Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libsepol2 | Distribution: openSUSE Tumbleweed |
Version: 3.9 | Vendor: openSUSE |
Release: 2.1 | Build date: Thu Jul 17 17:49:27 2025 |
Group: System/Libraries | Build host: reproducible |
Size: 869884 | Source RPM: libsepol-3.9-2.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://github.com/SELinuxProject/selinux/wiki/Releases | |
Summary: SELinux binary policy manipulation library |
libsepol provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies such as customizing policy boolean settings. (Security-enhanced Linux is a feature of the kernel and some utilities that implement mandatory access control policies, such as Type Enforcement, Role-based Access Control and Multi-Level Security.)
LGPL-2.1-or-later
* Thu Jul 17 2025 Johannes Segitz <jsegitz@suse.com> - Update to version 3.9 * Add new 'netif_wildcard' policy capability * Allow multiple policycap statements * Support genfs_seclabel_wildcard * Introduce neveraudit types * Fri Mar 07 2025 Cathy Hu <cathy.hu@suse.com> - Update to version 3.8.1 https://github.com/SELinuxProject/selinux/releases/tag/3.8.1 * no source change * Tue Feb 04 2025 Robert Frohl <rfrohl@suse.com> - Update to version 3.8 https://github.com/SELinuxProject/selinux/releases/tag/3.8 * libsepol: Support nlmsg extended permissions * libsepol: Add policy capability netlink_xperm * libsepol: add support for xperms in conditional policies * Code improvements and bug fixes - For a more in depth list of changes see https://github.com/SELinuxProject/selinux/releases/download/3.8/shortlog-3.8.txt - keyring: Update Petr Lautrbach <lautrbach@redhat.com> * removed 0xBC3905F235179CF1 (expired: 2024-10-25) * added 0xFB4C685B5DC1C13E (expires: 2026-11-04) * Mon Jul 01 2024 Cathy Hu <cathy.hu@suse.com> - Update to version 3.7 https://github.com/SELinuxProject/selinux/releases/tag/3.7 * User-visible changes: * libsepol: improve policy lookup failure message * libsepol: include prefix for module policy versions * libsepol: validate type-attribute-map for old policies * libsepol: only exempt gaps checking for kernel policies * Bugfixes: * libsepol/src/Makefile: fix reallocarray detection * libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) * libsepol: ensure transitivity in compare functions * oss-fuzz fixes: * libsepol: check scope permissions refer to valid class * libsepol: validate attribute-type maps * libsepol: reject self flag in type rules in old policies * libsepol: validate class permissions * libsepol: validate access vector permissions * libsepol: reject MLS support in pre-MLS policies * libsepol: Fix buffer overflow when using sepol_av_to_string() * libsepol: Use a dynamic buffer in sepol_av_to_string() * Tue Dec 19 2023 Cathy Hu <cathy.hu@suse.com> - Update to version 3.6 https://github.com/SELinuxProject/selinux/releases/tag/3.6 * struct cond_expr_t bool renamed to boolean The change is indicated by COND_EXPR_T_RENAME_BOOL_BOOLEAN macro * Add notself support for neverallow rules * Improve man pages * man pages: Remove the Russian translations * Add notself and other support to CIL * Add support for deny rules * Translations updated from https://translate.fedoraproject.org/projects/selinux/ * Bug fixes - Remove keys from keyring since they expired: - E853C1848B0185CF42864DF363A8AD4B982C4373 Petr Lautrbach <plautrba@redhat.com> - 63191CE94183098689CAB8DB7EF137EC935B0EAF Jason Zaman <jasonzaman@gmail.com> - Add key to keyring: - B8682847764DF60DF52D992CBC3905F235179CF1 Petr Lautrbach <lautrbach@redhat.com> * Thu Mar 23 2023 Martin Liška <mliska@suse.cz> - Enable LTO now (boo#1138813). * Fri Feb 24 2023 Johannes Segitz <jsegitz@suse.com> - Update to version 3.5 * Stricter policy validation * do not write empty class definitions to allow simpler round-trip tests * reject attributes in type av rules for kernel policies - Added additional developer key (Jason Zaman) * Mon May 09 2022 Johannes Segitz <jsegitz@suse.com> - Update to version 3.4 * Add 'ioctl_skip_cloexec' policy capability * Add sepol_av_perm_to_string * Add policy utilities * Support IPv4/IPv6 address embedding * Hardened/added many validations * Add support for file types in writing out policy.conf * Allow optional file type in genfscon rules * Thu Nov 11 2021 Johannes Segitz <jsegitz@suse.com> - Update to version 3.3 * Dropped CVE-2021-36085.patch, CVE-2021-36086.patch, CVE-2021-36087.patch are all included * Lot of smaller fixes identified by fuzzing * Wed Jul 21 2021 Johannes Segitz <jsegitz@suse.com> - Fix heap-based buffer over-read in ebitmap_match_any (CVE-2021-36087, 1187928. Added CVE-2021-36087.patch
/usr/lib/libsepol.so.2
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Oct 23 22:29:00 2025