File

@ -1,3 +1,59 @@
-------------------------------------------------------------------
Tue Jul 5 17:11:44 UTC 2016 - i@marguerite.su
- update version 2.5
* Fix unused variable annotations
* Fix uninitialized variable in CIL
* Validate extended avrules and permissionxs in CIL
* Add support in CIL for neverallowx
* Fully expand neverallowxperm rules
* Add support for unordered classes to CIL
* Add neverallow support for ioctl extended permissions
* Improve CIL block and macro call recursion detection
* Fix CIL uninitialized false positive in cil_binary
* Provide error in CIL if classperms are empty
* Add userattribute{set} functionality to CIL
* fix CIL blockinherit copying segfault and add macro restrictions
* fix CIL NULL pointer dereference when copying classpermission/set
* Add CIL support for ioctl whitelists
* Fix memory leak when destroying avtab
* Replace sscanf in module_to_cil
* Improve CIL resolution error messages
* Fix policydb_read for policy versions < 24
* Added CIL bounds checking and refactored CIL Neverallow checking
* Refactored libsepol Neverallow and bounds (hierarchy) checking
* Treat types like an attribute in the attr_type_map
* Add new ebitmap function named ebitmap_match_any()
* switch operations to extended perms
* Write auditadm_r and secadm_r roles to base module when writing CIL
* Fix module to CIL to only associate declared roleattributes with in-scope types
* Don't allow categories/sensitivities inside blocks in CIL
* Replace fmemopen() with internal function in libsepol
* Verify users prior to evaluating users in cil
* Binary modules do not support ioctl rules
* Add support for ioctl command whitelisting
* Don't use symbol versioning for static object files
* Add sepol_module_policydb_to_cil(), sepol_module_package_to_cil(),
and sepol_ppfile_to_module_package()
* Move secilc out of libsepol
* fix building Xen policy with devicetreecon, and add devicetreecon
CIL documentation
* bool_copy_callback set state on creation
* Add device tree ocontext nodes to Xen policy
* Widen Xen IOMEM context entries
* Fix error path in mls_semantic_level_expand()
* Update to latest CIL, includes new name resolution and fixes ordering
issues with blockinherit statements, and bug fixes
- changes in 2.4
* Remove assumption that SHLIBDIR is ../../ relative to LIBDIR
* Fix bugs found by hardened gcc flags
* Build CIL into libsepol. libsepol can be built without CIL by setting the
DISABLE_CIL flag to 'y'
* Add an API function to set target_platform
* Report all neverallow violations
* Improve check_assertions performance
* Allow libsepol C++ static library on device
------------------------------------------------------------------- -------------------------------------------------------------------
Fri May 16 13:06:12 UTC 2014 - vcizek@suse.com Fri May 16 13:06:12 UTC 2014 - vcizek@suse.com

9
libsepol.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package libsepol # spec file for package libsepol
# #
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -17,15 +17,16 @@
Name: libsepol Name: libsepol
Version: 2.3 Version: 2.5
Release: 0 Release: 0
Url: http://www.nsa.gov/selinux/ Url: http://www.nsa.gov/selinux/
Summary: SELinux binary policy manipulation library Summary: SELinux binary policy manipulation library
License: LGPL-2.1+ License: LGPL-2.1+
Group: System/Libraries Group: System/Libraries
Source: http://userspace.selinuxproject.org/releases/20140506/%{name}-%{version}.tar.gz Source: http://userspace.selinuxproject.org/releases/20160223/%{name}-%{version}.tar.gz
Source2: baselibs.conf Source2: baselibs.conf
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: flex
BuildRequires: pkg-config BuildRequires: pkg-config
%description %description
@ -127,7 +128,9 @@ rm -rf $RPM_BUILD_ROOT%{_mandir}/man8
%{_libdir}/libsepol.so %{_libdir}/libsepol.so
%{_mandir}/man3/* %{_mandir}/man3/*
%dir %{_includedir}/sepol %dir %{_includedir}/sepol
%dir %{_includedir}/sepol/cil
%{_includedir}/sepol/*.h %{_includedir}/sepol/*.h
%{_includedir}/sepol/cil/cil.h
%dir %{_includedir}/sepol/policydb %dir %{_includedir}/sepol/policydb
%{_includedir}/sepol/policydb/*.h %{_includedir}/sepol/policydb/*.h
%{_libdir}/pkgconfig/libsepol.pc %{_libdir}/pkgconfig/libsepol.pc