-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-c200061105 2019-09-29 02:01:25.193160 --------------------------------------------------------------------------------
Name : container-selinux Product : Fedora 30 Version : 2.117.0 Release : 1.gitbfde70a.fc30 URL : https://github.com/containers/container-selinux Summary : SELinux policies for container runtimes Description : SELinux policy modules for use with container runtimes.
-------------------------------------------------------------------------------- Update Information:
Fix label for crun. -------------------------------------------------------------------------------- ChangeLog:
* Fri Sep 20 2019 Dan Walsh dwalsh@fedoraproject.org - 2.117-1 - Add label for /usr/bin/crun * Thu Sep 5 2019 Dan Walsh dwalsh@fedoraproject.org - 2.116-1 - Don't let container_runtime_t transition to svirt domains. * Wed Aug 21 2019 Dan Walsh dwalsh@fedoraproject.org - 2.115-1 - Allow containers to execmod files on fusefs_t * Mon Aug 19 2019 Dan Walsh dwalsh@fedoraproject.org - 2.114-1 - Allow containers to settatr on /proc/self/ lnk_files - Allow containers to remount /proc * Fri Aug 9 2019 Dan Walsh dwalsh@fedoraproject.org - 2.113-1 - Allow containers to name_bind to rawip_sockets. * Thu Aug 8 2019 Dan Walsh dwalsh@fedoraproject.org - 2.112-1 - Allow containers to use fusefs_t entrypoint - Dontaudit attempts to setattr on devicenodes. * Wed Jul 24 2019 Fedora Release Engineering releng@fedoraproject.org - 2:2.111.0-3.1.dev.git9a75deb - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Jul 18 2019 Lokesh Mandvekar (Bot) lsm5+bot@fedoraproject.org - 2:2.111.0-2.1.dev.git9a75deb - bump to 2.111.0 - autobuilt 9a75deb * Wed Jul 10 2019 Lokesh Mandvekar lsm5@fedoraproject.org - 2.110.0-1.1.dev.git544d71f - bump to v2.110.0 - hook up to autobuild * Mon Jul 8 2019 Dan Walsh dwalsh@fedoraproject.org - 2.109-1 - Allow containers to accept connections on all socket types - Allow containers to connect to gssproxy stream sockets if added to container * Fri Jun 14 2019 Dan Walsh dwalsh@fedoraproject.org - 2.107-1 - Allow containers to manipulate Onload files. * Tue Jun 11 2019 Dan Walsh dwalsh@fedoraproject.org - 2.106-1 - Allow all unconfined domains to manage unlabeled keyrings - Add labeling for kubernetes pods * Mon Jun 3 2019 Dan Walsh dwalsh@fedoraproject.org - 2.104-1 - Set proper labeling for container volumes in SilverBlue * Fri May 17 2019 Dan Walsh dwalsh@fedoraproject.org - 2.103-1 - Set proper labeling for container volumes * Sun May 12 2019 Dan Walsh dwalsh@fedoraproject.org - 2.102-1 - Allow all container domains to be entered from container_file_t * Fri May 3 2019 Dan Walsh dwalsh@fedoraproject.org - 2.101-1 - Allow containers to read rpm cache and rpm databse * Tue Apr 23 2019 Dan Walsh dwalsh@fedoraproject.org - 2.100-1 - Allow containers running as spc_t to create unlabeled_t kernel keyrings * Mon Apr 22 2019 Dan Walsh dwalsh@fedoraproject.org - 2.99-1 - Fix labeling on /var/lib/containers/storage/overlay-layers,images to be sharable. * Mon Apr 15 2019 Dan Walsh dwalsh@fedoraproject.org - 2.98-1 - Allow iptables to append to container_file_t * Fri Apr 12 2019 Dan Walsh dwalsh@fedoraproject.org - 2.97-1 - Allow containers to read/write sysctl_kernel_ns_last_pid_t - Allow containers to manage fusefs sockets and named pipes * Thu Apr 4 2019 Dan Walsh dwalsh@fedoraproject.org - 2.96-1 - Allow containers to read/write sysctl_kernel_ns_last_pid_t --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-c200061105' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------