156 lines
6.7 KiB
RPMSpec
156 lines
6.7 KiB
RPMSpec
Name: libsepol
|
|
Version: 3.1
|
|
Release: 10
|
|
Summary: SELinux binary policy manipulation library
|
|
License: LGPLv2+
|
|
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
|
|
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/libsepol-3.1.tar.gz
|
|
|
|
Patch1: backport-libsepol-cil-fix-NULL-pointer-dereference-in-cil_fil.patch
|
|
Patch2: backport-libsepol-cil-always-destroy-the-lexer-state.patch
|
|
Patch3: backport-libsepol-cil-destroy-perm_datums-when-_cil_resolve_.patch
|
|
Patch4: backport-libsepol-cil-do-not-add-a-stack-variable-to-a-list.patch
|
|
Patch5: backport-libsepol-cil-Fix-heap-use-after-free-in_class-rese.patch
|
|
Patch6: backport-libsepol-cil-fix-NULL-pointer-dereference-when-parsi.patch
|
|
Patch7: backport-libsepol-cil-fix-NULL-pointer-dereference-when-using.patch
|
|
Patch8: backport-libsepol-cil-fix-out-of-bound-read-in-cil_print_recu.patch
|
|
Patch9: backport-libsepol-cil-propagate-failure-of-cil_fill_list.patch
|
|
|
|
Patch10: backport-libsepol-cil-Use-CIL_ERR-for-error-messages-in-cil_c.patch
|
|
Patch11: backport-libsepol-cil-Detect-degenerate-inheritance-and-exit-.patch
|
|
Patch12: backport-libsepol-cil-Use-the-macro-NODE-whenever-possible.patch
|
|
Patch13: backport-libsepol-cil-Check-for-duplicate-blocks-optionals-an.patch
|
|
Patch14: backport-libsepol-cil-Refactor-helper-function-for-cil_gen_no.patch
|
|
Patch15: backport-libsepol-cil-Remove-unused-field-from-struct-cil_arg.patch
|
|
Patch16: backport-libsepol-cil-Destroy-disabled-optional-blocks-after-.patch
|
|
Patch17: backport-libsepol-cil-Use-AST-to-track-blocks-and-optionals-w.patch
|
|
Patch18: backport-libsepol-cil-Reorder-checks-for-invalid-rules-when-r.patch
|
|
Patch19: backport-libsepol-cil-replace-printf-with-proper-cil_tree_log.patch
|
|
Patch20: backport-libsepol-cil-introduce-intermediate-cast-to-silence-.patch
|
|
Patch21: backport-libsepol-cil-follow-declaration-after-statement.patch
|
|
Patch22: backport-libsepol-cil-Handle-disabled-optional-blocks-in-earl.patch
|
|
Patch23: backport-libsepol-cil-Allow-duplicate-optional-blocks-in-most.patch
|
|
Patch24: backport-libsepol-cil-Improve-degenerate-inheritance-check.patch
|
|
Patch25: backport-libsepol-cil-Improve-checking-for-bad-inheritance-pa.patch
|
|
Patch26: backport-libsepol-cil-Use-the-macro-FLAVOR-whenever-possible.patch
|
|
Patch27: backport-libsepol-cil-Check-for-empty-list-when-marking-never.patch
|
|
Patch28: backport-libsepol-cil-Fix-instances-where-an-error-returns-SE.patch
|
|
Patch29: backport-libsepol-cil-Limit-the-number-of-open-parenthesis-al.patch
|
|
Patch30: backport-libsepol-cil-Fix-syntax-checking-of-defaultrange-rul.patch
|
|
Patch31: backport-libsepol-cil-Allow-some-duplicate-macro-and-block-de.patch
|
|
Patch32: backport-libsepol-cil-fix-signed-overflow-caused-by-using-1-3.patch
|
|
Patch33: backport-libsepol-cil-Fix-potential-undefined-shifts.patch
|
|
Patch34: backport-libsepol-cil-be-more-robust-when-encountering-src_in.patch
|
|
Patch35: backport-libsepol-cil-Handle-operations-in-a-class-mapping-wh.patch
|
|
Patch36: backport-libsepol-cil-Allow-permission-expressions-when-using.patch
|
|
Patch37: backport-libsepol-cil-fix-NULL-pointer-dereference-in-__cil_i.patch
|
|
Patch38: backport-libsepol-cil-Properly-check-for-parameter-when-inser.patch
|
|
Patch39: backport-libsepol-cil-Reset-expandtypeattribute-rules-when-re.patch
|
|
Patch40: backport-libsepol-cil-do-not-allow-0-in-quoted-strings.patch
|
|
Patch41: backport-CVE-2021-36084.patch
|
|
