libsepol-utils-3.0-1.31 >  A ^p9| dJVDK8N{z3﬒Qο6]'(Z8M/:_bX|1q@&S7 S"%i n0}O޼ Zt6lVL+T[BnUڽHd-1wێ l{:Y1Ekᮼ\Hto05~]*o&"+WWB WANnvڒ˼Iio~\iɁ/dFmkAf0949446ac80cdfee70f35712b4ca946f2458745577a7cb6b852b9216748a3f9b4b73caf812d4eccc499a9c4d6c416b8113529a8:^p9|F3V&P͆[ ߟChOrg<FcϛP7$M&wr%բX  "o;CS$\0.̤=ΆtoiuoYݴ V٦l(e5|FꍉwؠHuL_|oq=D!S{q|$KiFvKxv2$?"H fRCWY+{:`t9(>p>! ?!d  Chltx $,@ J T h  (P t ` (89:FGHIX Y(\<]P^bcqdefluvw tx y z    ! Clibsepol-utils3.01.31SELinux binary policy manipulation toolslibsepol provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies such as customizing policy boolean settings.^sheep02%SUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/System/Basehttps://github.com/SELinuxProject/selinux/wiki/Releaseslinuxx86_64v:g큤^^^^^b9cc3636ef4b9c35498ccd7bbf9463adf68113eb6fe01ba041e2c59a53e2112670f72868bf9f9a0c2c02627b2226a5cd96f3ba693bf0646811ddf19b49d85e813713628c42da6fe7f226578a042aeefc340b3d15c1e991119bbf6acbffe9d32a5b68e2eababb82bf1882860a966d2661a00283e1f8587aff0163257daf50d157e1d6d6b28561d88e2d6dd3028107c58007f0f05a2c5d747675d525c73b9c1614rootrootrootrootrootrootrootrootrootrootlibsepol-3.0-1.31.src.rpmlibsepol-utilslibsepol-utils(x86-64)@@@@@    libc.so.6()(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libsepol.so.1()(64bit)libsepol.so.1(LIBSEPOL_1.0)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1^^F^2@] u@\+@[%@[%@[$@Z@Z W@W~W~W~W{@jsegitz@suse.dejsegitz@suse.demliska@suse.czjsegitz@suse.comjengelh@inai.dejsegitz@suse.comjsegitz@suse.commcepl@suse.comjsegitz@suse.comjengelh@inai.dempluskal@suse.comjsegitz@novell.comjsegitz@novell.comi@marguerite.su- Update to version 3.0 * cil: Allow validatetrans rules to be resolved * cil: Report disabling an optional block only at high verbose levels * cil: do not dereference perm_value_to_cil when it has not been allocated * cil: fix mlsconstrain segfault * Further improve binary policy optimization * Make an unknown permission an error in CIL * Remove cil_mem_error_handler() function pointer * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping * Add a function to optimize kernel policy * Add ebitmap_for_each_set_bit macro Dropped fnocommon.patch as it's included upstream- Add fnocommon.patch to prevent build failures on gcc10 and remove_cil_mem_error_handler.patch to prevent build failures due to leftovers from the removal of cil_mem_error_handler (bsc#1160874)- Disable LTO due to symbol versioning (boo#1138813).- Update to version 2.9 * Add two new Xen initial SIDs * Check that initial sid indexes are within the valid range * Create policydb_sort_ocontexts() * Eliminate initial sid string definitions in module_to_cil.c * Rename kernel_to_common.c stack functions * add missing ibendport port validity check * destroy the copied va_list * do not call malloc with 0 byte * do not leak memory if list_prepend fails * do not use uninitialized value for low_value * fix endianity in ibpkey range checks * ibpkeys.c: fix printf format string specifiers for subnet_prefix * mark permissive types when loading a binary policy- Use more %make_install.