Stephen Smalley | 15ccea7 | 2015-04-28 08:26:43 -0400 | [diff] [blame] | 1 | * dispol: display operations as ranges, from Jeff Vander Stoep. |
Stephen Smalley | 11f2e15 | 2015-04-23 08:45:20 -0400 | [diff] [blame] | 2 | * dispol: Extend to display operations, from Stephen Smalley. |
Stephen Smalley | a2ceeba | 2015-04-23 08:33:18 -0400 | [diff] [blame] | 3 | * Add support for ioctl command whitelisting, from Jeff Vander Stoep. |
James Carter | c0064fb | 2015-04-02 10:52:25 -0400 | [diff] [blame] | 4 | * Add option to write CIL policy, from James Carter |
Stephen Smalley | 3057bcf | 2015-03-18 08:33:45 -0400 | [diff] [blame] | 5 | * Add device tree ocontext nodes to Xen policy, from Daniel De Graaf. |
| 6 | * Widen Xen IOMEM context entries, from Daniel De Graaf. |
| 7 | * Expand allowed character set in paths, from Daniel De Graaf. |
Stephen Smalley | 93e557c | 2015-03-10 12:46:47 -0400 | [diff] [blame] | 8 | * Fix precedence between number and filesystem tokens, from Stephen Smalley. |
Stephen Smalley | 68ed273 | 2015-02-26 15:02:21 -0500 | [diff] [blame] | 9 | * dispol/dismod fgets function warnings fix, from Emre Can Kucukoglu. |
| 10 | |
Steve Lawrence | f0c9966 | 2015-02-02 09:38:10 -0500 | [diff] [blame] | 11 | 2.4 2015-02-02 |
Steve Lawrence | ff5bbe6 | 2014-10-01 14:47:16 -0400 | [diff] [blame] | 12 | * Fix bugs found by hardened gcc flags, from Nicolas Iooss. |
Stephen Smalley | 3f12115 | 2015-01-20 16:24:10 -0500 | [diff] [blame] | 13 | * Add missing semicolon in cond_else parser rule, from Steven Capelli. |
| 14 | * Clear errno before call to strtol(3) from Dan Albert. |
Stephen Smalley | 37b7248 | 2015-01-21 14:01:15 -0500 | [diff] [blame] | 15 | * Global C++11 compatibility from Dan Albert. |
Steve Lawrence | f0c9966 | 2015-02-02 09:38:10 -0500 | [diff] [blame] | 16 | * Allow libsepol C++ static library on device from Daniel Cashman. |
Steve Lawrence | ff5bbe6 | 2014-10-01 14:47:16 -0400 | [diff] [blame] | 17 | |
Stephen Smalley | 1e64821 | 2014-05-06 13:30:27 -0400 | [diff] [blame] | 18 | 2.3 2014-05-06 |
| 19 | * Add Android support for building dispol. |
Stephen Smalley | 84c9c82 | 2014-03-24 15:05:09 -0400 | [diff] [blame] | 20 | * Report source file and line information for neverallow failures. |
Stephen Smalley | 8c5171d | 2014-02-20 14:24:43 -0500 | [diff] [blame] | 21 | * Prevent incompatible option combinations for checkmodule. |
| 22 | * Drop -lselinux from LDLIBS for test programs; not used. |
Stephen Smalley | 534f5a7 | 2013-11-06 09:35:58 -0500 | [diff] [blame] | 23 | * Add debug feature to display constraints/validatetrans from Richard Haines. |
| 24 | |
Stephen Smalley | 7c4bb77 | 2013-10-30 12:45:19 -0400 | [diff] [blame] | 25 | 2.2 2013-10-30 |
Stephen Smalley | a080100 | 2013-10-25 15:14:23 -0400 | [diff] [blame] | 26 | * Fix hyphen usage in man pages from Laurent Bigonville. |
| 27 | * handle-unknown / -U required argument fix from Laurent Bigonville. |
| 28 | * Support overriding Makefile PATH and LIBDIR from Laurent Bigonville. |
| 29 | * Support space and : in filenames from Dan Walsh. |
| 30 | |
