Hello community,
here is the log from the commit of package libsepol for openSUSE:Factory
checked in at Mon Jun 29 14:15:05 CEST 2009.
--------
--- libsepol/libsepol.changes 2008-12-01 11:38:39.000000000 +0100
+++ libsepol/libsepol.changes 2009-06-19 13:26:58.000000000 +0200
@@ -1,0 +2,13 @@
+Fri Jun 19 13:26:45 CEST 2009 - prusnak@suse.cz
+
+- put static library in libsepol-devel-static
+
+-------------------------------------------------------------------
+Wed May 27 13:56:59 CEST 2009 - prusnak@suse.cz
+
+- updated to 2.0.36
+ * fix alias field in module format, caused by boundary format
+ change from Caleb Case
+ * fix boolean state smashing from Joshua Brindle
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
libsepol-2.0.34.tar.bz2
New:
----
libsepol-2.0.36.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsepol.spec ++++++
--- /var/tmp/diff_new_pack.kG2853/_old 2009-06-29 14:13:06.000000000 +0200
+++ /var/tmp/diff_new_pack.kG2853/_new 2009-06-29 14:13:06.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package libsepol (Version 2.0.34)
+# spec file for package libsepol (Version 2.0.36)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -19,8 +19,8 @@
Name: libsepol
-Version: 2.0.34
-Release: 2
+Version: 2.0.36
+Release: 1
Url: http://www.nsa.gov/selinux/
License: LGPL v2.1 or later
Group: System/Libraries
@@ -79,12 +79,25 @@
Requires: libsepol1 = %{version}
%description devel
-The libsepol-devel package contains the static libraries and header
+The libsepol-devel package contains the libraries and header
files needed for developing applications that manipulate binary
policies.
+%package devel-static
+License: LGPL v2.1 or later
+Summary: Development Include Files and Libraries for SELinux policy manipulation
+Group: Development/Libraries/C and C++
+Requires: libsepol-devel = %{version}
+
+%description devel-static
+The libsepol-devel-static package contains the static libraries
+needed for developing applications that manipulate binary
+policies.
+
+
+
%prep
%setup -q
@@ -117,26 +130,14 @@
%files devel
%defattr(-,root,root)
%{_libdir}/libsepol.so
-%{_libdir}/libsepol.a
%{_mandir}/man3/*
%dir %{_includedir}/sepol
%{_includedir}/sepol/*.h
%dir %{_includedir}/sepol/policydb
%{_includedir}/sepol/policydb/*.h
+%files devel-static
+%defattr(-,root,root)
+%{_libdir}/libsepol.a
+
%changelog
-* Mon Dec 01 2008 prusnak@suse.cz
-- updated to 2.0.34
- * add bounds support
- * fix invalid aliases bug
-* Wed Oct 22 2008 mrueckert@suse.de
-- fix debug_packages_requires define
-* Tue Sep 23 2008 prusnak@suse.cz
-- require only version, not release [bnc#429053]
-* Fri Aug 22 2008 prusnak@suse.cz
-- added baselibs.conf file
-* Fri Aug 01 2008 ro@suse.de
-- fix requires for debuginfo package
-* Tue Jul 15 2008 prusnak@suse.cz
-- initial version 2.0.32
- * based on Fedora package by Dan Walsh
++++++ libsepol-2.0.34.tar.bz2 -> libsepol-2.0.36.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/ChangeLog new/libsepol-2.0.36/ChangeLog
--- old/libsepol-2.0.34/ChangeLog 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/ChangeLog 2009-03-25 21:15:27.000000000 +0100
@@ -1,3 +1,10 @@
+2.0.36 2009-03-25
+ * Fix boolean state smashing from Joshua Brindle.
+
+2.0.35 2009-02-19
+ * Fix alias field in module format, caused by boundary format change
+ from Caleb Case.
+
2.0.34 2008-10-09
* Add bounds support from KaiGai Kohei.
