2009
checkpolicy (2.0.20-1) unstable; urgency=low
* New upstream point release. Add support for building Xen policies from
Paul Nuzzi.
-- Manoj Srivastava <srivasta@debian.org> Thu, 15 Oct 2009 23:10:12 -0500
checkpolicy (2.0.19-1) unstable; urgency=low
* New upstream release
* Fix alias field in module format, caused by boundary format change
from Caleb Case.
* Properly escape regex symbols in the lexer from Stephen Smalley.
* Add bounds support from KaiGai Kohei.
-- Manoj Srivastava <srivasta@debian.org> Mon, 15 Jun 2009 14:12:44 -0500
checkpolicy (2.0.16-4) unstable; urgency=low
* Updated the location of the sources in the watch file.
* Fixed a race condition in the debian rules file, and allow an override
for parallel builds.
-- Manoj Srivastava <srivasta@debian.org> Thu, 16 Apr 2009 12:55:26 -0500
2008
checkpolicy (2.0.16-3) unstable; urgency=low
* [cb135a2] Removed obsolete dependencies (Closes: #505737)
-- Manoj Srivastava <srivasta@debian.org> Thu, 20 Nov 2008 02:52:53 -0600
checkpolicy (2.0.16-2) unstable; urgency=low
* Move to the new, make -j friendly, streamlined targets in the build
system. This should make building this more robust, and faster.
* Record the new VCS repository location for the package.
* NMU ack.
-- Manoj Srivastava <srivasta@debian.org> Sat, 30 Aug 2008 02:09:26 -0500
checkpolicy (2.0.16-1) unstable; urgency=low
* Non-maintainer upload. * New upstream version needed for latest policy.
-- Russell Coker <russell@coker.com.au> Sat, 12 Jul 2008 00:16:59 +1000
checkpolicy (2.0.12-1) unstable; urgency=low
* New upstream release
* Initialize struct policy_file before using it, from Todd C. Miller.
* Remove unused define, move variable out of .y file, simplify
COND_ERR, from Todd C. Miller.
* Use yyerror2() where appropriate from Todd C. Miller.
* Update dispol for libsepol avtab changes from Stephen Smalley.
* Deprecate role dominance in parser.
* Added support for policy capabilities from Todd Miller.
* Initialize the source file name from the command line argument so
that checkpolicy/checkmodule report something more useful than
"unknown source".
* Merged remove use of REJECT and trailing context in lex rules; make
ipv4 address parsing like ipv6 from James Carter.
-- Manoj Srivastava <srivasta@debian.org> Tue, 18 Mar 2008 01:34:42 -0500
checkpolicy (2.0.4-1) unstable; urgency=low
* New upstream release
* Merged handle unknown policydb flag support from Eric Paris.
Adds new command line options -U {allow, reject, deny} for selecting
the flag when a base module or kernel policy is built.
* Merged fix for segfault on duplicate require of sensitivity from
Caleb Case.
* Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
-- Manoj Srivastava <srivasta@debian.org> Wed, 06 Feb 2008 14:25:41 -0600
2007
checkpolicy (2.0.2-1) unstable; urgency=low
* New upstream SVN HEAD.
+ Merged checkmodule man page fix from Dan Walsh.
-- Manoj Srivastava <srivasta@debian.org> Sun, 6 May 2007 17:48:06 -0500
checkpolicy (2.0.1-1) unstable; urgency=low
* New upstream trunk release
* Merged patch to use new libsepol error codes by Karl MacMillan.
-- Manoj Srivastava <srivasta@debian.org> Thu, 19 Apr 2007 18:51:02 -0500
checkpolicy (1.34.1-1) unstable; urgency=low
* New upstream release
* Merged patch to allow dots in class identifiers from Caleb Case.
* Updated version for stable branch.
* Collapse user identifiers and identifiers together.
* Added XS-VCS-Arch and XS-VCS-Browse to debian/control, and up0dated
the build depends
-- Manoj Srivastava <srivasta@debian.org> Thu, 19 Apr 2007 00:46:26 -0500
2006
checkpolicy (1.32-1) unstable; urgency=low
* New upstream release
* Merged user and range_transition support for modules from Darrel
Goeddel
* Updated version for release.