Eric Paris | e9410c9 | 2013-02-01 16:57:55 -0500 | [diff] [blame] | 31 | 2.1.12 2013-02-01 |
| 32 | * Fix errors found by coverity |
| 33 | * implement default type policy syntax |
| 34 | * Free allocated memory when clean up / exit. |
| 35 | |
Eric Paris | 8638197 | 2012-09-13 10:33:58 -0400 | [diff] [blame] | 36 | 2.1.11 2012-09-13 |
| 37 | * fd leak reading policy |
| 38 | * check return code on ebitmap_set_bit |
| 39 | |
Eric Paris | f05a71b | 2012-06-28 14:02:29 -0400 | [diff] [blame] | 40 | 2.1.10 2012-06-28 |
| 41 | * sepolgen: We need to support files that have a + in them |
| 42 | * Android/MacOS X build support |
| 43 | |
Eric Paris | 7a86fe1 | 2012-03-28 15:44:05 -0400 | [diff] [blame] | 44 | 2.1.9 2012-03-28 |
| 45 | * implement new default labeling behaviors for usr, role, range |
| 46 | * Fix dead links to www.nsa.gov/selinux |
| 47 | |
Eric Paris | 339f807 | 2011-12-21 12:46:04 -0500 | [diff] [blame] | 48 | 2.1.8 2011-12-21 |
| 49 | * add new helper to translate class sets into bitmaps |
| 50 | |
Eric Paris | d65c02f | 2011-12-05 16:20:45 -0500 | [diff] [blame] | 51 | 2.1.7 2011-12-05 |
| 52 | * dis* fixed signed vs unsigned errors |
| 53 | * dismod: fix unused parameter errors |
| 54 | * test: Makefile: include -W and -Werror |
| 55 | * allow ~ in filename transition rules |
| 56 | |
Eric Paris | 14e4b70 | 2011-11-03 15:26:36 -0400 | [diff] [blame] | 57 | 2.1.6 2011-11-03 |
| 58 | * Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules" |
| 59 | * drop libsepol dynamic link in checkpolicy |
| 60 | |
Eric Paris | 418dbc7 | 2011-09-16 15:34:36 -0400 | [diff] [blame] | 61 | 2.1.5 2011-09-15 |
| 62 | * Separate tunable from boolean during compile. |
| 63 | |
Eric Paris | 1f8cf40 | 2011-08-26 15:11:58 -0400 | [diff] [blame] | 64 | 2.1.4 2011-08-26 |
| 65 | * checkpolicy: fix spacing in output message |
| 66 | |
Eric Paris | 6b6b475 | 2011-08-17 11:17:28 -0400 | [diff] [blame] | 67 | 2.1.3 2011-08-17 |
| 68 | * add missing ; to attribute_role_def |
| 69 | *Redo filename/filesystem syntax to support filename trans |
| 70 | |
Eric Paris | 78b4b56 | 2011-08-02 14:10:39 -0400 | [diff] [blame] | 71 | 2.1.2 2011-08-02 |
| 72 | * .gitignore changes |
| 73 | * dispol output of role trans |
| 74 | * man page update: build a module with an older policy version |
| 75 | |
Eric Paris | 510003b | 2011-08-01 13:49:21 -0400 | [diff] [blame] | 76 | 2.1.1 2011-08-01 |
| 77 | * Minor updates to filename trans rule output in dis{mod,pol} |
| 78 | |
Steve Lawrence | 44121f6 | 2011-07-26 09:39:09 -0400 | [diff] [blame] | 79 | 2.1.0 2011-07-27 |
| 80 | * Release, minor version bump |
| 81 | |
Steve Lawrence | 5050408 | 2011-07-25 10:12:15 -0400 | [diff] [blame] | 82 | 2.0.27 2011-07-25 |
| 83 | * Add role attribute support by Harry Ciao |
| 84 | |
Steve Lawrence | 0acd0ea | 2011-05-16 09:25:08 -0400 | [diff] [blame] | 85 | 2.0.26 2011-05-16 |
| 86 | * Wrap file names in filename transitions with quotes by Steve Lawrence. |
| 87 | * Allow filesystem names to start with a digit by James Carter. |
| 88 | |
Steve Lawrence | 2ecb2bf | 2011-04-29 15:56:00 -0400 | [diff] [blame] | 89 | 2.0.25 2011-05-02 |