- Adjusted source urls (bsc#1115052)- Update to version 2.8 (bsc#1111732) For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524/RELEASE-20180524.txt- Rebase to 2.7 For changes please see https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804/RELEASE-20170804.txt- Update to version 2.6. Notable changes: * Add support for converting extended permissions to CIL * Create user and role caches when building binary policy * Check for too many permissions in classes and commons in CIL * Fix xperm mapping between avrule and avtab * Produce more meaningful error messages for conflicting type rules in CIL * Change which attributes CIL keeps in the binary policy * Warn instead of fail if permission is not resolved * Ignore object_r when adding userrole mappings to policydb * Correctly detect unknown classes in sepol_string_to_security_class * Fix neverallowxperm checking on attributes * Only apply bounds checking to source types in rules * Fix CIL and not add an attribute as a type in the attr_type_map * Fix extended permissions neverallow checking * Fix CIL neverallow and bounds checking * Add support for portcon dccp protocol- Update RPM groups, trim description and combine filelist entries.- Cleanup spec file with spec-cleaner - Make spec file a bit more easy - Ship new supbackage (-tools)- Without bug number no submit to SLE 12 SP2 is possible, so to make sle-changelog-checker happy: bsc#988977- Adjusted source link- update version 2.5 * Fix unused variable annotations * Fix uninitialized variable in CIL * Validate extended avrules and permissionxs in CIL * Add support in CIL for neverallowx * Fully expand neverallowxperm rules * Add support for unordered classes to CIL * Add neverallow support for ioctl extended permissions * Improve CIL block and macro call recursion detection * Fix CIL uninitialized false positive in cil_binary * Provide error in CIL if classperms are empty * Add userattribute{set} functionality to CIL * fix CIL blockinherit copying segfault and add macro restrictions * fix CIL NULL pointer dereference when copying classpermission/set * Add CIL support for ioctl whitelists * Fix memory leak when destroying avtab * Replace sscanf in module_to_cil * Improve CIL resolution error messages * Fix policydb_read for policy versions < 24 * Added CIL bounds checking and refactored CIL Neverallow checking * Refactored libsepol Neverallow and bounds (hierarchy) checking * Treat types like an attribute in the attr_type_map * Add new ebitmap function named ebitmap_match_any() * switch operations to extended perms * Write auditadm_r and secadm_r roles to base module when writing CIL * Fix module to CIL to only associate declared roleattributes with in-scope types * Don't allow categories/sensitivities inside blocks in CIL * Replace fmemopen() with internal function in libsepol * Verify users prior to evaluating users in cil * Binary modules do not support ioctl rules * Add support for ioctl command whitelisting * Don't use symbol versioning for static object files * Add sepol_module_policydb_to_cil(), sepol_module_package_to_cil(), and