2023-10-02 18:13:50

by Chris PeBenito

[permalink] [raw]
Subject: ANN: Reference Policy 2.20231002

A new (very overdue) release of SELinux Reference Policy is available:

https://github.com/SELinuxProject/refpolicy/releases/tag/RELEASE_2_20231002

Notable Changes:
* Several Gentoo fixes ported from Gentoo policy
* Fixes for containerd/docker
* Move excessive capabilities in container_t to tunables.
* Various systemd updates and fixes
* Updated object class/permission definitions for recent kernels
* Add support for systemd memory pressure notifications protocol
* Xscreensaver updates for their newest release
* Remove interfaces deprecated before 2021
* Add tunables to control network access in:
* *_dbusd_t
* pulseaudio_t
* spamc_t
* syslogd_t
* xdm_t
* xserver_t

New Modules/Domains:
* crio
* eg25manager
* iiosensorproxy
* kubernetes
* lomemorymonitor
* powerprofiles
* rasdaemon
* switcheroo
* systemd-pcrphrase
* thunderbolt

Full Changelog:
https://github.com/SELinuxProject/refpolicy/compare/RELEASE_2_20221101...RELEASE_2_20231002

--
Chris PeBenito