| 90 | * Add support for using the last path compnent in type transitions by Eric |
| 91 | Paris. |
| 92 | * Allow single digit module versions by Daniel Walsh. |
| 93 | * Use better filename identifier for filenames by Daniel Walsh. |
| 94 | * Use #defines for dismod selections by Eric Paris. |
| 95 | |
Steve Lawrence | c7512cf | 2011-04-11 16:10:04 -0400 | [diff] [blame] | 96 | 2.0.24 2011-04-11 |
| 97 | * Add new class field in role_transition by Harry Ciao. |
| 98 | |
Chad Sellers | d17ed0d | 2010-12-16 14:11:57 -0500 | [diff] [blame] | 99 | 2.0.23 2010-12-16 |
| 100 | * Remove unused variables to fix compliation under GCC 4.6 by Justin Mattock |
| 101 | |
Chad Sellers | fe19c7a | 2010-06-14 16:33:29 -0400 | [diff] [blame] | 102 | 2.0.22 2010-06-14 |
| 103 | * Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence |
| 104 | |
Joshua Brindle | 32cf5d5 | 2009-11-27 15:03:02 -0500 | [diff] [blame] | 105 | 2.0.21 2009-11-27 |
| 106 | * Add long options to checkpolicy and checkmodule by Guido |
| 107 | Trentalancia <guido@trentalancia.com> |
| 108 | |
Joshua Brindle | f3c3bbd | 2009-10-14 15:54:16 -0400 | [diff] [blame] | 109 | 2.0.20 2009-10-14 |
| 110 | * Add support for building Xen policies from Paul Nuzzi. |
| 111 | |
Joshua Brindle | 4e23951 | 2009-02-17 12:22:40 -0500 | [diff] [blame] | 112 | 2.0.19 2009-02-18 |
| 113 | * Fix alias field in module format, caused by boundary format change |
| 114 | from Caleb Case. |
| 115 | |
Joshua Brindle | 3d431ae | 2008-10-14 08:12:59 -0400 | [diff] [blame] | 116 | 2.0.18 2008-10-14 |
| 117 | * Properly escape regex symbols in the lexer from Stephen Smalley. |
| 118 | |
Joshua Brindle | b04f2af | 2008-10-09 08:31:43 -0400 | [diff] [blame] | 119 | 2.0.17 2008-10-09 |
| 120 | * Add bounds support from KaiGai Kohei. |
| 121 | |
Joshua Brindle | 13cd4c8 | 2008-08-19 15:30:36 -0400 | [diff] [blame] | 122 | 2.0.16 2008-05-27 |
| 123 | * Update checkpolicy for user and role mapping support from Joshua Brindle. |
| 124 | |
| 125 | 2.0.15 2008-05-05 |
| 126 | * Fix for policy module versions that look like IPv4 addresses from Jim Carter. |
| 127 | Resolves bug 444451. |
| 128 | |
| 129 | 2.0.14 2008-03-24 |
| 130 | * Add permissive domain support from Eric Paris. |
| 131 | |
| 132 | 2.0.13 2008-03-05 |
| 133 | * Split out non-grammar parts of policy_parse.yacc into |
| 134 | policy_define.c and policy_define.h from Todd C. Miller. |
| 135 | |
| 136 | 2.0.12 2008-03-04 |
| 137 | * Initialize struct policy_file before using it, from Todd C. Miller. |
| 138 | |
| 139 | 2.0.11 2008-03-03 |
| 140 | * Remove unused define, move variable out of .y file, simplify COND_ERR, from Todd C. Miller. |
| 141 | |
| 142 | 2.0.10 2008-02-28 |
| 143 | * Use yyerror2() where appropriate from Todd C. Miller. |
| 144 | |
| 145 | 2.0.9 2008-02-04 |
| 146 | * Update dispol for libsepol avtab changes from Stephen Smalley. |
| 147 | |
| 148 | 2.0.8 2008-01-24 |
| 149 | * Deprecate role dominance in parser. |
| 150 | |
| 151 | 2.0.7 2008-01-02 |
| 152 | * Added support for policy capabilities from Todd Miller. |
| 153 | |
| 154 | 2.0.6 2007-11-15 |