* Fix invalid aliases bug from Joshua Brindle.
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/include/sepol/policydb/policydb.h new/libsepol-2.0.36/include/sepol/policydb/policydb.h
--- old/libsepol-2.0.34/include/sepol/policydb/policydb.h 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/include/sepol/policydb/policydb.h 2009-03-25 21:15:27.000000000 +0100
@@ -614,17 +614,18 @@
#define POLICYDB_VERSION_MAX POLICYDB_VERSION_BOUNDARY
/* Module versions and specific changes*/
-#define MOD_POLICYDB_VERSION_BASE 4
-#define MOD_POLICYDB_VERSION_VALIDATETRANS 5
-#define MOD_POLICYDB_VERSION_MLS 5
-#define MOD_POLICYDB_VERSION_RANGETRANS 6
-#define MOD_POLICYDB_VERSION_MLS_USERS 6
-#define MOD_POLICYDB_VERSION_POLCAP 7
-#define MOD_POLICYDB_VERSION_PERMISSIVE 8
-#define MOD_POLICYDB_VERSION_BOUNDARY 9
+#define MOD_POLICYDB_VERSION_BASE 4
+#define MOD_POLICYDB_VERSION_VALIDATETRANS 5
+#define MOD_POLICYDB_VERSION_MLS 5
+#define MOD_POLICYDB_VERSION_RANGETRANS 6
+#define MOD_POLICYDB_VERSION_MLS_USERS 6
+#define MOD_POLICYDB_VERSION_POLCAP 7
+#define MOD_POLICYDB_VERSION_PERMISSIVE 8
+#define MOD_POLICYDB_VERSION_BOUNDARY 9
+#define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10
#define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE
-#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_BOUNDARY
+#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_BOUNDARY_ALIAS
#define POLICYDB_CONFIG_MLS 1
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/link.c new/libsepol-2.0.36/src/link.c
--- old/libsepol-2.0.34/src/link.c 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/src/link.c 2009-03-25 21:15:27.000000000 +0100
@@ -540,6 +540,7 @@
char *id = key, *new_id = NULL;
cond_bool_datum_t *booldatum, *base_bool, *new_bool = NULL;
link_state_t *state = (link_state_t *) data;
+ scope_datum_t *scope;
booldatum = (cond_bool_datum_t *) datum;
@@ -556,7 +557,6 @@
(cond_bool_datum_t *) malloc(sizeof(*new_bool))) == NULL) {
goto cleanup;
}
- new_bool->state = booldatum->state;
new_bool->s.value = state->base->p_bools.nprim + 1;
ret = hashtab_insert(state->base->p_bools.table,
@@ -570,6 +570,14 @@
}
+ /* Get the scope info for this boolean to see if this is the declaration,
+ * if so set the state */
+ scope = hashtab_search(state->cur->policy->p_bools_scope.table, id);
+ if (!scope)
+ return SEPOL_ERR;
+ if (scope->scope == SCOPE_DECL)
+ base_bool->state = booldatum->state;
+
state->cur->map[SYM_BOOLS][booldatum->s.value - 1] = base_bool->s.value;
return 0;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/policydb.c new/libsepol-2.0.36/src/policydb.c
--- old/libsepol-2.0.34/src/policydb.c 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/src/policydb.c 2009-03-25 21:15:27.000000000 +0100
@@ -153,6 +153,12 @@
.ocon_num = OCON_NODE6 + 1,
},
{
+ .type = POLICY_BASE,
+ .version = MOD_POLICYDB_VERSION_BOUNDARY_ALIAS,
+ .sym_num = SYM_NUM,
+ .ocon_num = OCON_NODE6 + 1,
+ },
+ {
.type = POLICY_MOD,