sepol_ppfile_to_module_package() * Move secilc out of libsepol * fix building Xen policy with devicetreecon, and add devicetreecon CIL documentation * bool_copy_callback set state on creation * Add device tree ocontext nodes to Xen policy * Widen Xen IOMEM context entries * Fix error path in mls_semantic_level_expand() * Update to latest CIL, includes new name resolution and fixes ordering issues with blockinherit statements, and bug fixes - changes in 2.4 * Remove assumption that SHLIBDIR is ../../ relative to LIBDIR * Fix bugs found by hardened gcc flags * Build CIL into libsepol. libsepol can be built without CIL by setting the DISABLE_CIL flag to 'y' * Add an API function to set target_platform * Report all neverallow violations * Improve check_assertions performance * Allow libsepol C++ static library on devicesheep02 15914044223.0-1.313.0-1.31chkconchkcon.8.gzgenpolbools.8.gzgenpolusers.8.gzchkcon.8.gz/usr/bin//usr/share/man/man8//usr/share/man/ru/man8/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP2:GA/standard/f7bb5c487451202a0d1d0825cd218fe1-libsepolcpioxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/l, BuildID[sha1]=86080ad217073f657b84af04c05e837b551f8adb, for GNU/Linux 3.2.0, strippedtroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text (gzip compressed data, max compression, from Unix)RRRRR '$coM(r, utf-8d7b004039f54a322905e25fb894b67ab7b77b7db2ef594925011b1513d2b74c5? 7zXZ !t/(0] crv9vWE:>5n)&QLfr}?]ld x sPօ|4'5Ɲ7AB2{SB}RTo|/K.d:D{gAzg6m>eZ}]vUJT1#O@΋B@XFlnQ[zuGD] 8kFU^՟ F~EqA`;bZp(1_~H3Kֶ(8oL@o+ -1כY6v[7.EcֽvEQu)84gr ɔG(1Kd;//f5b+Y`&qnt1of E_xXzy"vP)fhw|T}xhYVT(Yw+DDEԸ׷Ƿs0g qڞ3t)y99hyc_ۧ0$/< Tb`/oL:} X<$ f]q5g$|W X#[sS8c~KԱRL*B-״&ذ5̡. '% hќQ,ffZf_mg>y%ԁn=c3_ xżEʭy_e. kmI i0g}@kVAL?<ș QzZo%ⷦ$vtWy^LX{Qn@\ؤpO ȇ;LܬYUn iF}D$x iƙxr,S~0#ES5Aj_NAC=-*d5x))C'b3ya9)f6MCan[&&7A26GݽNF`6C $a[R:7< Yg-#K57dYĻoi!.}%~|ҝ|^|q&{D΢Rvb<|nߠef(٪4a¨z;;qv^dh:֜Uxyφ)1 :sjHw2}ͰЎðqdeVp+Ǽ!RQJ٠Pg H\'(z$c v$ ӺS y}[9g|4X0̟ep2܆!+?Jjv0F#,;+KƸ7ۛ)ol%E}$t8;&)rIC9i,S}R& SΏy 79ehs\R v) m C0#O6PzTdPgY4mAZ𙠪ODw>mj'7ތ@[؉꛳ 7sg vYfKtHB>w@IF 9g؏pIs,M) ͱ?dsK0`/xÓi,>2*z1yAgDGP 'ůW&]&`Ƀ:l#*ҚA@\- ,䴨 *4(kf\sThߪvplCG9hr9?T0jzuh8Vg/*DDML57ϙ?@obd9ꍫ3A?! *QVXGN;Ff-7wuPMjLŒhu;R{ڥ שNR{bWTix:X%I]`gɫ.|c5h Z!+1!4c,Z0磁O}$?M\*.?>wVETj`YPs-%G5"%/5,~&љyG3;2;ƒ- ŝn/q\\w9UqP$;T'M>e@FlZ);+d͇r[7yP|2"z| ^5ntR 5VxgPuvC " ^X3fMJPb]ٺMĘ]'?;hfMsiE>"w!mzA6]#(1J1s9xM0f:dbNaU('0zF~yY-SLnNnDToF¸Lh!=2̿ 8>!L焀늍a龉cqu]an=-S~pe,>L$&c7jJq`P5pNsX-^[x{ߝn\hR B9*P+5=;ޯ'X-Stcbvzj5R @:gNi4c4٠y6㼌V]Cn0͉pڷZRI3GD8%X ƍjݳq*?ܽAi`/vUƖChރNVESKm8o/%]PzOX5xwЦNW۲p810zZ,&|abx.W@B99<\% ѫPs'vvc¹! ‹otzJW&(G!/$JC o7#i?} \֡Efź-⠊mN{&6=!sHZfc2Lij2ۼSXwwջ~»k*hNcvsܡm[=JjcLN?.Jz„ydw!k)e:~8c%4z^E> QFĸBC`[_44DžI8Q2{7#.쭻C`oװ4_cIIVbFɋNN뙌p۴MoLƁK37T> P!mN%BIFj8*{lp@[쵵WY$ĔU  DMQȨ:RNuVc==Zә`Np߆dH/b36dņ]e+0vEzQ7M(knR \a5Ľb ̪pSqLf0*iLa]qt9Q(r-ȏ9EgnΦ\W ڬMNPPj"7sGʖF5_!"ƁX&bN:xalޭiHʬ w>t}2D;ʩ5qrFiz*)56v32-v:U30 5H rbLouYegS+!}vKF`w$gw|0|@PS)S*dS=r3SCy$ħ7J3a3~w2ud !jE T_?. ޙste[;(~ VS:CЉxF"Qg!%^yUek(F)=gTAF; Qgڪ&[#8Sⴞɠ5Gmh{4D5udWXlЩDYWjD:E]Qŭ2[O f4ؾʸ KХykё+u!MѥeODgm}lHČ@pI&gVS{`CcHp,o1 a~;rvܬNN *QJ Ķ YZ