| 155 | * Initialize the source file name from the command line argument so that checkpolicy/checkmodule report something more useful than "unknown source". |
| 156 | |
| 157 | 2.0.5 2007-11-01 |
| 158 | * Merged remove use of REJECT and trailing context in lex rules; make ipv4 address parsing like ipv6 from James Carter. |
| 159 | |
| 160 | 2.0.4 2007-09-18 |
| 161 | * Merged handle unknown policydb flag support from Eric Paris. |
| 162 | Adds new command line options -U {allow, reject, deny} for selecting |
| 163 | the flag when a base module or kernel policy is built. |
| 164 | |
| 165 | 2.0.3 2007-05-31 |
| 166 | * Merged fix for segfault on duplicate require of sensitivity from Caleb Case. |
| 167 | * Merged fix for dead URLs in checkpolicy man pages from Dan Walsh. |
| 168 | |
| 169 | 2.0.2 2007-04-12 |
| 170 | * Merged checkmodule man page fix from Dan Walsh. |
| 171 | |
| 172 | 2.0.1 2007-02-20 |
| 173 | * Merged patch to allow dots in class identifiers from Caleb Case. |
| 174 | |
| 175 | 2.0.0 2007-02-01 |
| 176 | * Merged patch to use new libsepol error codes by Karl MacMillan. |
| 177 | |
| 178 | 1.34.0 2007-01-18 |
| 179 | * Updated version for stable branch. |
| 180 | |
| 181 | 1.33.1 2006-11-13 |
| 182 | * Collapse user identifiers and identifiers together. |
| 183 | |
| 184 | 1.32 2006-10-17 |
| 185 | * Updated version for release. |
| 186 | |
| 187 | 1.30.12 2006-09-28 |
| 188 | * Merged user and range_transition support for modules from |
| 189 | Darrel Goeddel |
| 190 | |
| 191 | 1.30.11 2006-09-05 |
| 192 | * merged range_transition enhancements and user module format |
| 193 | changes from Darrel Goeddel |
| 194 | |
| 195 | 1.30.10 2006-08-03 |
| 196 | * Merged symtab datum patch from Karl MacMillan. |
| 197 | |
| 198 | 1.30.9 2006-06-29 |
| 199 | * Lindent. |
| 200 | |
| 201 | 1.30.8 2006-06-29 |
| 202 | * Merged patch to remove TE rule conflict checking from the parser |
| 203 | from Joshua Brindle. This can only be done properly by the |
| 204 | expander. |
| 205 | |
| 206 | 1.30.7 2006-06-27 |
| 207 | * Merged patch to make checkpolicy/checkmodule handling of |
| 208 | duplicate/conflicting TE rules the same as the expander |
| 209 | from Joshua Brindle. |
| 210 | |
| 211 | 1.30.6 2006-06-26 |
| 212 | * Merged optionals in base take 2 patch set from Joshua Brindle. |
| 213 | |
| 214 | 1.30.5 2006-05-05 |
| 215 | * Merged compiler cleanup patch from Karl MacMillan. |
| 216 | * Merged fix warnings patch from Karl MacMillan. |
| 217 | |
| 218 | 1.30.4 2006-04-05 |
| 219 | * Changed require_class to reject permissions that have not been |
| 220 | declared if building a base module. |
| 221 | |
| 222 | 1.30.3 2006-03-28 |
| 223 | * Fixed checkmodule to call link_modules prior to expand_module |
| 224 | to handle optionals. |
| 225 | |
| 226 | 1.30.2 2006-03-28 |
| 227 | * Fixed require_class to avoid shadowing permissions already defined |
| 228 | in an inherited common definition. |
| 229 | |
| 230 | 1.30.1 2006-03-22 |
| 231 | * Moved processing of role and user require statements to 2nd pass. |
| 232 | |
| 233 | 1.30 2006-03-14 |
| 234 | * Updated version for release. |
| 235 | |
| 236 | 1.29.5 2006-03-09 |
