Skip to content

Releases: SELinuxProject/selinux

SELinux userspace release 3.6-rc2

22 Nov 15:55
@bachradsusi bachradsusi
3.6-rc2
0f5a8dd
This commit was signed with the committer’s verified signature. The key has expired.
bachradsusi Petr Lautrbach
GPG key ID: 4695881C254508D1
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.6-rc2 Pre-release
Pre-release

RELEASE 3.6-rc2

User-visible changes

  • cil: Allow IP address and mask values to be directly written

  • cil: Allow paths in filecon rules to be passed as arguments

  • Bug fixes

Development-relevant changes

  • ci: bump Fedora to version 39

  • Drop LGTM.com and Travis CI configuration

Loading

SELinux userspace release 3.6-rc1

08 Nov 15:13
@bachradsusi bachradsusi
3.6-rc1
This tag was signed with the committer’s verified signature. The key has expired.
bachradsusi Petr Lautrbach
GPG key ID: 4695881C254508D1
Expired
Verified
Learn about vigilant mode.
1aaf594
This commit was signed with the committer’s verified signature. The key has expired.
bachradsusi Petr Lautrbach
GPG key ID: 4695881C254508D1
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.6-rc1 Pre-release
Pre-release

RELEASE 3.6-rc1

User-visible changes

  • Add not self support for neverallow rules

  • dispol: Add the ability to show booleans, classes, roles, types and type attributes of policies

  • Improve man pages

  • libselinux: performance optimization for duplicate detection

  • dismod: add options: --actions ACTIONS, --help

  • dispol: add options: --actions ACTIONS, --help

  • checkpolicy: Add the command line argument -N, --disable-neverallow

  • Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system

  • man pages: Remove the Russian translations

  • Add notself and other support to CIL

  • Add support for deny rules

  • Translations updated from
    https://translate.fedoraproject.org/projects/selinux/

  • Bug fixes

Loading

SELinux userspace release 3.5

23 Feb 14:03
@perfinion perfinion
3.5
d6e96c5
This commit was signed with the committer’s verified signature. The key has expired.
perfinion Jason Zaman
GPG key ID: 2BBED9CB1A68EF55
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.5

RELEASE 3.5

User-visible changes

  • Maintainer GPG fingerprints added to /SECURITY.md

  • semodule option --rebuild-if-modules-changed was renamed to --refresh

  • Remove dependency on the deprecated Python module distutils and install via pip

  • libsepol: Stricter policy validation

  • libsepol: do not write empty class definitions to allow simpler round-trip tests

  • libsepol: reject attributes in type av rules for kernel policies

  • libselinux: add getpidprevcon()

  • libselinux: restorecon hashtable and other misc fixes

  • libselinux: Add workaround to reduce pcre2 heap memory usage

  • sepolicy: Several python and GTK updates

  • sepolicy: Add missing booleans to man pages

  • sepolicy: Cache queries to speed up manpage generation

  • mcstrans: preserve runtime directory

  • fixfiles: Unmount temporary bind mounts on SIGINT

  • Large updates to translations and better handling for unsupported languages

  • Translation updated and better handling for unsupported languages

  • Translation updated for generated descriptions

  • A lot of static code analysis issues, fuzzer issues and compiler warnings fixed

  • Bug fixes

Development-relevant changes

  • Install python modules via pip instead of setup.py
  • ci: Run on Fedora36 instead of F34
  • ci: Run on Python3.11 and drop py3.5, py3.6
Loading

SELinux userspace release 3.5-rc3

11 Feb 06:46
@perfinion perfinion
3.5-rc3
83e56c8
This commit was signed with the committer’s verified signature. The key has expired.
perfinion Jason Zaman
GPG key ID: 2BBED9CB1A68EF55
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.5-rc3 Pre-release
Pre-release

RELEASE 3.5-rc3

User-visible changes

  • libselinux: add getpidprevcon()

  • libselinux: restorecon hashtable and other misc fixes

  • sepolicy: Cache queries to speed up manpage generation

  • mcstrans: preserve runtime directory

  • Many updated translations

  • Build optimizations and other bug fixes

Development-relevant changes

  • ci: Run on Python3.11 and drop py3.5, py3.6
Loading

SELinux userspace release 3.5-rc2

16 Jan 00:20
@perfinion perfinion
3.5-rc2
3ccea01
This commit was signed with the committer’s verified signature. The key has expired.
perfinion Jason Zaman
GPG key ID: 2BBED9CB1A68EF55
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.5-rc2 Pre-release
Pre-release