-- Manoj Srivastava <srivasta@debian.org> Fri, 20 Oct 2006 17:51:00 -0500
checkpolicy (1.30.11-2) unstable; urgency=low
* Bug fix: "checkpolicy: Checkpolicy fails with old version of
libsepol1", thanks to Simon Richard Grint (Closes: #387029).
* Relink to the new version of libsepol, since that has the proper
shlibs bump.
-- Manoj Srivastava <srivasta@debian.org> Mon, 11 Sep 2006 16:06:19 -0500
checkpolicy (1.30.11-1) unstable; urgency=low
* New upstream point release
* merged range_transition enhancements and user module format changes
from Darrel Goeddel
-- Manoj Srivastava <srivasta@debian.org> Thu, 7 Sep 2006 10:18:48 -0500
checkpolicy (1.30.10-2) unstable; urgency=low
* checkpolicy_1.30.10-1(ia64/unstable): FTBFS: missing build-depends?
Actually, no. the package asks for bison -- but it is not around, so
Make just picks yacc as default (which is also missing). So I think
this is a buildd bug -- but there is no harm in being a little more
robust, and being able to prove it is not a package bug is bonus.
(Closes: #382646)
-- Manoj Srivastava <srivasta@debian.org> Sun, 13 Aug 2006 00:11:08 -0500
checkpolicy (1.30.10-1) unstable; urgency=low
* New upstream point release
* Merged symtab datum patch from Karl MacMillan.
-- Manoj Srivastava <srivasta@debian.org> Sat, 12 Aug 2006 04:24:44 -0500
checkpolicy (1.30.9-1) unstable; urgency=low
* New upstream point release
* Lindent.
* Merged patch to remove TE rule conflict checking from the parser
from Joshua Brindle. This can only be done properly by the
expander.
* Merged patch to make checkpolicy/checkmodule handling of
duplicate/conflicting TE rules the same as the expander
from Joshua Brindle.
* Merged optionals in base take 2 patch set from Joshua Brindle.
* Merged compiler cleanup patch from Karl MacMillan.
* Merged fix warnings patch from Karl MacMillan.
* Changed require_class to reject permissions that have not been
declared if building a base module.
-- Manoj Srivastava <srivasta@debian.org> Wed, 19 Jul 2006 18:01:32 -0500
checkpolicy (1.30.3-1) unstable; urgency=low
* Synchronize with latest CVS; needed for reference policy.
-- Manoj Srivastava <srivasta@debian.org> Mon, 8 May 2006 14:02:46 -0500
checkpolicy (1.30-1) unstable; urgency=low
* New upstream release
* Updated version for release.
* Fixed bug in role dominance (define_role_dom).
* Added a check for failure to declare each sensitivity in
a level definition.
* Changed to clone level data for aliased sensitivities to
avoid double free upon sens_destroy. Bug reported by Kevin
Carr of Tresys Technology.
* Merged optionals in base patch from Joshua Brindle.
* Merged sepol_av_to_string patch from Joshua Brindle.
-- Manoj Srivastava <srivasta@debian.org> Mon, 10 Apr 2006 16:18:24 -0500
2005
checkpolicy (1.28-1) unstable; urgency=low
* New upstream release
* Updated version for release.
* Merged checkmodule man page from Dan Walsh, and edited it.
* Added error checking of all ebitmap_set_bit calls for out of
memory conditions.
* Merged removal of compatibility handling of netlink classes
(requirement that policies with newer versions include the
netlink class definitions, remapping of fine-grained netlink
classes in newer source policies to single netlink class when
generating older policies) from George Coker.
* Merged dismod fix from Joshua Brindle.
* Removed obsolete cond_check_type_rules() function and call and
cond_optimize_lists() call from checkpolicy.c; these are handled
during parsing and expansion now.
* Updated calls to expand_module for interface change.
* Changed checkmodule to verify that expand_module succeeds
when building base modules.
* Merged module compiler fixes from Joshua Brindle.
* Removed direct calls to hierarchy_check_constraints() and
check_assertions() from checkpolicy since they are now called
internally by expand_module().
* Updated for changes to sepol policydb_index_others interface.