| 237 | * Fixed bug in role dominance (define_role_dom). |
| 238 | |
| 239 | 1.29.4 2006-02-14 |
| 240 | * Added a check for failure to declare each sensitivity in |
| 241 | a level definition. |
| 242 | |
| 243 | 1.29.3 2006-02-13 |
| 244 | * Changed to clone level data for aliased sensitivities to |
| 245 | avoid double free upon sens_destroy. Bug reported by Kevin |
| 246 | Carr of Tresys Technology. |
| 247 | |
| 248 | 1.29.2 2006-02-13 |
| 249 | * Merged optionals in base patch from Joshua Brindle. |
| 250 | |
| 251 | 1.29.1 2006-02-01 |
| 252 | * Merged sepol_av_to_string patch from Joshua Brindle. |
| 253 | |
| 254 | 1.28 2005-12-07 |
| 255 | * Updated version for release. |
| 256 | |
| 257 | 1.27.20 2005-12-02 |
| 258 | * Merged checkmodule man page from Dan Walsh, and edited it. |
| 259 | |
| 260 | 1.27.19 2005-12-01 |
| 261 | * Added error checking of all ebitmap_set_bit calls for out of |
| 262 | memory conditions. |
| 263 | |
| 264 | 1.27.18 2005-12-01 |
| 265 | * Merged removal of compatibility handling of netlink classes |
| 266 | (requirement that policies with newer versions include the |
| 267 | netlink class definitions, remapping of fine-grained netlink |
| 268 | classes in newer source policies to single netlink class when |
| 269 | generating older policies) from George Coker. |
| 270 | |
| 271 | 1.27.17 2005-10-25 |
| 272 | * Merged dismod fix from Joshua Brindle. |
| 273 | |
| 274 | 1.27.16 2005-10-20 |
| 275 | * Removed obsolete cond_check_type_rules() function and call and |
| 276 | cond_optimize_lists() call from checkpolicy.c; these are handled |
| 277 | during parsing and expansion now. |
| 278 | |
| 279 | 1.27.15 2005-10-19 |
| 280 | * Updated calls to expand_module for interface change. |
| 281 | |
| 282 | 1.27.14 2005-10-19 |
| 283 | * Changed checkmodule to verify that expand_module succeeds |
| 284 | when building base modules. |
| 285 | |
| 286 | 1.27.13 2005-10-19 |
| 287 | * Merged module compiler fixes from Joshua Brindle. |
| 288 | |
| 289 | 1.27.12 2005-10-19 |
| 290 | * Removed direct calls to hierarchy_check_constraints() and |
| 291 | check_assertions() from checkpolicy since they are now called |
| 292 | internally by expand_module(). |
| 293 | |
| 294 | 1.27.11 2005-10-18 |
| 295 | * Updated for changes to sepol policydb_index_others interface. |
| 296 | |
| 297 | 1.27.10 2005-10-17 |
| 298 | * Updated for changes to sepol expand_module and link_modules interfaces. |
| 299 | |
| 300 | 1.27.9 2005-10-13 |
| 301 | * Merged support for require blocks inside conditionals from |
| 302 | Joshua Brindle (Tresys). |
| 303 | |
| 304 | 1.27.8 2005-10-06 |
| 305 | * Updated for changes to libsepol. |
| 306 | |
| 307 | 1.27.7 2005-10-05 |
| 308 | * Merged several bug fixes from Joshua Brindle (Tresys). |
| 309 | |
| 310 | 1.27.6 2005-10-03 |
| 311 | * Merged MLS in modules patch from Joshua Brindle (Tresys). |
| 312 | |
| 313 | 1.27.5 2005-09-28 |
| 314 | * Merged error handling improvement in checkmodule from Karl MacMillan (Tresys). |
| 315 | |
| 316 | 1.27.4 2005-09-26 |
| 317 | * Merged bugfix for dup role transition error messages from |
