Skip to content

Releases: SELinuxProject/selinux

Release 3.8-rc3

18 Dec 13:15
e0f61d3
Compare
Choose a tag to compare
Release 3.8-rc3 Pre-release
Pre-release

RELEASE 3.8-rc3

Changes

  • Always build for LFS mode on 32-bit archs.

  • libsemanage: Mute error messages from selinux_restorecon introduced in 3.8-rc1

  • Regex spec ordering is restored to pre 3.8-rc1

  • Binary fcontext files format changed, files using old format are ignored

  • Code improvements and bug fixes

Release 3.8-rc1

27 Nov 18:28
2dec158
Compare
Choose a tag to compare
Release 3.8-rc1 Pre-release
Pre-release

RELEASE 3.8-rc1

User-visible changes

  • libsemanage: Preserve file context and ownership in policy store

  • libselinux: deprecate security_disable(3)

  • libsepol: Support nlmsg extended permissions

  • libsepol: Add policy capability netlink_xperm

  • libsemanage: Optionally allow duplicate declarations

  • policycoreutils: introduce unsetfiles

  • libselinux/utils: introduce selabel_compare

  • improved selabel_lookup performance

  • libselinux: support parallel usage of selabel_lookup(3)

  • libsepol: add support for xperms in conditional policies

  • Improved man pages

  • Code improvements and bug fixes

SELinux userspace release 3.7

26 Jun 15:51
Compare
Choose a tag to compare

RELEASE 3.7

User-visible changes

  • audit2allow -C for CIL output mode

  • sepolgen: adjust parse for refpolicy

  • semanage: Allow modifying records on "add"

  • semanage: Do not sort local fcontext definitions

  • Improved man pages

  • checkpolicy: support CIDR notation for nodecon statements

  • sandbox: Add support for Wayland

  • Code improvements and bug fixes

SELinux userspace release 3.7-rc3

20 Jun 13:13
e6c99f3
Compare
Choose a tag to compare
Pre-release

RELEASE 3.7-rc3

User-visible changes

  • Code improvements and bug fixes

SELinux userspace release 3.7-rc2

05 Jun 18:50
9ef1a83
Compare
Choose a tag to compare
Pre-release

RELEASE 3.7-rc2

User-visible changes

  • checkpolicy: support CIDR notation for nodecon statements

  • sandbox: Add support for Wayland

  • Code improvements and bug fixes

SELinux userspace release 3.7-rc1

22 May 17:27
6a223cb
Compare
Choose a tag to compare
Pre-release

RELEASE 3.7-rc1

User-visible changes

  • audit2allow -C for CIL output mode

  • sepolgen: adjust parse for refpolicy

  • semanage: Allow modifying records on "add"

  • semanage: Do not sort local fcontext definitions

  • Improved man pages

  • Code improvements and bug fixes

SELinux userspace release 3.6

13 Dec 15:20
3.6
97fa708
Compare
Choose a tag to compare

RELEASE 3.6

User-visible changes

  • checkpolicy/dispol: add option to display users, drop duplicate option to display booleans,
    show number of entries before listing them

  • libsepol: struct cond_expr_t bool renamed to boolean
    The change is indicated by COND_EXPR_T_RENAME_BOOL_BOOLEAN macro

  • cil: Allow IP address and mask values to be directly written

  • cil: Allow paths in filecon rules to be passed as arguments

  • Add not self support for neverallow rules

  • dispol: Add the ability to show booleans, classes, roles, types and type attributes of policies

  • Improve man pages

  • libselinux: performance optimization for duplicate detection

  • dismod: add options: --actions ACTIONS, --help

  • dispol: add options: --actions ACTIONS, --help

  • checkpolicy: Add the command line argument -N, --disable-neverallow

  • Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system

  • man pages: Remove the Russian translations

  • Add notself and other support to CIL

  • Add support for deny rules

  • Translations updated from
    https://translate.fedoraproject.org/projects/selinux/

  • Bug fixes

Development-relevant changes

  • ci: bump Fedora to version 39

  • Drop LGTM.com and Travis CI configuration

SELinux userspace release 3.6-rc2

22 Nov 15:55
0f5a8dd
Compare
Choose a tag to compare
Pre-release

RELEASE 3.6-rc2

User-visible changes

  • cil: Allow IP address and mask values to be directly written

  • cil: Allow paths in filecon rules to be passed as arguments

  • Bug fixes

Development-relevant changes

  • ci: bump Fedora to version 39

  • Drop LGTM.com and Travis CI configuration

SELinux userspace release 3.6-rc1

08 Nov 15:13
3.6-rc1
1aaf594
Compare
Choose a tag to compare
Pre-release

RELEASE 3.6-rc1

User-visible changes

  • Add not self support for neverallow rules

  • dispol: Add the ability to show booleans, classes, roles, types and type attributes of policies

  • Improve man pages

  • libselinux: performance optimization for duplicate detection

  • dismod: add options: --actions ACTIONS, --help

  • dispol: add options: --actions ACTIONS, --help

  • checkpolicy: Add the command line argument -N, --disable-neverallow

  • Introduce getpolicyload - a helper binary to print the number of policy reloads on the running system

  • man pages: Remove the Russian translations

  • Add notself and other support to CIL

  • Add support for deny rules

  • Translations updated from
    https://translate.fedoraproject.org/projects/selinux/

  • Bug fixes

SELinux userspace release 3.5

23 Feb 14:03
d6e96c5
Compare
Choose a tag to compare

RELEASE 3.5

User-visible changes

  • Maintainer GPG fingerprints added to /SECURITY.md

  • semodule option --rebuild-if-modules-changed was renamed to --refresh

  • Remove dependency on the deprecated Python module distutils and install via pip

  • libsepol: Stricter policy validation

  • libsepol: do not write empty class definitions to allow simpler round-trip tests

  • libsepol: reject attributes in type av rules for kernel policies

  • libselinux: add getpidprevcon()

  • libselinux: restorecon hashtable and other misc fixes

  • libselinux: Add workaround to reduce pcre2 heap memory usage

  • sepolicy: Several python and GTK updates

  • sepolicy: Add missing booleans to man pages

  • sepolicy: Cache queries to speed up manpage generation

  • mcstrans: preserve runtime directory

  • fixfiles: Unmount temporary bind mounts on SIGINT

  • Large updates to translations and better handling for unsupported languages

  • Translation updated and better handling for unsupported languages

  • Translation updated for generated descriptions

  • A lot of static code analysis issues, fuzzer issues and compiler warnings fixed

  • Bug fixes

Development-relevant changes

  • Install python modules via pip instead of setup.py
  • ci: Run on Fedora36 instead of F34
  • ci: Run on Python3.11 and drop py3.5, py3.6