UbuntuUpdates.org

Package "apparmor"

Name: apparmor

Description:

user-space parser utility for AppArmor

Latest version: 2.13.3-7ubuntu5.3build2
Release: focal (20.04)
Level: updates
Repository: main
Homepage: http://apparmor.net/

Links


Download "apparmor"


Other versions of "apparmor" in Focal

Repository Area Version
base main 2.13.3-7ubuntu5
base universe 2.13.3-7ubuntu5
security main 2.13.3-7ubuntu5.3build2
security universe 2.13.3-7ubuntu5.3build2
updates universe 2.13.3-7ubuntu5.3build2
proposed main 2.13.3-7ubuntu5.4
proposed universe 2.13.3-7ubuntu5.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.13.3-7ubuntu5.3build2 2024-09-04 05:06:56 UTC

  apparmor (2.13.3-7ubuntu5.3build2) focal-security; urgency=medium

  * No-change re-build upload for the focal-security pocket as part
    of the preparation for addressing CVE-2016-1585 (LP: #1597017)

 -- Steve Beattie <email address hidden> Tue, 27 Aug 2024 14:51:30 -0700

Source diff to previous version
1597017 mount rules grant excessive permissions
CVE-2016-1585 In all versions of AppArmor mount rules are accidentally widened when compiled.

Version: 2.13.3-7ubuntu5.3 2023-11-30 03:06:57 UTC

  apparmor (2.13.3-7ubuntu5.3) focal; urgency=medium

  * apparmor.preinst: recursively remove cache directories during a
    upgrade. (LP: #2032851)

 -- Georgia Garcia <email address hidden> Tue, 10 Oct 2023 09:20:12 -0300

Source diff to previous version
2032851 package apparmor 2.12-4ubuntu5.3 failed to install/upgrade: new apparmor package pre-installation script subprocess returned error exit status 1

Version: 2.13.3-7ubuntu5.2 2023-03-29 02:06:51 UTC

  apparmor (2.13.3-7ubuntu5.2) focal; urgency=medium

  * Add capability upstream patches to fix LP: #1964636
    - u/cap1-Generate-CAPABILITIES-in-a-script-due-to-make-4.3.patch: move
    code that generates a list of capabilities to a script in common/
    - u/cap2-parser-Move-to-a-pre-generated-cap_names.h.patch: use a
    pre-generated list of capabilities so that all capabilities are
    supported even when building against older kernels.
    - u/cap3-parser-cleanup-capability_table-generation-by-droppi.patch: drop
    sys_log static declaration because it's already in the generated list.
    - u/cap4-parser-unify-capability-name-handling.patch: drop internal
    hardcoded capability table.
    - u/cap5-parser-Makefile-use-LC_ALL-C-when-invoking-sed.patch: use
    LC_ALL=C when invoking sed.
    - u/cap6-parser-Add-warning-to-capability_table-about-the-nee.patch: add
    warning to capability_table about the need to update the Makefile.
    - u/cap7-Add-CAP_BPF-and-CAP_PERFMON-to-severity.db.patch: add
    support for cap_bpf and cap_perfmon
    - u/cap8-parser-Makefile-fix-generated-cap-comparison-against.patch: fix
    generated cap comparison against known list
  * Add upstream patches for abi support. LP: #1728130
    - u/abi1-parser-feature-abi-setup-parser-to-intersect-policy-.patch: add
    the ability to intersect parser and kernel features in the parser.
    - u/abi2-parser-add-basic-support-for-feature-abis.patch: add support
    to specify a feature abi.
    - u/abi3-pin-abi-2.13.patch: add and pin a policy abi for 2.13
    - u/abi4-parser-fix-abi-rule-and-pinned-feature-file-interact.patch: fix
    abi rule and pinned feature file interaction
    - apparmor.install: add 2.13 abi file to be installed in /etc/apparmor.d/abi/
  * Add mqueue patches. LP: #1993353
    - u/mqueue1-parser-add-parser-support-for-message-queue-mediatio.patch:
    add parser support for mqueue mediation
    - u/mqueue2-tests-add-posix-message-queue-regression-tests.patch: add
    posix mqueue regression tests
    - u/mqueue3-utils-add-message-queue-rules-parsing-in-python-tool.patch:
    add support in python tools to parse mqueue rules
    - u/mqueue4-parser-add-parser-simple-tests-for-mqueue-rules.patch: add
    parser simple tests for mqueue
    - u/mqueue5-parser-place-perm-on-name-as-well-as-name-label-comb.patch:
    add permissions on name and also on name + label
    - u/mqueue6-libapparmor-add-support-for-requested-and-denied-on-.patch:
    add parsing support for "denied" and "requested" from audit logs
    - u/mqueue7-libapparmor-add-support-for-class-in-logparsing.patch: add
    parsing support for "class" from audit logs
    - u/mqueue8-utils-add-logparser-support-for-mqueue.patch: add logparser
    support for mqueue rules
    - u/mqueue9-tests-add-sysv-message-queue-regression-tests.patch: add
    sysv mqueue regression tests
    - u/mqueue10-parser-enable-mqueue-rules-when-abi-is-not-set.patch:
    override pinned features for mqueue rules when abi is not set in policy.
    - debian/rules: create mqueue testcase empty files for libapparmor tests.
  * Closes LP: #1994146

 -- Georgia Garcia <email address hidden> Mon, 10 Oct 2022 17:52:45 -0300

Source diff to previous version
1964636 Incorrect handling of apparmor `bpf` capability
1728130 Policy needs improved feature versioning to ensure it is correctly being applied
1993353 Add posix message queue IPC mediation
1994146 [SRU] apparmor - Focal, Jammy

Version: 2.13.3-7ubuntu5.1 2020-06-03 02:07:07 UTC

  apparmor (2.13.3-7ubuntu5.1) focal-proposed; urgency=medium

  * upstream-lp1872564.patch: adjust nameservice abstraction for nss-systemd
    - LP: #1872564

 -- Jamie Strandboge <email address hidden> Tue, 19 May 2020 16:59:49 +0000

1872564 /proc/sys/kernel/random/boot_id rule missing from abstractions/nameservice



About   -   Send Feedback to @ubuntu_updates