| 318 | Karl MacMillan (Tresys). |
| 319 | |
| 320 | 1.27.3 2005-09-23 |
| 321 | * Merged policyver/modulever patches from Joshua Brindle (Tresys). |
| 322 | |
| 323 | 1.27.2 2005-09-20 |
| 324 | * Fixed parse_categories handling of undefined category. |
| 325 | |
| 326 | 1.27.1 2005-09-16 |
| 327 | * Merged bug fix for role dominance handling from Darrel Goeddel (TCS). |
| 328 | |
| 329 | 1.26 2005-09-06 |
| 330 | * Updated version for release. |
| 331 | |
| 332 | 1.25.12 2005-08-22 |
| 333 | * Fixed handling of validatetrans constraint expressions. |
| 334 | Bug reported by Dan Walsh for checkpolicy -M. |
| 335 | |
| 336 | 1.25.11 2005-08-18 |
| 337 | * Merged use-after-free fix from Serge Hallyn (IBM). |
| 338 | Bug found by Coverity. |
| 339 | |
| 340 | 1.25.10 2005-08-15 |
| 341 | * Fixed further memory leaks found by valgrind. |
| 342 | |
| 343 | 1.25.9 2005-08-15 |
| 344 | * Changed checkpolicy to destroy the policydbs prior to exit |
| 345 | to allow leak detection. |
| 346 | * Fixed several memory leaks found by valgrind. |
| 347 | |
| 348 | 1.25.8 2005-08-11 |
| 349 | * Updated checkpolicy and dispol for the new avtab format. |
| 350 | Converted users of ebitmaps to new inline operators. |
| 351 | Note: The binary policy format version has been incremented to |
| 352 | version 20 as a result of these changes. To build a policy |
| 353 | for a kernel that does not yet include these changes, use |
| 354 | the -c 19 option to checkpolicy. |
| 355 | |
| 356 | 1.25.7 2005-08-11 |
| 357 | * Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys). |
| 358 | |
| 359 | 1.25.6 2005-08-10 |
| 360 | * Merged patch to fix dismod compilation from Joshua Brindle (Tresys). |
| 361 | |
| 362 | 1.25.5 2005-08-09 |
| 363 | * Fixed call to hierarchy checking code to pass the right policydb. |
| 364 | |
| 365 | 1.25.4 2005-08-02 |
| 366 | * Merged patch to update dismod for the relocation of the |
| 367 | module read/write code from libsemanage to libsepol, and |
| 368 | to enable build of test subdirectory from Jason Tang (Tresys). |
| 369 | |
| 370 | 1.25.3 2005-07-18 |
| 371 | * Merged hierarchy check fix from Joshua Brindle (Tresys). |
| 372 | |
| 373 | 1.25.2 2005-07-06 |
| 374 | * Merged loadable module support from Tresys Technology. |
| 375 | |
| 376 | 1.25.1 2005-06-24 |
| 377 | * Merged patch to prohibit the use of * and ~ in type sets |
| 378 | (other than in neverallow statements) and in role sets |
| 379 | from Joshua Brindle (Tresys). |
| 380 | |
| 381 | 1.24 2005-06-20 |
| 382 | * Updated version for release. |
| 383 | |
| 384 | 1.23.4 2005-05-19 |
| 385 | * Merged cleanup patch from Dan Walsh. |
| 386 | |
| 387 | 1.23.3 2005-05-13 |
| 388 | * Added sepol_ prefix to Flask types to avoid namespace |
| 389 | collision with libselinux. |
| 390 | |
| 391 | 1.23.2 2005-04-29 |
| 392 | * Merged identifier fix from Joshua Brindle (Tresys). |
| 393 | |
| 394 | 1.23.1 2005-04-13 |
| 395 | * Merged hierarchical type/role patch from Tresys Technology. |
| 396 | * Merged MLS fixes from Darrel Goeddel of TCS. |
| 397 | |
| 398 | 1.22 2005-03-09 |
| 399 | * Updated version for release. |
