SECURITY: Fedora 32 Update: selinux-policy-3.14.5-43.fc32
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-740de661da
2020-08-31 15:48:37.485839
--------------------------------------------------------------------------------
Name : selinux-policy
Product : Fedora 32
Version : 3.14.5
Release : 43.fc32
URL : https://github.com/fedora-selinux/selinux-policy
Summary : SELinux policy configuration
Description :
SELinux Base package for SELinux Reference Policy - modular.
Based off of reference policy: Checked out revision 2.20091117
--------------------------------------------------------------------------------
Update Information:
New F32 selinux-policy build
--------------------------------------------------------------------------------
ChangeLog:
* Thu Aug 27 2020 Zdenek Pytela - 3.14.5-43
- The nfsdcld service is now confined by SELinux
- Dontaudit thumb_t setting its process scheduling
- Allow munin domain transition with NoNewPrivileges
- Allow unconfined_t to node_bind icmp_sockets in node_t domain
- Change transitions for ~/.config/Yubico
- Add file context for ~/.config/Yubico
- Allow syslogd_t domain to read/write tmpfs systemd-bootchart files
- Create macro corenet_icmp_bind_generic_node()
- Allow traceroute_t and ping_t to bind generic nodes.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1834234 - the nfsdcld service is not confined by SELinux
https://bugzilla.redhat.com/show_bug.cgi?id=1834234
[ 2 ] Bug #1835630 - some confined users cannot successfully run userdbctl because of SELinux
https://bugzilla.redhat.com/show_bug.cgi?id=1835630
[ 3 ] Bug #1838163 - SELinux prevents systemd-journald from recvmsg()-ing the /memfd:sd-systemd-bootcha file
https://bugzilla.redhat.com/show_bug.cgi?id=1838163
[ 4 ] Bug #1852513 - SELinux is preventing tumblerd from using the 'sys_nice' capabilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1852513
[ 5 ] Bug #1860888 - [authselect] Obligatory 2FA doesn't work
https://bugzilla.redhat.com/show_bug.cgi?id=1860888
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-740de661da' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
A selinux-policy security update has been released for Fedora 32.