packages/libsepol
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libsepol/libsepol.spec
Linux_zhang cad2b8d04b backport patches from upstream
2025-03-18 08:34:03 +08:00

152 lines
5.6 KiB
RPMSpec
Raw Permalink Blame History

Name: libsepol
Version: 3.5
Release: 5
Summary: SELinux binary policy manipulation library
License: LGPLv2+
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz
Patch0001: backport-hashtab-update.patch
Patch0002: backport-libsepol-check-for-overflow-in-put_entry.patch
Patch0003: backport-libsepol-dump-non-mls-validatetrans-rules-as-such.patch
Patch0004: backport-libsepol-expand-use-identical-type-to-avoid-implicit-conversion.patch
Patch0005: backport-libsepol-cil-Fix-class-permission-verification-in-CIL.patch
Patch0006: backport-libsepol-validate-old-style-range-trans-classes.patch
Patch0007: backport-libsepol-validate-check-low-category-is-not-bigger-than-high.patch
Patch0008: backport-libsepol-reorder-calloc-3-arguments.patch
Patch0009: backport-libsepol-reject-avtab-entries-with-invalid-specifier.patch
Patch0010: backport-libsepol-avtab-check-read-counts-for-saturation.patch
Patch0011: backport-libsepol-expand-skip-invalid-cat.patch
Patch0012: backport-libsepol-more-strict-validation.patch
Patch0013: backport-libsepol-reject-unsupported-policy-capabilities.patch
Patch0014: backport-libsepol-adjust-type-for-saturation-check.patch
Patch0015: backport-libsepol-enhance-saturation-check.patch
Patch0016: backport-libsepol-avoid-leak-in-OOM-branch.patch
Patch0017: backport-libsepol-cil-Do-not-allow-classpermissionset-to-use-.patch
Patch0018: backport-libsepol-add-check-for-category-value-before-printin.patch
Patch0019: backport-libsepol-use-correct-type-to-avoid-truncations.patch
Patch0020: backport-libsepol-reject-invalid-class-datums.patch
Patch0021: backport-libsepol-reject-linking-modules-with-no-avrules.patch
Patch0022: backport-libsepol-avoid-integer-overflow-in-add_i_to_a.patch
Patch0023: backport-libsepol-validate-empty-common-classes-in-scope-indi.patch
Patch0024: backport-libsepol-validate-the-identifier-for-initials-SID-is.patch
Patch0025: backport-libsepol-ensure-transitivity-in-compare-functions.patch
Patch0026: backport-libsepol-cil-ensure-transitivity-in-compare-functions.patch
Patch0027: backport-libsepol-cil-Check-common-perms-when-verifiying-all.patch
Patch0028: backport-libsepol-cil-Fix-detected-RESOURCE_LEAK-CWE-772.patch
Patch0029: backport-libsepol-sepol_compute_sid-Do-not-destroy-uninitiali.patch
Patch0030: backport-libsepol-cil-Check-that-sym_index-is-within-bounds.patch
Patch0031: backport-libsepol-Initialize-strs-on-declaration.patch
Patch0032: backport-libsepol-mls-Do-not-destroy-context-on-memory-error.patch
Patch0033: backport-libsepol-cil-cil_post-Initialize-tmp-on-declaration.patch
Patch0034: backport-libsepol-cil-Initialize-avtab_datum-on-declaration.patch
BuildRequires: gcc flex
%description
libsepol provides an API for the manipulation of SELinux binary
policies. It is used by checkpolicy (the policy compiler) and similar
tools, as well as by programs like load_policy that need to perform
specific transformations on binary policies such as customizing
policy boolean settings.
%package devel
Summary: Header files and libraries for %{name}
Requires:%{name} = %{version}-%{release}
Provides:%{name}-static = %{version}-%{release}
%description devel
Header files and libraries for %{name}
%package_help
%prep
%autosetup -n %{name}-%{version} -p2
%build
make clean
make %{?_smp_mflags} CFLAGS="%{optflags}" LDFLAGS="%{?__global_ldflags}"
%install
rm -rf %{buildroot}
make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" install
%pre
%preun
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root)
%license LICENSE
%{_libdir}/libsepol.so.*
%{_bindir}/sepol_*
%files devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/*.so
%{_libdir}/pkgconfig/libsepol.pc
%{_libdir}/*.a
%exclude %{_bindir}/chkcon
%files help
%defattr(-,root,root)
%{_mandir}/man8/*
%{_mandir}/ru/man8/*
%{_mandir}/man3/*
%changelog
* Tue Mar 18 2025 Linux_zhang <zhangruifang@h-partners.com> - 3.5-5
- backport patches from upstream
* Tue Oct 15 2024 yanglongkang <yanglongkang@h-partners.com> - 3.5-4
- backport bugfix from upstream
* Tue Mar 26 2024 gengqihu <gengqihu2@h-partners.com> - 3.5-3
- backport bugfix from upstream
* Sat Nov 25 2023 huangzq6 <huangzhenqiang2@huawei.com> - 3.5-2
- backport bugfix from upstream
* Mon Jul 17 2023 niuyaru <niuyaru@kylinos.cn> - 3.5-1
- update to 3.5
* Sat Jan 28 2023 jinlun <jinlun@huawei.com> - 3.4-1
- update to 3.4
* Fri Nov 18 2022 jinlun <jinlun@huawei.com> - 3.3-3
- backport upstream patches
* Tue Mar 15 2022 panxiaohe <panxh.life@foxmail.com> - 3.3-2
- delete useless old version dynamic library
* Thu Jan 13 2022 panxiaohe <panxiaohe@huawei.com> - 3.3-1
- update to 3.3
* Fri Dec 10 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-6
- fix secilc-fuzzer issues
* Fri Sep 10 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-5
- fix secilc-fuzzer issues
* Fri May 28 2021 panxiaohe <panxiaohe@huawei.com> - 3.1-4
- Drop unnecessary telinit
* Mon Mar 15 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 3.1-3
- fix heap-use-after-free in cil_yy_switch_to_buffer
- fix heap-use-after-free in __class_reset_perm_values()
- fix heap-buffer-overflow in cil_print_recursive_blockinherit
* Thu Mar 4 2021 Lirui <lirui130@huawei.com> - 3.1-2
- fix NULL pointer dereference in cil_fill_ipaddr
* Fri Jul 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.1-1
- update to 3.1
* Tue Sep 10 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.9-1
- Package init
Reference in New Issue View Git Blame Copy Permalink