Name: | libsepol |
---|---|
Version: | 2.9 |
Release: | 3.el8 |
Architecture: | x86_64 |
Group: | Unspecified |
Size: | 761632 |
License: | LGPLv2+ |
RPM: | libsepol-2.9-3.el8.x86_64.rpm |
Source RPM: | libsepol-2.9-3.el8.src.rpm |
Build Date: | Sun Oct 10 2021 |
Build Host: | build-ol8-x86_64.oracle.com |
Vendor: | Oracle America |
URL: | https://github.com/SELinuxProject/selinux/wiki |
Summary: | SELinux binary policy manipulation library |
Description: | Security-enhanced Linux is a feature of the Linux® kernel and a number of utilities with enhanced security functionality designed to add mandatory access controls to Linux. The Security-enhanced Linux kernel contains new architectural components originally developed to improve the security of the Flask operating system. These architectural components provide general support for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role-based Access Control, and Multi-level Security. libsepol provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies such as customizing policy boolean settings. |
- cil: Fix out-of-bound read of file context pattern ending with "\" - cil: Destroy classperms list when resetting classpermission (#1983517) - cil: Destroy classperm list when resetting map perms (#1983521) - cil: cil_reset_classperms_set() should not reset classpermission (#1983525) - cil: Set class field to NULL when resetting struct cil_classperms - cil: More strict verification of constraint leaf expressions - cil: Exit with an error if declaration name is a reserved word - cil: Allow permission expressions when using map classes - cil: Reorder checks for invalid rules when building AST - cil: Cleanup build AST helper functions - cil: Create new first child helper function for building AST - cil: Remove unused field from struct cil_args_resolve - cil: Destroy disabled optional blocks after pass is complete - cil: Check if name is a macro parameter first - cil: fix NULL pointer dereference in __cil_insert_name - cil: Report disabling an optional block only at high verbose levels - cil: Use AST to track blocks and optionals when resolving - cil: Reorder checks for invalid rules when resolving AST - cil: Sync checks for invalid rules in booleanifs - cil: Check for statements not allowed in optional blocks (#1983530)
- Drop unnecessary telinit (#1838257)
- SELinux userspace 2.9 release
- Fix RESOURCE_LEAK coverity scan defects
- SELinux userspace 2.8 release
- SELinux userspace 2.8-rc1 release candidate
- SELinux userspace 2.8-rc1 release candidate
- Prevent freeing unitialized value in ibendport handling - Add support for the SCTP portcon keyword - Export sepol_polcap_getnum/name functions
- cil: Create new keep field for type attribute sets - build: follow standard semantics for DESTDIR and PREFIX - cil: show an error when cil_expr_to_string() fails
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild