-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-47e562e5c9 2025-09-14 00:56:09.039857+00:00 -------------------------------------------------------------------------------- Name : fapolicyd Product : Fedora 42 Version : 1.3.6 Release : 1.fc42 URL : https://github.com/linux-application-whitelisting/fapolicyd Summary : Application Whitelisting Daemon Description : Fapolicyd (File Access Policy Daemon) implements application whitelisting to decide file access rights. Applications that are known via a reputation source are allowed access while unknown applications are not. The daemon makes use of the kernel's fanotify interface to determine file access rights. -------------------------------------------------------------------------------- Update Information: 1.3.6 Increase the default subject cache size Move fapolicyd-rpm-loader to bin directory Suppress the subject cache eviction for scripts run by interpreters Fix decriptor leak in previous release - only leaks on rpminstall/delete Improve performance of filter code Drop 'device' keyword for subject part of a rule Add documentation to fapolicyd-filter.conf for better understanding Fix build flags for Debian to include libmd Add --test-filter to fapolicy-cli to help test filter rules Fix bug in the filter that was allowing unexpected files though the filter Drop 2 more kinds of files from the rpm filter: html and md 1.3.5 Raise default value for db_max_size Increase buffer size for reading process groups Pid read buffer size is defined using define rather than const Allow override of mounts file Fix leak and problematic memory managament Fix creation of RUN_DIR because it breaks rpm verify Add Microsoft Windows PE MIME magic definition Microsoft Windows PE rules Optimize path allocation Revert change to report interval logic (#325) Ensure fagenrules handles incomplete lines Describe how to handle nss-user-lookup correctly Fix normal pattern handling Improve AVL test Install gawk in test workflows Cleanup and document filesystem code Add AGENTS.md Revert "Fix for rpmdb with SQLite3 backend" Fix rpmdb locking issues by loading via separate process Fix an infinite loop (#345) Use memfd instead of pipe (#346) fapolicyd-cli --check-path doesn't exit Fix null argv when spawning fapolicyd-rpm-loader (#343) Fix some concurrency issues Update comments in lru_evict header Update fd_fgets code On exit due to poll error, try to stop and save the database Improve update thread synchronization in fapolicyd Modify rpm_load_list for stop checks Fix a TODO that notes NULL should be returned Add some error cleanup in filter_load_file Increase buffer size when reading the PT_INTERP string in gather_elf() Add debug logs for STATE_LD_SO decisions Remove volatile qualifier from atomic types Add MEM_MMAP_FILE storage type for fd_fgets Fix segfault when writing to readonly memory Switch rpm-backend to mmap based list parsing Add memory statistics report To allow sealing, need to create with MFD_ALLOW_SEALING Ease SHA strings allocated on each iteration Skip to add non regular files to trustdb (#333) Fix segfault when socket is inside of the directory (#355) Subject cache eviction warning No eviction warnings on shutdown -------------------------------------------------------------------------------- ChangeLog: * Wed Sep 3 2025 Petr Lautrbach <lautrbach@xxxxxxxxxx> - 1.3.6-1 - fapolicyd-1.3.6 and fapolicyd-selinux-0.9 * Tue Aug 26 2025 Petr Lautrbach <lautrbach@xxxxxxxxxx> - 1.3.5-2 - Modify queue to use ring buffer - Fix memory leaks in the AVL tests - Do not exit in do_database_reload when stop in progress - Add /var/lib/fapolicyd to tmpfiles - Fix owner:group of /etc/fapolicyd on boot - Change /usr/share/fapolicyd to root:root * Mon Aug 11 2025 Petr Lautrbach <lautrbach@xxxxxxxxxx> - 1.3.5-1 - fapolicyd-1.3.5 and fapolicyd-selinux-0.8 * Wed Jul 23 2025 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 1.3.4-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild * Tue Feb 11 2025 Zbigniew JÄ?drzejewski-Szmek <zbyszek@xxxxxxxxx> - 1.3.4-3 - Add sysusers.d config file to allow rpm to create users/groups automatically -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-47e562e5c9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
