Fedora Linux 8798 Published by

A new update is available for Fedora Core - Fedora Core 4 Update: selinux-policy-targeted-1.25.4-10. Here the announcement:



Fedora Update Notification
FEDORA-2005-814
2005-08-29
---------------------------------------------------------------------

Product : Fedora Core 4
Name : selinux-policy-targeted
Version : 1.25.4
Release : 10
Summary : SELinux targeted policy configuration
Description :
Security-enhanced Linux is a patch of the LinuxÂ:registered: kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type EnforcementÂ:registered:, Role-based Access
Control, and Multi-level Security.

This package contains the SELinux example policy configuration along
with the Flask configuration information and the application
configuration files.

---------------------------------------------------------------------

* Thu Aug 25 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-10
- Bump for FC4

* Thu Aug 25 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-9
- Allow i18n_input to read homedirs
- Remove i18n_input from targeted

* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-8
- Apply russell's cleanups

* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-7
- Bump for FC-4

* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-6
- Fix /var/lib/yp/* file_context

* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-5
- Add capifs
- Add roundup policy
- fix gdm

* Wed Aug 17 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-4.1
- Trying out postfix.te

* Wed Aug 17 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-4
- Add more access for amanda
- Allow dovecot to create files in mail_spool_t

* Tue Aug 16 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-3
- add can_access_pty macro
- Add nsswitch_macro for lots of ldap fixes

* Sun Aug 14 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-2
- Support for policy.20 and policy.19

* Thu Aug 11 2005 Dan Walsh <dwalsh@redhat.com> 1.25.4-1
-Update to latest from NSA
* Merged small patches from Russell Coker for the restorecon,
kudzu, lvm, radvd, and spamassasin policies.
* Added fs_use_trans rule for mqueue from Mark Gebhart to support
the work he has done on providing SELinux support for mqueue.
* Merged a patch from Dan Walsh. Removes the user_can_mount
tunable. Adds disable_evolution_trans and disable_thunderbird_trans
booleans. Adds the nscd_client_domain attribute to insmod_t.
Removes the user_ping boolean from targeted policy. Adds
hugetlbfs, inotifyfs, and mqueue filesystems to genfs_contexts.
Adds the isakmp_port for vpnc. Creates the pptp daemon domain.
Allows getty to run sbin_t for pppd. Allows initrc to write to
default_t for booting. Allows Hotplug_t sys_rawio for prism54
card at boot. Other minor fixes.

* Mon Aug 8 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-15
- Bump for FC4

* Mon Aug 8 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-14
- Allow passwd to read sysctl
- Fix fsadm for zip drives

* Fri Aug 5 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-13
- Allow cvs to use kerberos
- Allow sasauthd to use mysql


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

da96c2699a3aa3adc1fc8b95e8f17e73 SRPMS/selinux-policy-targeted-1.25.4-10.src.rpm
24856d4b565a183fef5ef37c1f2e925f x86_64/selinux-policy-targeted-1.25.4-10.noarch.rpm
76bca90e7653efa77960c3bfd57b288d x86_64/selinux-policy-targeted-sources-1.25.4-10.noarch.rpm
24856d4b565a183fef5ef37c1f2e925f i386/selinux-policy-targeted-1.25.4-10.noarch.rpm
76bca90e7653efa77960c3bfd57b288d i386/selinux-policy-targeted-sources-1.25.4-10.noarch.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.