RELEASE 3.5-rc2

User-visible changes

  • libselinux: Add workaround to reduce pcre2 heap memory usage

  • sepolicy: Add missing booleans to man pages

  • libsepol: reject attributes in type av rules for kernel policies

  • libsepol: do not write empty class definitions to allow simpler round-trip
    tests

  • Translation updated for generated descriptions

  • Lots of code and spelling issues fixed

  • Bug fixes

Loading

SELinux userspace release 3.5-rc1

23 Dec 00:12
@perfinion perfinion
3.5-rc1
013ecfd
Compare
Choose a tag to compare
SELinux userspace release 3.5-rc1 Pre-release
Pre-release

RELEASE 3.5-rc1

User-visible changes

  • Maintainer GPG fingerprints added to /SECURITY.md

  • Remove dependency on the deprecated Python module distutils and install via pip

  • semodule option --rebuild-if-modules-changed was renamed to --refresh

  • Translation updated and better handling for unsupported languages

  • fixfiles: Unmount temporary bind mounts on SIGINT

  • sepolicy: Several python and GTK updates

  • libsepol: Stricter policy validation

  • A lot of static code analyse issues, fuzzer issues and compiler warnings fixed

  • Bug fixes

Development-relevant changes

  • ci: Run on Fedora36 instead of F34
Loading

SELinux userspace release 3.4

18 May 17:20
@bachradsusi bachradsusi
3.4
0a8c177
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: BE22091E3EF62275
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.4

RELEASE 3.4

User-visible changes

  • A new selinux_restorecon_parallel(3) function that allows to run relabeling over multiple threads

  • setfiles/restorecon/fixfiles support parallel relabeling via [ -T ] threads option

  • A new semodule options [ -m | --checksum ] to get SHA256 hashes of modules

  • mcstrans ported to PCRE2

  • libsepol/cil supports IPv4/IPv6 address embedding

  • Add a new semodule option [ --rebuild-if-modules-changed ] to optionally rebuild policy when modules
    are changed externally

  • A lot of static code analyse issues, fuzzer issues and compiler warnings fixed

  • Translations split into sub-packages and updated from
    https://translate.fedoraproject.org/projects/selinux/

  • New policy utilities in libsepol - sepol_check_access,
    sepol_compute_av, sepol_compute_member, sepol_compute_relabel,
    sepol_validate_transition

  • A new setfiles option [-C] for distinguishing file tree walk errors

  • Improved code quality and bug fixes

Development-relevant changes

  • ci: run the tests under ASan/UBsan on GHActions
Loading

SELinux userspace release 3.4-rc3

04 May 17:50
@bachradsusi bachradsusi
3.4-rc3
9df28c2
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: BE22091E3EF62275
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.4-rc3 Pre-release
Pre-release

RELEASE 3.4-rc3

User-visible changes

  • A new setfiles option [-C] for distinguishing file tree walk errors

  • Added missing sandbox translations

Loading

SELinux userspace release 3.4-rc2

20 Apr 20:22
@bachradsusi bachradsusi
3.4-rc2
2a167d1
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: BE22091E3EF62275
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
SELinux userspace release 3.4-rc2 Pre-release
Pre-release

RELEASE 3.4-rc2

User-visible changes

  • New policy utilities in libsepol - sepol_check_access,
    sepol_compute_av, sepol_compute_member, sepol_compute_relabel,
    sepol_validate_transition

  • Improved code quality and bug fixes

Loading

3.4-rc1

06 Apr 19:48
@bachradsusi bachradsusi
3.4-rc1
73562de
This commit was signed with the committer’s verified signature.
bachradsusi Petr Lautrbach
GPG key ID: BE22091E3EF62275
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
3.4-rc1 Pre-release
Pre-release

RELEASE 3.4-rc1

User-visible changes

  • A new selinux_restorecon_parallel(3) function that allows to run relabeling over multiple threads

  • setfiles/restorecon/fixfiles support parallel relabeling via [ -T ] threads option

  • A new semodule options [ -m | --checksum ] to get SHA256 hashes of modules

  • mcstrans ported to PCRE2

  • libsepol/cil supports IPv4/IPv6 address embedding

  • Add a new semodule option [ --rebuild-if-modules-changed ] to optionally rebuild policy when modules
    are changed externally

  • A lot of static code analyse issues, fuzzer issues and compiler warnings fixed

  • Translations split into sub-packages and updated from
    https://translate.fedoraproject.org/projects/selinux/

  • Bug fixes

Development-relevant changes

  • ci: run the tests under ASan/UBsan on GHActions
Loading