.version = MOD_POLICYDB_VERSION_BASE,
.sym_num = SYM_NUM,
@@ -188,6 +194,12 @@
.sym_num = SYM_NUM,
.ocon_num = 0
},
+ {
+ .type = POLICY_MOD,
+ .version = MOD_POLICYDB_VERSION_BOUNDARY_ALIAS,
+ .sym_num = SYM_NUM,
+ .ocon_num = 0
+ },
};
#if 0
@@ -1942,13 +1954,19 @@
uint32_t buf[5];
size_t len;
int rc, to_read;
+ int pos = 0;
typdatum = calloc(1, sizeof(type_datum_t));
if (!typdatum)
return -1;
- if (policydb_has_boundary_feature(p))
- to_read = 4;
+ if (policydb_has_boundary_feature(p)) {
+ if (p->policy_type != POLICY_KERN
+ && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS)
+ to_read = 5;
+ else
+ to_read = 4;
+ }
else if (p->policy_type == POLICY_KERN)
to_read = 3;
else if (p->policyvers >= MOD_POLICYDB_VERSION_PERMISSIVE)
@@ -1960,13 +1978,23 @@
if (rc < 0)
goto bad;
- len = le32_to_cpu(buf[0]);
- typdatum->s.value = le32_to_cpu(buf[1]);
+ len = le32_to_cpu(buf[pos]);
+ typdatum->s.value = le32_to_cpu(buf[++pos]);
if (policydb_has_boundary_feature(p)) {
- uint32_t properties = le32_to_cpu(buf[2]);
+ uint32_t properties;
+
+ if (p->policy_type != POLICY_KERN
+ && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) {
+ typdatum->primary = le32_to_cpu(buf[++pos]);
+ properties = le32_to_cpu(buf[++pos]);
+ }
+ else {
+ properties = le32_to_cpu(buf[++pos]);
+
+ if (properties & TYPEDATUM_PROPERTY_PRIMARY)
+ typdatum->primary = 1;
+ }
- if (properties & TYPEDATUM_PROPERTY_PRIMARY)
- typdatum->primary = 1;
if (properties & TYPEDATUM_PROPERTY_ATTRIBUTE)
typdatum->flavor = TYPE_ATTRIB;
if (properties & TYPEDATUM_PROPERTY_ALIAS
@@ -1976,13 +2004,13 @@
&& p->policy_type != POLICY_KERN)
typdatum->flags |= TYPE_FLAGS_PERMISSIVE;
- typdatum->bounds = le32_to_cpu(buf[3]);
+ typdatum->bounds = le32_to_cpu(buf[++pos]);
} else {
- typdatum->primary = le32_to_cpu(buf[2]);
+ typdatum->primary = le32_to_cpu(buf[++pos]);
if (p->policy_type != POLICY_KERN) {
- typdatum->flavor = le32_to_cpu(buf[3]);
+ typdatum->flavor = le32_to_cpu(buf[++pos]);
if (p->policyvers >= MOD_POLICYDB_VERSION_PERMISSIVE)
- typdatum->flags = le32_to_cpu(buf[4]);
+ typdatum->flags = le32_to_cpu(buf[++pos]);
}
}
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/src/write.c new/libsepol-2.0.36/src/write.c
--- old/libsepol-2.0.34/src/write.c 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/src/write.c 2009-03-25 21:15:27.000000000 +0100
@@ -970,6 +970,11 @@
if (policydb_has_boundary_feature(p)) {
uint32_t properties = 0;
+ if (p->policy_type != POLICY_KERN
+ && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) {
+ buf[items++] = cpu_to_le32(typdatum->primary);
+ }
+
if (typdatum->primary)
properties |= TYPEDATUM_PROPERTY_PRIMARY;
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/libsepol-2.0.34/VERSION new/libsepol-2.0.36/VERSION
--- old/libsepol-2.0.34/VERSION 2008-10-14 19:57:54.000000000 +0200
+++ new/libsepol-2.0.36/VERSION 2009-03-25 21:15:27.000000000 +0100
@@ -1 +1 @@
-2.0.34
+2.0.36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org