| 400 | |
| 401 | 1.21.4 2005-02-17 |
| 402 | * Moved genpolusers utility to libsepol. |
| 403 | * Merged range_transition support from Darrel Goeddel (TCS). |
| 404 | |
| 405 | 1.21.3 2005-02-16 |
| 406 | * Merged define_user() cleanup patch from Darrel Goeddel (TCS). |
| 407 | |
| 408 | 1.21.2 2005-02-09 |
| 409 | * Changed relabel Makefile target to use restorecon. |
| 410 | |
| 411 | 1.21.1 2005-01-26 |
| 412 | * Merged enhanced MLS support from Darrel Goeddel (TCS). |
| 413 | |
| 414 | 1.20 2005-01-04 |
| 415 | * Merged typeattribute statement patch from Darrel Goeddel of TCS. |
| 416 | * Changed genpolusers to handle multiple user config files. |
| 417 | * Merged nodecon ordering patch from Chad Hanson of TCS. |
| 418 | |
| 419 | 1.18 2004-10-07 |
| 420 | * MLS build fix. |
| 421 | * Fixed Makefile dependencies (Chris PeBenito). |
| 422 | * Merged fix for role dominance ordering issue from Chad Hanson of TCS. |
| 423 | * Preserve portcon ordering and apply more checking. |
| 424 | |
| 425 | 1.16 2004-08-13 |
| 426 | * Allow empty conditional clauses. |
| 427 | * Moved genpolbools utility to libsepol. |
| 428 | * Updated for libsepol set functions. |
| 429 | * Changed to link with libsepol.a. |
| 430 | * Moved core functionality into libsepol. |
| 431 | * Merged bug fix for conditional self handling from Karl MacMillan, Dave Caplan, and Joshua Brindle of Tresys. |
| 432 | * Added genpolusers program. |
| 433 | * Fixed bug in checkpolicy conditional code. |
| 434 | |
| 435 | 1.14 2004-06-28 |
| 436 | * Merged fix for MLS logic from Daniel Thayer of TCS. |
| 437 | * Require semicolon terminator for typealias statement. |
| 438 | |
| 439 | 1.12 2004-06-16 |
| 440 | * Merged fine-grained netlink class support. |
| 441 | |
| 442 | 1.10 2004-04-07 |
| 443 | * Merged ipv6 support from James Morris of RedHat. |
| 444 | * Fixed compute_av bug discovered by Chad Hanson of TCS. |
| 445 | |
| 446 | 1.8 2004-03-09 |
| 447 | * Merged policydb MLS patch from Chad Hanson of TCS. |
| 448 | * Fixed mmap of policy file. |
| 449 | |
| 450 | 1.6 2004-02-18 |
| 451 | * Merged conditional policy extensions from Tresys Technology. |
| 452 | * Added typealias declaration support per Russell Coker's request. |
| 453 | * Added support for excluding types from type sets based on |
| 454 | a patch by David Caplan, but reimplemented as a change to the |
| 455 | policy grammar. |
| 456 | * Merged patch from Colin Walters to report source file name and line |
| 457 | number for errors when available. |
| 458 | * Un-deprecated role transitions. |
| 459 | |
| 460 | 1.4 2003-12-01 |
| 461 | * Regenerated headers. |
| 462 | * Merged patches from Bastian Blank and Joerg Hoh. |
| 463 | |
| 464 | 1.2 2003-09-30 |
| 465 | * Merged MLS build patch from Karl MacMillan of Tresys. |
| 466 | * Merged checkpolicy man page from Magosanyi Arpad. |
| 467 | |
| 468 | 1.1 2003-08-13 |
| 469 | * Fixed endian bug in policydb_write for behavior value. |
| 470 | * License -> GPL. |
| 471 | * Merged coding style cleanups from James Morris. |
| 472 | |
| 473 | 1.0 2003-07-11 |
| 474 | * Initial public release. |
| 475 | |