Package "apparmor-profiles"
Name: |
apparmor-profiles
|
Description: |
Profiles for AppArmor Security policies
|
Latest version: |
2.7.102-0ubuntu3 |
Release: |
precise (12.04) |
Level: |
base |
Repository: |
main |
Head package: |
apparmor |
Homepage: |
http://apparmor.net/ |
Links
Download "apparmor-profiles"
Other versions of "apparmor-profiles" in Precise
Changelog
apparmor (2.7.102-0ubuntu3) precise; urgency=low
[ Jamie Strandboge ]
* debian/patches/0007-ubuntu-manpage-updates.patch: update apparmor(5)
to describe Ubuntu's two-stage policy load and how to add utilize it
when developing policy (LP: #974089)
[ Serge Hallyn ]
* debian/apparmor.init: do nothing in a container. This can be
removed once stacked profiles are supported and used by lxc.
(LP: #978297)
[ Steve Beattie ]
* debian/patches/0008-apparmor-lp963756.patch: Fix permission mapping
for change_profile onexec (LP: #963756)
* debian/patches/0009-apparmor-lp959560-part1.patch,
debian/patches/0010-apparmor-lp959560-part2.patch: Update the parser
to support the 'in' keyword for value lists, and make mount
operations aware of 'in' keyword so they can affect the flags build
list (LP: #959560)
* debian/patches/0011-apparmor-lp872446.patch: fix logprof missing
exec events in complain mode (LP: #872446)
* debian/patches/0012-apparmor-lp978584.patch: allow inet6 access in
dovecot imap-login profile (LP: #978584)
* debian/patches/0013-apparmor-lp800826.patch: fix libapparmor
log parsing library from dropping apparmor network events that
contain ip addresses or ports in them (LP: #800826)
* debian/patches/0014-apparmor-lp979095.patch: document new mount rule
syntax and usage in apparmor.d(5) manpage (LP: #979095)
* debian/patches/0015-apparmor-lp963756.patch: Fix change_onexec
for profiles without attachment specification (LP: #963756,
LP: #978038)
* debian/patches/0016-apparmor-lp968956.patch: Fix protocol error when
loading policy to kernels without compat patches (LP: #968956)
* debian/patches/0017-apparmor-lp979135.patch: Fix change_profile to
grant access to /proc/attr api (LP: #979135)
-- Steve Beattie Thu, 12 Apr 2012 06:17:42 -0500
|
Source diff to previous version |
974089 |
AppArmor two-stage policy load is undocumented |
978297 |
apparmor should quietly return success in a contain... |
963756 |
aa_change_onexec fails with permission denied |
959560 |
deny mount does not work correctly |
872446 |
aa-logprof drops exec denials |
978584 |
dovecot imap-login profile missing inet6 access |
800826 |
aa-notify doesn't display certain apparmor events |
979095 |
apparmor.d(5) manpage needs to document new mount r... |
978038 |
change to unconfined by name fails |
968956 |
/usr/lib/cups/b... |
979135 |
change_profile requires separate permission rule to... |
|
apparmor (2.7.102-0ubuntu2) precise; urgency=low
* debian/control: Make dh-apparmor Multi-Arch: foreign, so that it can
satisfy cross-build-dependencies.
-- Colin Watson Sat, 31 Mar 2012 02:28:05 +0100
|
Source diff to previous version |
apparmor (2.7.102-0ubuntu1) precise; urgency=low
* New upstream release. Fixes the following issues in support of LXC
AppArmor support for beta-2:
- Fix the return size of aa_getprocattr (LP: #962521)
- Fix mnt_flags passed for remount
- Fix dfa minimization around the nonmatching state
- Factor all the permissions dump code into a single perms method
* debian/apparmor-utils.install:
- AppArmor now installs apparmor.vim. Move it into place
- install aa-exec
* debian/apparmor-utils.manpages: install aa-exec man page
* debian/patches/0003-add-aa-easyprof.patch: refresh for Makefile changes
* debian/patches/0005-clean-common-from-vim.patch: clean up 'common'
symlink
* 0006-use-linux-capability-h.patch: Use linux/capability.h instead of
sys/capability.h
-- Jamie Strandboge Thu, 22 Mar 2012 15:39:56 -0500
|
Source diff to previous version |
962521 |
aa_getcon returns garbage on error path |
|
apparmor (2.7.101-0ubuntu1) precise; urgency=low
* New upstream release. Fixes: LP: #948147
* debian/lib/apparmor/functions: Update to support the feature directory so
that caching will work on kernels that support the feature dir. Patch
based on work from John Johansen. LP: #954469
-- Jamie Strandboge Thu, 15 Mar 2012 15:57:02 -0500
|
Source diff to previous version |
948147 |
AppArmor profiles attach to chrooted processes rela... |
954469 |
apparmor changes caused boot speed regression |
|
apparmor (2.7.100-0ubuntu1) precise; urgency=low
* New upstream bug fix release which fixes (in addition to other bugs):
- LP: #940362
- LP: #947617
- LP: #949891
* Drop the following patches, included upstream:
- 0004-lp918879.patch
- 0007-lp941506.patch
- 0008-lp941503.patch
- 0009-lp943161.patch
* Drop the following patch, no longer required:
- 0005-disable-minimization.patch
* Rename 0006-lp941808.patch 0004-lp941808.patch
* debian/patches/0001-add-chromium-browser.patch: update for additional
denials with newer chromium-browser. (LP: #937723)
* debian/put-all-profiles-in-complain-mode.sh: deal with existing flags
-- Jamie Strandboge Fri, 09 Mar 2012 06:56:48 -0600
|
About
-
Send Feedback to @ubuntu_updates