--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2020-740de661da
2020-08-31 15:48:37.485839
--------------------------------------------------------------------------------Name        : selinux-policy
Product     : Fedora 32
Version     : 3.14.5
Release     : 43.fc32
URL         : https://github.com/fedora-selinux/selinux-policy
Summary     : SELinux policy configuration
Description :
SELinux Base package for SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision  2.20091117

--------------------------------------------------------------------------------Update Information:

New F32 selinux-policy build
--------------------------------------------------------------------------------ChangeLog:

* Thu Aug 27 2020 Zdenek Pytela  - 3.14.5-43
- The nfsdcld service is now confined by SELinux
- Dontaudit thumb_t setting its process scheduling
- Allow munin domain transition with NoNewPrivileges
- Allow unconfined_t to node_bind icmp_sockets in node_t domain
- Change transitions for ~/.config/Yubico
- Add file context for ~/.config/Yubico
- Allow syslogd_t domain to read/write tmpfs systemd-bootchart files
- Create macro corenet_icmp_bind_generic_node()
- Allow traceroute_t and ping_t to bind generic nodes.
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1834234 - the nfsdcld service is not confined by SELinux
        https://bugzilla.redhat.com/show_bug.cgi?id=1834234
  [ 2 ] Bug #1835630 - some confined users cannot successfully run userdbctl because of SELinux
        https://bugzilla.redhat.com/show_bug.cgi?id=1835630
  [ 3 ] Bug #1838163 - SELinux prevents systemd-journald from recvmsg()-ing the /memfd:sd-systemd-bootcha file
        https://bugzilla.redhat.com/show_bug.cgi?id=1838163
  [ 4 ] Bug #1852513 - SELinux is preventing tumblerd from using the 'sys_nice' capabilities.
        https://bugzilla.redhat.com/show_bug.cgi?id=1852513
  [ 5 ] Bug #1860888 - [authselect] Obligatory 2FA doesn't work
        https://bugzilla.redhat.com/show_bug.cgi?id=1860888
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-740de661da' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Fedora 32: selinux-policy 2020-740de661da

August 31, 2020

New F32 selinux-policy build

Summary

SELinux Base package for SELinux Reference Policy - modular.

Based off of reference policy: Checked out revision 2.20091117

New F32 selinux-policy build

* Thu Aug 27 2020 Zdenek Pytela - 3.14.5-43

- The nfsdcld service is now confined by SELinux

- Dontaudit thumb_t setting its process scheduling

- Allow munin domain transition with NoNewPrivileges

- Allow unconfined_t to node_bind icmp_sockets in node_t domain

- Change transitions for ~/.config/Yubico

- Add file context for ~/.config/Yubico

- Allow syslogd_t domain to read/write tmpfs systemd-bootchart files

- Create macro corenet_icmp_bind_generic_node()

- Allow traceroute_t and ping_t to bind generic nodes.

[ 1 ] Bug #1834234 - the nfsdcld service is not confined by SELinux

https://bugzilla.redhat.com/show_bug.cgi?id=1834234

[ 2 ] Bug #1835630 - some confined users cannot successfully run userdbctl because of SELinux

https://bugzilla.redhat.com/show_bug.cgi?id=1835630

[ 3 ] Bug #1838163 - SELinux prevents systemd-journald from recvmsg()-ing the /memfd:sd-systemd-bootcha file

https://bugzilla.redhat.com/show_bug.cgi?id=1838163

[ 4 ] Bug #1852513 - SELinux is preventing tumblerd from using the 'sys_nice' capabilities.

https://bugzilla.redhat.com/show_bug.cgi?id=1852513

[ 5 ] Bug #1860888 - [authselect] Obligatory 2FA doesn't work

https://bugzilla.redhat.com/show_bug.cgi?id=1860888

su -c 'dnf upgrade --advisory FEDORA-2020-740de661da' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

FEDORA-2020-740de661da 2020-08-31 15:48:37.485839 Product : Fedora 32 Version : 3.14.5 Release : 43.fc32 URL : https://github.com/fedora-selinux/selinux-policy Summary : SELinux policy configuration Description : SELinux Base package for SELinux Reference Policy - modular. Based off of reference policy: Checked out revision 2.20091117 New F32 selinux-policy build * Thu Aug 27 2020 Zdenek Pytela - 3.14.5-43 - The nfsdcld service is now confined by SELinux - Dontaudit thumb_t setting its process scheduling - Allow munin domain transition with NoNewPrivileges - Allow unconfined_t to node_bind icmp_sockets in node_t domain - Change transitions for ~/.config/Yubico - Add file context for ~/.config/Yubico - Allow syslogd_t domain to read/write tmpfs systemd-bootchart files - Create macro corenet_icmp_bind_generic_node() - Allow traceroute_t and ping_t to bind generic nodes. [ 1 ] Bug #1834234 - the nfsdcld service is not confined by SELinux https://bugzilla.redhat.com/show_bug.cgi?id=1834234 [ 2 ] Bug #1835630 - some confined users cannot successfully run userdbctl because of SELinux https://bugzilla.redhat.com/show_bug.cgi?id=1835630 [ 3 ] Bug #1838163 - SELinux prevents systemd-journald from recvmsg()-ing the /memfd:sd-systemd-bootcha file https://bugzilla.redhat.com/show_bug.cgi?id=1838163 [ 4 ] Bug #1852513 - SELinux is preventing tumblerd from using the 'sys_nice' capabilities. https://bugzilla.redhat.com/show_bug.cgi?id=1852513 [ 5 ] Bug #1860888 - [authselect] Obligatory 2FA doesn't work https://bugzilla.redhat.com/show_bug.cgi?id=1860888 su -c 'dnf upgrade --advisory FEDORA-2020-740de661da' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity

Product : Fedora 32

Version : 3.14.5

Release : 43.fc32

URL : https://github.com/fedora-selinux/selinux-policy

Summary : SELinux policy configuration

What Are You Looking For?

Fedora 32: selinux-policy 2020-740de661da

Summary

Change Log

References

Update Instructions

MidnightBSD 3.0.1 Released With Security Fixes, rc.d Scripts Cleanup

New Patches Aim To Tackle Linux x86_64 PIE Support

systemd 253: You're Looking at the Future of Enterprise Linux Boot Processes

Proposed Linux Patch Would Allow Disabling CPU Security Mitigations At Build-Time

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management

A Complete Guide to Torrenting Safely in 2024

Cloud Security Basics for Small Businesses

Scanning and Defending Networks with Nmap

CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

What Are You Looking For?

Fedora 32: selinux-policy 2020-740de661da

Summary

Change Log

References

Update Instructions

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By