* Updated for changes to sepol expand_module and link_modules interfaces.
* Merged support for require blocks inside conditionals from
Joshua Brindle (Tresys).
* Updated for changes to libsepol.
* Merged several bug fixes from Joshua Brindle (Tresys).
* Merged MLS in modules patch from Joshua Brindle (Tresys).
* Merged error handling improvement in checkmodule from Karl MacMillan (Tresys).
* Merged bugfix for dup role transition error messages from
Karl MacMillan (Tresys).
* Merged policyver/modulever patches from Joshua Brindle (Tresys).
* Fixed parse_categories handling of undefined category.
* Merged bug fix for role dominance handling from Darrel Goeddel (TCS).
-- Manoj Srivastava <srivasta@debian.org> Thu, 29 Dec 2005 23:57:12 -0600
checkpolicy (1.27.4-1) unstable; urgency=low
* New upstream CVS point release, required for the latest SELinux policy
package. Various bug fixes, and retooled for the new avtab format.
-- Manoj Srivastava <srivasta@debian.org> Fri, 30 Sep 2005 14:41:04 -0500
checkpolicy (1.26-1) unstable; urgency=low
* New upstream release
* Updated version for release.
* Fixed handling of validatetrans constraint expressions.
Bug reported by Dan Walsh for checkpolicy -M.
* Merged use-after-free fix from Serge Hallyn (IBM).
Bug found by Coverity.
* Fixed further memory leaks found by valgrind.
* Changed checkpolicy to destroy the policydbs prior to exit
to allow leak detection.
* Fixed several memory leaks found by valgrind.
* Updated checkpolicy and dispol for the new avtab format.
Converted users of ebitmaps to new inline operators.
Note: The binary policy format version has been incremented to
version 20 as a result of these changes. To build a policy
for a kernel that does not yet include these changes, use
the -c 19 option to checkpolicy.
* Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys).
* Merged patch to fix dismod compilation from Joshua Brindle (Tresys).
* Fixed call to hierarchy checking code to pass the right policydb.
* Merged patch to update dismod for the relocation of the
module read/write code from libsemanage to libsepol, and
to enable build of test subdirectory from Jason Tang (Tresys).
* Merged hierarchy check fix from Joshua Brindle (Tresys).
* Merged loadable module support from Tresys Technology.
* Merged patch to prohibit the use of * and ~ in type sets
(other than in neverallow statements) and in role sets
from Joshua Brindle (Tresys).
-- Manoj Srivastava <srivasta@debian.org> Wed, 14 Sep 2005 23:59:18 -0500
checkpolicy (1.24-2) unstable; urgency=low
* Bug fix: "FTBFS: build-depends not strict enough", thanks to Christian
T. Steigies (Closes: #316439).
-- Manoj Srivastava <srivasta@debian.org> Thu, 7 Jul 2005 13:18:14 -0500
checkpolicy (1.24-1) unstable; urgency=low
* New upstream release
* Updated version for release.
* Merged cleanup patch from Dan Walsh.
* Added sepol_ prefix to Flask types to avoid namespace
collision with libselinux.
* Merged identifier fix from Joshua Brindle (Tresys).
* Merged hierarchical type/role patch from Tresys Technology.
* Merged MLS fixes from Darrel Goeddel of TCS.
-- Manoj Srivastava <srivasta@debian.org> Mon, 27 Jun 2005 14:42:10 -0500
checkpolicy (1.22-2) unstable; urgency=low
* Bug fix: "checkpolicy: FTBFS due to undeclared functions", thanks to
Christian T. Steigies. The build dependency needed to be versioned.
(Closes: #299337).
-- Manoj Srivastava <srivasta@debian.org> Sun, 13 Mar 2005 13:06:42 -0600
checkpolicy (1.22-1) unstable; urgency=low
* New upstream release
* Merged typeattribute statement patch from Darrel Goeddel of TCS.
* Changed genpolusers to handle multiple user config files.
* Merged nodecon ordering patch from Chad Hanson of TCS.
* Merged enhanced MLS support from Darrel Goeddel (TCS).
* Changed relabel Makefile target to use restorecon.
* Merged define_user() cleanup patch from Darrel Goeddel (TCS).
