[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fedora Core 3 Update: selinux-policy-strict-1.19.10-2



---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-502
2004-12-02
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : selinux-policy-strict
Version     : 1.19.10
Release     : 2
Summary     : SELinux strict policy configuration
Description :
Security-enhanced Linux is a patch of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux.  The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.

This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.

---------------------------------------------------------------------
Update Information:

Update to latest version in rawhide, since this is what is being used by the SELinux community for strict policy
---------------------------------------------------------------------
* Thu Dec 02 2004 Dan Walsh <dwalsh redhat com> 1.19-10-2


- Bump for FC3

* Thu Dec 02 2004 Dan Walsh <dwalsh redhat com> 1.19-10-1

- Update to latest from NSA
- Fix tty devices from IBM Platforms

* Thu Dec 02 2004 Dan Walsh <dwalsh redhat com> 1.19-9-1

- Update to add execmem and execmod

* Wed Dec 01 2004 Dan Walsh <dwalsh redhat com> 1.19-8-4

- Allow boolloader to can_exec_any

* Wed Dec 01 2004 Dan Walsh <dwalsh redhat com> 1.19-8-3

- Add ipx support
- Fix portmap

* Tue Nov 30 2004 Dan Walsh <dwalsh redhat com> 1.19-8-2

- Make htdig work

* Tue Nov 30 2004 Dan Walsh <dwalsh redhat com> 1.19-8-1

- Cleanup several network_client calls
- Update from upstream

* Tue Nov 30 2004 Dan Walsh <dwalsh redhat com> 1.19-7-2

- Remove root_dir_type, fix hotplug

* Tue Nov 30 2004 Dan Walsh <dwalsh redhat com> 1.19-7-1

- Update to Upstream

* Mon Nov 29 2004 Dan Walsh <dwalsh redhat com> 1.19-6-1

- Update to Upstream

* Wed Nov 24 2004 Dan Walsh <dwalsh redhat com> 1.19-5-1

- Update to Upstream
- Convert to new network_macros.te

* Tue Nov 23 2004 Dan Walsh <dwalsh redhat com> 1.19-4-4

- Add proc_net for unconfined_t

* Mon Nov 22 2004 Dan Walsh <dwalsh redhat com> 1.19-4-3

- Fix location of selinuxenabled

* Mon Nov 22 2004 Dan Walsh <dwalsh redhat com> 1.19-4-2

- Add some rules to allow httpd_sys_content_t to access to httpdcontent if httpd_unified is set

o* Sun Nov 21 2004 Dan Walsh <dwalsh redhat com> 1.19-4-1
- Upgrade to match upstream
- Require policycoreutils

* Fri Nov 19 2004 Dan Walsh <dwalsh redhat com> 1.19-3-1

- Upgrade to upstream
- Add fixes for postgres and apache

* Thu Nov 18 2004 Dan Walsh <dwalsh redhat com> 1.19-2-1

- Upgrade to upstream

* Wed Nov 17 2004 Dan Walsh <dwalsh redhat com> 1.19-1-14

Add back in zebra

* Wed Nov 17 2004 Dan Walsh <dwalsh redhat com> 1.19-1-13

- don't transition from sysadm_t (unconfined_t) to system_mail_t when
executing sendmail in targeted policy

* Wed Nov 17 2004 Dan Walsh <dwalsh redhat com> 1.19-1-12

- Fixes for crond fifo file, httpd_unified, and cups

* Tue Nov 16 2004 Dan Walsh <dwalsh redhat com> 1.19-1-11

- Fixed for /dev/pmu and printconf

* Tue Nov 16 2004 Dan Walsh <dwalsh redhat com> 1.19-1-10

- Add boolean to allow httpd to communicate with tty

* Sat Nov 13 2004 Dan Walsh <dwalsh redhat com> 1.19-1-9

- Minor fixes
- Add postgresql.te to targeted

* Fri Nov 12 2004 Dan Walsh <dwalsh redhat com> 1.19-1-8

- tighten security on squirrelmail

* Fri Nov 12 2004 Dan Walsh <dwalsh redhat com> 1.19-1-7

- Fixes to get squirrelmail working in targeted policy

* Thu Nov 11 2004 Dan Walsh <dwalsh redhat com> 1.19-1-6

- Remove unwanted te files to make policy smaller

* Thu Nov 11 2004 Dan Walsh <dwalsh redhat com> 1.19-1-5

- Add allow_kerberos for targeted policy and fix ntpd for targetd

* Wed Nov 10 2004 Dan Walsh <dwalsh redhat com> 1.19-1-4

- Fix mysql.te

* Wed Nov 10 2004 Dan Walsh <dwalsh redhat com> 1.19-1-3

- Cleanup of Dovecot and squirrelmail

* Wed Nov 10 2004 Dan Walsh <dwalsh redhat com> 1.19-1-2

- Allow httpd to read bin_t lnk_files

* Tue Nov 09 2004 Dan Walsh <dwalsh redhat com> 1.19-1-1

- Update from NSA

* Mon Nov 08 2004 Dan Walsh <dwalsh redhat com> 1.18.2-4

- Add /dev/pmu and privoxy fixes

* Mon Nov 08 2004 Dan Walsh <dwalsh redhat com> 1.18.2-3

- Complete lockdev and test with mincom

* Sat Nov 06 2004 Dan Walsh <dwalsh redhat com> 1.18.2-2

- Add preliminary lockdev defs

* Sat Nov 06 2004 Dan Walsh <dwalsh redhat com> 1.18.2-1

- Allow gpg to read/write user homedir files

* Sat Nov 06 2004 Dan Walsh <dwalsh redhat com> 1.18.2-1

- Merge with upstream
- Allow users to read xdm pid files
- Allow sysadm_t to communicate with xdm fifo file.

* Thu Nov 04 2004 Dan Walsh <dwalsh redhat com> 1.18.1-3

- ooffice is crashing because it needs to getattr on a dri device.

* Wed Nov 03 2004 Dan Walsh <dwalsh redhat com> 1.18.1-2

- Eliminate single user domain

* Tue Nov 02 2004 Dan Walsh <dwalsh redhat com> 1.18.1-1

- Update from NSA

* Tue Nov 02 2004 Dan Walsh <dwalsh redhat com> 1.17.37-2

- Many fixes for tighter can_network policy and nscd_client_domain

* Mon Nov 01 2004 Dan Walsh <dwalsh redhat com> 1.17.37-1

- Merge with upstream

* Fri Oct 29 2004 Dan Walsh <dwalsh redhat com> 1.17.36-3

- Eliminate ability to read tmp_t lnk_files

* Thu Oct 28 2004 Dan Walsh <dwalsh redhat com> 1.17.36-2

- Add ability to specify port to can_tcp_network

* Wed Oct 27 2004 Dan Walsh <dwalsh redhat com> 1.17.36-1

- Break out can_network in to can_tcp_network and can_udp_network
- Add lots of nscd_client_domain

* Tue Oct 26 2004 Dan Walsh <dwalsh redhat com> 1.17.35-2

- Add russells patch for ntpdate
- Add Colins batch for dbus_macro

* Tue Oct 26 2004 Dan Walsh <dwalsh redhat com> 1.17.35-1

- New fixes for fowner in setfiles and restorecon

* Mon Oct 25 2004 Dan Walsh <dwalsh redhat com> 1.17.34-2

- Fix spec file

* Mon Oct 25 2004 Dan Walsh <dwalsh redhat com> 1.17.34-1

- Update to latest from NSA

* Wed Oct 20 2004 Dan Walsh <dwalsh redhat com> 1.17.33-2

- Add some squid fixes and add disable_games boolean

* Tue Oct 19 2004 Dan Walsh <dwalsh redhat com> 1.17.33-1

- Update to latest from NSA
- Add apache unified patch

* Mon Oct 18 2004 Dan Walsh <dwalsh redhat com> 1.17.32-2

- fixes for nscd
- Fixes for /var/run file contexts

* Wed Oct 13 2004 Dan Walsh <dwalsh redhat com> 1.17.32-1

- Latest from NSA

* Wed Oct 13 2004 Dan Walsh <dwalsh redhat com> 1.17.31-2

- Begin fixing bugs when turning off unlimitedinitrc

* Wed Oct 13 2004 Dan Walsh <dwalsh redhat com> 1.17.31-1

- Small fixes to cleanup reboot
- FTP RLOGIN RSH
- Update with NSA


--------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

b79480b684832bb23f13e0d9095b57d0 SRPMS/selinux-policy-strict-1.19.10-2.src.rpm
051665978baf976bf96675fcb178c286 x86_64/selinux-policy-strict-1.19.10-2.noarch.rpm
9f6d91f1aec00ba2e5f6f02384fe2cd3 x86_64/selinux-policy-strict-sources-1.19.10-2.noarch.rpm
051665978baf976bf96675fcb178c286 i386/selinux-policy-strict-1.19.10-2.noarch.rpm
9f6d91f1aec00ba2e5f6f02384fe2cd3 i386/selinux-policy-strict-sources-1.19.10-2.noarch.rpm


This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]