[ol9_appstream] fapolicyd-selinux-1.3.2-100.0.1.el9.noarch

The fapolicyd-selinux package contains selinux policy for the fapolicyd daemon.

Changelog (Show File list) (Show related packages)

• Wed Oct 18 2023 EL Errata <el-errata_ww@oracle.com> - 1.3.2-100.0.1

  - Increase db_max_size to 100M

• Wed Jul 19 2023 Radovan Sroka <rsroka@redhat.com> - 1.3.2-100

  RHEL 9.3.0 ERRATUM
  - Rebase fapolicyd to the latest stable version
  Resolves: RHEL-430
  - fapolicyd can leak FDs and never answer request, causing target process to hang forever
  Resolves: RHEL-621
  - RFE: send rule number to fanotify so it gets audited
  Resolves: RHEL-624
  - fapolicyd needs to make sure the FD limit is never reached
  Resolves: RHEL-623
  - fapolicyd still allows execution of a program after "untrusting" it
  Resolves: RHEL-622
  - Default q_size doesn't match manpage's one
  Resolves: RHEL-627
  - fapolicyd-cli --update then mount/umount twice causes fapolicyd daemon to block (state 'D')
  Resolves: RHEL-817
  - Fix broken backwards compatibility backend numbers
  Resolves: RHEL-730
  - SELinux prevents the fapolicyd from reading symlink (cert_t)
  Resolves: RHEL-816

• Mon Jan 30 2023 Radovan Sroka <rsroka@redhat.com> - 1.1.3-104

  RHEL 9.2.0 ERRATUM
  - statically linked app can execute untrusted app
  Resolves: rhbz#2097077
  - fapolicyd ineffective with systemd DynamicUser=yes
  Resolves: rhbz#2136802
  - Starting manually fapolicyd while the service is already running breaks the system
  Resolves: rhbz#2160517
  - Cannot execute /usr/libexec/grepconf.sh when falcon-sensor is enabled
  Resolves: rhbz#2160518
  - fapolicyd: Introduce filtering of rpmdb
  Resolves: RHEL-192

• Fri Aug 05 2022 Radovan Sroka <rsroka@redhat.com> - 1.1.3-102

  RHEL 9.1.0 ERRATUM
  - rebase fapolicyd to the latest stable vesion
  Resolves: rhbz#2100041
  - fapolicyd gets way too easily killed by OOM killer
  Resolves: rhbz#2097385
  - fapolicyd does not correctly handle SIGHUP
  Resolves: rhbz#2070655
  - Introduce ppid rule attribute
  Resolves: rhbz#2102558
  - fapolicyd often breaks package updates
  Resolves: rhbz#2111244
  - drop libgcrypt in favour of openssl
  Resolves: rhbz#2111938
  - Remove dnf plugin
  Resolves: rhbz#2113959
  - fapolicyd.rules doesn't advertise that using a username/groupname instead of uid/gid also works
  Resolves: rhbz#2115849

• Thu Jun 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-104

  RHEL 9.1.0 ERRATUM
  - CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path
  Resolves: rhbz#2069123
  - Faulty handling of static applications
  Resolves: rhbz#2096457

• Sun Apr 03 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-101

  RHEL 9.1.0 ERRATUM
  - fapolicyd denies access to /usr/lib64/ld-2.28.so
  Resolves: rhbz#2067493

• Wed Feb 16 2022 Radovan Sroka <rsroka@redhat.com> - 1.1-100

  RHEL 9.0.0 ERRATUM
  - rebase to 1.1
  Resolves: rhbz#2032408
  - introduce rules.d
  Resolves: rhbz#2054740
  - remove pretrans scriptlet
  Resolve: rhbz#2051481

• Tue Dec 14 2021 Zoltan Fridrich <zfridric@redhat.com> - 1.0.4-101

  RHEL 9.0.0 ERRATUM
  - rebase to 1.0.4
  - added rpm_sha256_only option
  - added trust.d directory
  - allow file names with whitespaces in trust files
  - use full paths in trust files
  Resolves: rhbz#2032408
  - fix libc.so getting identified as application/x-executable
  Resolves: rhbz#2015307
  - fix selinux DSP module definition in spec file
  Resolves: rhbz#2014449