Package "apparmor-profiles"

  apparmor (4.0.1really4.0.1-0ubuntu0.24.04.3) noble; urgency=medium

  * Revert to version 4.0.1-0ubuntu0.24.04.2 except for the patch
    that enables the bwrap-userns-restrict profile (LP: #2072811).
  * New upstream release.
    (LP: #2064672, LP: #2046844, LP: #2060100, LP: #2056297)
  * Drop patches which have now been applied upstream
    - d/p/u/parser-fix-issues-appointed-by-coverity.patch
    - d/p/u/profiles-add-unconfined-profile-for-tuxedo-control-c.patch
    - d/p/u/parser-support-uin128_t-key-as-a-pair-of-uint64_t-nu.patch
    - d/p/u/Minor-improvements-for-MountRule.patch
  * Add patch to add balena-etcher profile (LP: #2046844)
    - d/p/u/profiles-add-unconfined-balena-etcher-profile.patch
  * Add upstream patch to relax mount rules to fix use of virtiofs and
    other file-system types
    - d/p/u/mountrule-relaxing-constraints-on-fstype.patch
  * Refresh
    - d/p/u/samba-systemd-interaction.patch
    - d/p/u/parser-add-support-for-prompting.patch
      - Add condition in policydb serialization to only encode xtable if
      kernel_supports_permstable32
  * Fix d/p/u/userns-runtime-disable.patch to work when
    kernel.apparmor_restrict_unprivileged_userns does not exist by adding
    -e to sysctl.
  * d/apparmor-profiles.install
    - install new profile
      - unshare-userns-restrict
      - bwrap-userns-restrict
  * d/apparmor.install
    - install new profiles
      - wike - changed installation from apparmor to apparmor.d
      - foliate
      - balena-etcher
      - transmission
  * d/control: Remove obsolete lsb-base Depends and swap pkg-config to
    pkgconf for Build-Depends

 -- Georgia Garcia <email address hidden> Thu, 18 Jul 2024 15:28:46 -0300

  apparmor (4.0.1really4.0.0-beta3-0ubuntu0.1) noble; urgency=medium

  * Due to regression, revert changes in previous update back to a
    source tree equivalent to 4.0.0-beta3-0ubuntu3 (LP: #2072811).
  * This drops /etc/apparmor.d/bwrap-userns-restrict, allowing various
    Flatpak apps to save files again.
  * d/apparmor.maintscript: rm_conffile on the following in
    /etc/apparmor.d/ to properly revert conffiles introduced in the
    update being reverted:
    - abstractions/transmission-common
    - balena-etcher
    - bwrap-userns-restrict
    - foliate
    - transmission
    - wike

 -- Robie Basak <email address hidden> Sun, 14 Jul 2024 22:25:31 +0000

  apparmor (4.0.1-0ubuntu0.24.04.2) noble; urgency=medium

  [Georgia Garcia]
  * New upstream release. (LP: #2064672)
  * Refresh
    - d/p/u/parser-add-support-for-prompting.patch
      - Add condition in policydb serialization to only encode xtable if
      kernel_supports_permstable32
  * Add patch to add balena-etcher profile (LP: #2046844)
    - d/p/u/profiles-add-unconfined-balena-etcher-profile.patch
  * Fix d/p/u/userns-runtime-disable.patch to work when
    kernel.apparmor_restrict_unprivileged_userns does not exist by adding
    -e to sysctl.
  * d/apparmor.install
    - install new profiles
      - wike - changed installation from apparmor to apparmor.d
      - foliate
      - balena-etcher
      - transmission

  [Alex Murray]
  * Add upstream patch to relax mount rules to fix use of virtiofs and
    other file-system types
    - d/p/u/mountrule-relaxing-constraints-on-fstype.patch
  * Remove patches which got dropped from quilt series earlier
    - d/p/u/parser-support-uin128_t-key-as-a-pair-of-uint64_t-nu.patch
    - d/p/u/Minor-improvements-for-MountRule.patch
  * d/control: Remove obsolete lsb-base Depends and swap pkg-config to
    pkgconf for Build-Depends