* Merged range_transition support from Darrel Goeddel (TCS).
* Moved genpolusers utility to libsepol.
-- Manoj Srivastava <srivasta@debian.org> Sat, 12 Mar 2005 16:10:54 -0600
checkpolicy (1.20-1) unstable; urgency=low
* New upstream release
* Merged typeattribute statement patch from Darrel Goeddel of TCS.
* Changed genpolusers to handle multiple user config files.
* Merged nodecon ordering patch from Chad Hanson of TCS.
-- Manoj Srivastava <srivasta@debian.org> Wed, 12 Jan 2005 16:46:34 -0600
2004
checkpolicy (1.18-2) unstable; urgency=low
* Update download location and copyright file, since the locations we
were pointing to are now forbidden (return a code 403).
-- Manoj Srivastava <srivasta@debian.org> Wed, 24 Nov 2004 14:01:41 -0600
checkpolicy (1.18-1) unstable; urgency=low
* New upstream release.
* MLS build fix.
* Fixed Makefile dependencies (Chris PeBenito).
* Merged fix for role dominance ordering issue from Chad Hanson of TCS.
* Preserve portcon ordering and apply more checking.
-- Manoj Srivastava <srivasta@debian.org> Thu, 4 Nov 2004 20:43:52 -0600
checkpolicy (1.16-1) unstable; urgency=low
* New upstream version, plus patches to 1.17 CVS.
-- Russell Coker <russell@coker.com.au> Tue, 26 Oct 2004 22:47:00 +1000
checkpolicy (1.14-2) unstable; urgency=low
* Patch from Tresys to fix a bug in conditional code compilation.
-- Russell Coker <russell@coker.com.au> Sun, 8 Aug 2004 22:26:00 +1000
checkpolicy (1.14-1) unstable; urgency=low
* New upstream version that adds fine-grained netlink support and fixes
some minur bugs.
-- Russell Coker <russell@coker.com.au> Wed, 30 Jun 2004 15:03:00 +1000
checkpolicy (1.10-1) unstable; urgency=low
* New ustream version, includes support for policy V17 and changes to the
-c option for backward compatability.
* Taking the package over from Colin.
-- Russell Coker <russell@coker.com.au> Thu, 20 May 2004 04:32:00 +1000
checkpolicy (1.6-0.1) unstable; urgency=low
* NMU with latest release (same as CVS).
-- Russell Coker <russell@coker.com.au> Thu, 26 Feb 2004 21:19:00 +1100
checkpolicy (1.4-2.1) unstable; urgency=low
* NMU to update to latest CVS, needed by new policy.
* Merged conditional policy extensions from Tresys Technology.
* Added typealias declaration support per Russell Coker's request.
* Added support for excluding types from type sets based on
a patch by David Caplan, but reimplemented as a change to the
policy grammar.
* Merged patch from Colin Walters to report source file name and line
number for errors when available.
* Un-deprecated role transitions.
-- Russell Coker <russell@coker.com.au> Mon, 23 Feb 2004 21:09:00 +1100
checkpolicy (1.4-2) unstable; urgency=low
* debian/control:
- Apply patch from ddtp to fix typo in description (Closes: #218528)
-- Colin Walters <walters@debian.org> Fri, 9 Jan 2004 06:00:52 +0000
checkpolicy (1.4-1) unstable; urgency=low
* New upstream release.
* debian/patches/lineno.patch:
- Add patch from CVS to display source line numbers on error.
-- Colin Walters <walters@debian.org> Fri, 9 Jan 2004 05:30:22 +0000
2003
checkpolicy (1.1-1) unstable; urgency=low
* New upstream release.
-- Colin Walters <walters@debian.org> Thu, 21 Aug 2003 23:55:39 -0400
checkpolicy (1.0-2) unstable; urgency=low
* debian/control:
- Add Build-Depends on bison, flex (Closes: #205831)
-- Colin Walters <walters@debian.org> Tue, 5 Aug 2003 18:37:17 -0400
checkpolicy (1.0-1) unstable; urgency=low
* Initial version.
-- Colin Walters <walters@debian.org> Tue, 5 Aug 2003 01:35:18 -0400