UbuntuUpdates.org

Package "apparmor"

Name: apparmor

Description:

user-space parser utility for AppArmor
Latest version: 4.1.0~beta5-0ubuntu14.1
Release: plucky (25.04)
Level: proposed
Repository: main
Homepage: https://apparmor.net/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "apparmor"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "apparmor" in Plucky

Repository Area Version
base main 4.1.0~beta5-0ubuntu14
base universe 4.1.0~beta5-0ubuntu14
proposed universe 4.1.0~beta5-0ubuntu14.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.1.0~beta5-0ubuntu14.1 2025-09-02 02:23:24 UTC

  apparmor (4.1.0~beta5-0ubuntu14.1) plucky; urgency=medium

  * This is an SRU from Questing to Plucky, tracked in LP: #2110236
  * Add patch to allow unprivileged_userns access to root dir
    (LP: #2110616):
    - d/p/u/unprivileged_userns_rootdir.patch
  * Add patch to fix lsblk accesses on IBM System Z systems (LP: #2107402)
    and execution from a confined context (LP: #2107455):
    - d/p/u/lsblk-s390-fixes.patch
  * Add patch to fix execution of various commands from confined contexts
    (LP: #2110628):
    - d/p/u/profiles_ensure_access_to_attach_path.patch
  * Add patch to include new QtWebEngineProcess execution path in
    plasmashell profile (LP: #2107723):
    - d/p/u/plasmashell-QtWebEngineProcess-new-path.patch
  * Add patch to allow /cvmfs fusermounts (LP: #2110624):
    - d/p/u/fusermount3_cvmfs.patch
  * Add patch to grant OpenVPN DNS accesses (LP: #2107596, LP: #2109029):
    - d/p/u/openvpn_dnsfix.patch
  * Add patch to expand allowed fusermount3 flags for fuse_overlayfs and
    sshfs via fstab (LP: #2110626, LP: #2111807):
    - d/p/u/fusermount3_allow_more_flags.patch
  * Add patch to fix permission denials for iotop-c (LP: #2107727):
    - d/p/u/profiles-give-iotop-c-additional-accesses.patch
  * Add patch to fix parser handling of norelatime mount flag
    (LP: #2110688):
    - d/p/u/parser-fix-handling-of-norelatime-mount-rule-flag.patch
  * Add patch to fix incorrect mount rule documentation in the apparmor.d
    man page (LP: #2110630):
    - d/p/u/fix-incorrect-mount-flag-apparmor.d-docs.patch
  * Add patch to add regression tests for the above two patches:
    - d/p/u/regression-verify-documented-mount-flag-behavior.patch
  * d/p/u/remmina_mr_1348.patch, d/p/u/remmina-dbus-describeall.patch:
    move the remmina profile to profiles/apparmor/profiles/extras to
    disable it by default (LP: #2102033)
  * debian/apparmor.install: remove the remmina profile entry
  * debian/apparmor-profiles.install: add an entry for the remmina profile
  * debian/apparmor.maintscript: remove the remmina profile upon upgrade

 -- Ryan Lee <email address hidden> Wed, 27 May 2025 11:29:02 -0700
2110236 [SRU] fixes for AppArmor in Plucky
2110616 apparmor unprivileged_userns profile missing access to /
2107402 lsblk on IBM z Systems blocked by apparmor in 25.04
2107455 segfault of lsblk s390x in containers due to apparmor
2110628 apparmor profiles need mr permissions on their own binaries for execution from a confined context
2107723 Using KDE Plasma widget \
2110624 apparmor fusermount3 profile blocks mounts to /cvmfs/ subdirectories
2107596 Apparmor is missing rule for openvpn to set DNS domain
2109029 AppArmor OpenVPN profile blocks mDNS lookups
2110626 apparmor fusermount3 profile disallows noatime flag, breaking fuse-overlayfs
2111807 Plucky broke fstab sshfs mounts, which depend on fusermount
2107727 iotop-c: Call of nl_init fails due to insufficient rights
2110688 apparmor parser incorrectly treats norelatime mount flag as a no-op
2110630 apparmor.d man page contains incorrect information about mount flag combinations
2102033 remmina blocked by apparmor in Plucky


About   -   Send Feedback to @ubuntu_updates