Patch42: backport-CVE-2021-36085.patch
|
|
Patch43: backport-CVE-2021-36086.patch
|
|
Patch44: backport-libsepol-cil-Reorder-checks-for-invalid-rules-when-b.patch
|
|
Patch45: backport-libsepol-cil-Cleanup-build-AST-helper-functions.patch
|
|
Patch46: backport-libsepol-cil-Create-new-first-child-helper-function-.patch
|
|
Patch47: backport-CVE-2021-36087.patch
|
|
Patch48: backport-libsepol-avoid-potential-NULL-dereference-on-optional-parameter.patch
|
|
Patch49: backport-libsepol-check-correct-pointer-for-oom.patch
|
|
Patch50: backport-libsepol-do-not-modify-policy-during-write.patch
|
|
Patch51: backport-libsepol-enclose-macro-parameters-and-replacement-lists-in-parentheses.patch
|
|
Patch52: backport-libsepol-fix-missing-double-quotes-in-typetransition-CIL-rule.patch
|
|
Patch53: backport-libsepol-add-missing-oom-checks.patch
|
|
|
|
BuildRequires: gcc flex
|
|
|
|
%description
|
|
libsepol provides an API for the manipulation of SELinux binary
|
|
policies. It is used by checkpolicy (the policy compiler) and similar
|
|
tools, as well as by programs like load_policy that need to perform
|
|
specific transformations on binary policies such as customizing
|
|
policy boolean settings.
|
|
|
|
%package devel
|
|
Summary: Header files and libraries for %{name}
|
|
Requires:%{name} = %{version}-%{release}
|
|
Provides:%{name}-static = %{version}-%{release}
|
|
|
|
%description devel
|
|
Header files and libraries for %{name}
|
|
|
|
%package_help
|
|
|
|
%prep
|
|
%autosetup -n %{name}-%{version} -p2
|
|
|
|
%build
|
|
make clean
|
|
make %{?_smp_mflags} CFLAGS="%{optflags}" LDFLAGS="%{?__global_ldflags}"
|
|
|
|
%install
|
|
rm -rf %{buildroot}
|
|
make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" install
|
|
|
|
%pre
|
|
|
|
%preun
|
|
|
|
%post -p /sbin/ldconfig
|
|
|
|
%postun -p /sbin/ldconfig
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%license COPYING
|
|
%{_libdir}/libsepol.so.*
|
|
|
|
%files devel
|
|
%defattr(-,root,root)
|
|
%{_includedir}/*
|
|
%{_libdir}/*.so
|
|
%{_libdir}/pkgconfig/libsepol.pc
|
|
%{_libdir}/*.a
|
|
%exclude %{_bindir}/chkcon
|
|
|
|
%files help
|
|
%defattr(-,root,root)
|
|
%{_mandir}/man8/*
|
|
%{_mandir}/ru/man8/*
|
|
%{_mandir}/man3/*
|
|
|
|
%changelog
|
|
* Wed Feb 15 2023 jinlun <jinlun@huawei.com> - 3.1-10
|
|
- backport bugfix from upstream
|
|
|
|
* Thu Dec 15 2022 jinlun <jinlun@huawei.com> - 3.1-9
|
|
- fix CVE-2021-36084 CVE-2021-36085 CVE-2021-36087
|
|
|
|
* Thu Jul 7 2022 panxiaohe <panxh.life@foxmail.com> - 3.1-8
|
|
- fix CVE-2021-36086
|
|
|
|
* Tue Feb 15 2022 panxiaohe <panxh.life@foxmail.com> - 3.1-7
|
|
- libsepol/cil: do not allow \0 in quoted strings
|
|
|
|
* Fri Dec 10 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-6
|
|
- fix secilc-fuzzer issues
|
|
|
|
* Fri Sep 10 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-5
|
|
- fix secilc-fuzzer issues
|
|
|
|
* Fri May 28 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-4
|
|
- Drop unnecessary telinit
|
|
|
|
* Mon Mar 15 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 3.1-3
|
|
- fix heap-use-after-free in cil_yy_switch_to_buffer
|
|
- fix heap-use-after-free in __class_reset_perm_values()
|
|
- fix heap-buffer-overflow in cil_print_recursive_blockinherit
|
|
|
|
* Thu Mar 4 2021 Lirui <lirui130@huawei.com> - 3.1-2
|
|
- fix NULL pointer dereference in cil_fill_ipaddr
|
|
|
|
* Thu Aug 27 2020 Hugel <gengqihu1@huawei.com> - 3.1-1
|
|
- update to 3.1
|
|
|
|
* Tue Sep 10 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9-1
|
|
- Package init
|