0a8c177d Update VERSIONs to 3.4 for release. 9e096e6e libsepol,checkpolicy: add support for self keyword in type transitions 539b0660 libsepol/cil: add support for self keyword in type transitions 9df28c24 Update VERSIONs to 3.4-rc3 for release. 2a167d11 Update VERSIONs to 3.4-rc2 for release. 8c115936 libsepol/cil: comment out unused function __cil_verify_rule 80137479 libsepol/tests: adjust IPv6 netmasks c74df1cd libsepol/tests: Declare file local functions as static 4a77a5ba libsepol/tests: Include paired headers for prototypes 02f330c9 libsepol/tests Include policydb.h header for policydb_t declaration 9d57ab6c libsepol: drop unnecessary const discarding casts 68a29c3a libsepol: check correct pointer for oom 6bc29805 libsepol/cil: declare file local function pointer static 20187dbf libsepol: Replace calls to mallocarray() with calls to calloc() fed78faa libsepol: add policy utilities fbba2393 libsepol: export functions for policy analysis 3ae07ec3 libsepol: introduce sepol_const_security_context_t typedef f0e085f6 libsepol: add sepol_av_perm_to_string 73562de8 Update VERSIONs to 3.4-rc1 for release. f5a764d9 libsepol/cil: post process pirqcon rules cf7f7aaf libsepol/cil: drop unused function cil_tree_error 6bfd1be2 libsepol/cil: declare file local functions static c640af42 libsepol: mark immutable common helper parameter const 63599466 libsepol: mark immutable mls and context parameter const 0233e4f6 libsepol: add missing oom checks 5d3c4430 libsepol/cil: silence GCC 12 array-bounds false positive c3f0124b libsepol: Validate conditional expressions dfc652f0 libsepol: Use calloc when initializing bool_val_to_struct array 5456002f libsepol/cil: Write a message when a log message is truncated 29e610f9 libsepol: Don't write out constraint if it has no permissions 1f15c628 libsepol/cil: Don't add constraint if there are no permissions 0d84ebcb libsepol: Shorten the policy capability enum names 672d8c2c libsepol: validate boolean datum arrays 93ff4ce5 libsepol: reject xperm av rules in conditional statements 5b6e6254 libsepol: Do a more thorough validation of constraints cc1bd5e8 libsepol: fix reallocarray imports 2d35696d libsepol: NULL pointer offset fix 71bcdcc9 libsepol: Add 'ioctl_skip_cloexec' policy capability c900816e libsepol: Populate and use policy name bc26ddc5 libsepol/cil: Limit the amount of reporting for context rule conflicts c964fe14 libsepol/cil: Limit the neverallow violations reported 3c45d91c libsepol/cil: Provide more control over reporting bounds failures 3ffb84ec libsepol/cil: Add cil_get_log_level() function 71291385 libsepol: Fix two problems with neverallowxperm reporting 931380ca libsepol: Set args avtab pointer when reporting assertion violations fb3a383f libsepol: The src and tgt must be the same if neverallow uses self 46106724 libsepol: Make return value clearer when reporting neverallowx errors 88c79c68 libsepol: Refactor match_any_class_permissions() to be clearer 3b71e516 libsepol: Make use of previously created ebitmap when checking self cfdf4ec2 libsepol: Move assigning outer loop index out of inner loop 8f643827 libsepol: Remove unnessesary check for matching class 68d32d2c libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions 7312d3c6 libsepol: Create function check_assertion_self_match() and use it d4456cb4 libsepol: Move check of target types to before check for self a9d56880 libsepol: Use consistent return checking style 18e1ae11 libsepol: Check for error from check_assertion_extended_permissions() a700e426 libsepol: Remove uneeded error messages in assertion checking c2af8933 libsepol: Change label in check_assertion_avtab_match() 521e6ad7 libsepol: Return an error if check_assertion() returns an error. ff25475c libsepol: validate several flags 9bee80da libsepol: more strict constraint validation 496002e7 libsepol: use correct error