Name: | libsepol |
---|---|
Version: | 2.5 |
Release: | 6.el7 |
Architecture: | x86_64 |
Group: | System Environment/Libraries |
Size: | 661232 |
License: | LGPLv2+ |
RPM: | libsepol-2.5-6.el7.x86_64.rpm |
Source RPM: | libsepol-2.5-6.el7.src.rpm |
Build Date: | Sun Sep 04 2016 |
Build Host: | x86-ol7-builder-01.us.oracle.com |
Vendor: | Oracle America |
URL: | https://github.com/SELinuxProject/selinux/wiki |
Summary: | SELinux binary policy manipulation library |
Description: | Security-enhanced Linux is a feature of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. libsepol provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies such as customizing policy boolean settings. |
- Fix memory leak in expand.c - Fix invalid read when policy file is corrupt - Fix possible use of uninitialized variables
- Warn instead of fail if permission is not resolved - Ignore object_r when adding userrole mappings to policydb
- Add missing return to sepol_node_query()
- Correctly detect unknown classes in sepol_string_to_security_class - Sort object files for deterministic linking order - Fix neverallowxperm checking on attributes - Remove libsepol.map when cleaning - Add high-level language line marking support to CIL - Change logic of bounds checking to match change in kernel - Fix multiple spelling errors - Only apply bounds checking to source types in rules - Fix CIL and not add an attribute as a type in the attr_type_map - Build policy on systems not supporting DCCP protocol - Fix extended permissions neverallow checking - Fix CIL neverallow and bounds checking - Android.mk: Add -D_GNU_SOURCE to common_cflags
- Fix bug in CIL when resetting classes - Add support for portcon dccp protocol
- Update to upstream release 2016-02-23
- Mass rebuild 2014-01-24
- Mass rebuild 2013-12-27
- Update to upstream * filename_trans: use some better sorting to compare and merge * coverity fixes * implement default type policy syntax * Fix memory leak issues found by Klocwork - Add CONTRAINT_NAMES to the kernel
- Update to latest patches from eparis/Upstream