- cil: Create new keep field for type attribute sets
- build: follow standard semantics for DESTDIR and PREFIX
- cil: show an error when cil_expr_to_string() fails
- reset pointer after free in cil_strpool_destroy()
- cil: Add ability to redeclare types[attributes]
- cil: Keep attributes used by generated attributes in neverallow
ules
- use IN6ADDR_ANY_INIT to initialize IPv6 addresses
- fix memory leak in sepol_bool_query()
- cil: drop wrong unused attribute
- cil: fix -Wwrite-strings warning
- cil: __cil_post_db_neverallow_attr_helper() does not use extra_args
- Fix neverallow bug when checking conditional policy
- Destroy the expanded level when mls_semantic_level_expand() fails
- Do not seg fault on sepol_*_key_free(NULL)
- Check for too many permissions in classes and commons in CIL
- Fix xperm mapping between avrule and avtab
- tests: Fix mispelling of optimization option
- Fix unused/uninitialized variables on mac build
- Produce more meaningful error messages for conflicting type rules in CIL
- make "make test" fail when a CUnit test fails
- tests: fix g_b_role_2 test
- Change which attributes CIL keeps in the binary policy
- Port str_read() from kernel and remove multiple occurances of similar code
- Use calloc instead of malloc for all the *_to_val_structs
- Fix bugs found by AFL
- Fix memory leak in expand.c
- Fix invalid read when policy file is corrupt
- Fix possible use of uninitialized variables
- Correctly detect unknown classes in sepol_string_to_security_class
- Sort object files for deterministic linking order
- Fix neverallowxperm checking on attributes
- Remove libsepol.map when cleaning
- Add high-level language line marking support to CIL
Petr Lautrbach