type to please UBSAN 86cdb9f1 libsepol/cil: Ensure that the class in a classcommon is a kernel class f0823bbb libsepol/cil: Do not resolve names to declarations in abstract blocks 6d783e5b libsepol/cil: Mark as abstract all sub-blocks of an abstract block e6429963 libsepol/cil: Do not copy blockabstracts when inheriting a block 58443a00 libsepol: do not add gaps to string list 73850041 libsepol: invert only valid range of role bitmap 42a8dc46 libsepol: handle type gaps b8cba274 libsepol: drop trailing newlines in log messages f52f5e27 libsepol: return failure on saturated class name length c3d52a6a libsepol: check for saturated class name length ad2ff8a8 ci: run the tests under ASan/UBsan on GHActions b78560fd libsepol: check for valid sensitivity before lookup b2ba721e libsepol/cil: bail out on snprintf failure 5e6e516e libsepol: validate class default targets 24618ad3 libsepol: validate fsuse types 8a7215c6 libsepol: validate categories 80b94415 libsepol: validate policy properties 2c4da50a libsepol: validate permissive types 88e280a1 libsepol: validate genfs contexts 86281337 libsepol: validate ocontexts 5f816232 libsepol: validate type of avtab type rules 8c59d614 libsepol: validate constraint expression operators and attributes 312eac1c libsepol: validate avtab and avrule types ba6d8225 libsepol: resolve log message mismatch e39cf0a1 libsepol: validate permission count of classes fffb1609 libsepol: validate expanded user range and level 8fdb3eb2 libsepol: validate MLS levels e2e60d9b libsepol: split validation of datum array gaps and entries 691e6aff libsepol: do not create a string list with initial size zero 35ef9b95 libsepol: use correct size for initial string list 73154020 libsepol: do not crash on user gaps b76eda52 libsepol: do not crash on class gaps c12b7d90 libsepol: do not underflow on short format arguments 47c3d96e libsepol: use size_t for indexes in strs helpers 8565e2c5 libsepol: zero member before potential dereference 1b4979c5 libsepol: reject invalid filetrans source type 8750fb68 libsepol: reject abnormal huge sid ids f571438a libsepol: clean memory on conditional insertion failure 2331dcaf libsepol: enforce avtab item limit 97af65f6 libsepol: add checks for read sizes f0a5f6e3 libsepol: use reallocarray wrapper to avoid overflows 18303c85 libsepol: use mallocarray wrapper to avoid overflows 852f14d4 libsepol: use logging framework in ebitmap.c 5c178f9f libsepol: use logging framework in conditional.c 51394330 libsepol/fuzz: limit element sizes for fuzzing 82438341 libsepol: add libfuzz based fuzzer for reading binary policies e0ba1168 libsepol/fuzz: silence secilc-fuzzer 413518a6 libsepol/cil: support IPv4/IPv6 address embedding a46ade3f libsepol: Write out genfscon file type when writing out CIL policy 3677af8f libsepol/cil: Allow optional file type in genfscon rules c9ed5521 libsepol/cil: Refactor filecon file type handling 55e67489 libsepol: Add support for file types in writing out policy.conf c42dcf58 libsepol: use string literals as format strings f95dbf2c libsepol: avoid passing NULL pointer to memcpy b98d3c4c libsepol: do not pass NULL to memcpy
Signed-off-by: Dominick Grift <dominick.gr...@defensec.nl> --- package/libs/libsepol/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/libs/libsepol/Makefile b/package/libs/libsepol/Makefile index 87f1ccd917..39f646b7c0 100644 --- a/package/libs/libsepol/Makefile +++ b/package/libs/libsepol/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libsepol -PKG_VERSION:=3.3 +PKG_VERSION:=3.4 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=2d97df3eb8466169b389c3660acbb90c54200ac96e452eca9f41a9639f4f238b +PKG_HASH:=fc277ac5b52d59d2cd81eec8b1cccd450301d8b54d9dd48a993aea0577cf0336 PKG_MAINTAINER:=Thomas Petazzoni <thomas.petazz...@bootlin.com> -- 2.36.1 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
