UbuntuUpdates.org

Package "apparmor"

Name: apparmor

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • AppArmor notification system
  • AppArmor debhelper routines
Latest version: 3.0.4-2ubuntu2.4
Release: jammy (22.04)
Level: proposed
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "apparmor" in Jammy

Repository Area Version
base main 3.0.4-2ubuntu2
base universe 3.0.4-2ubuntu2
updates universe 3.0.4-2ubuntu2.3
updates main 3.0.4-2ubuntu2.3
proposed main 3.0.4-2ubuntu2.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.0.4-2ubuntu2.4 2024-04-10 01:06:51 UTC

  apparmor (3.0.4-2ubuntu2.4) jammy-security; urgency=medium

  * SECURITY UPDATE: Excessive permissions with mount rules (LP: #1597017)
    - d/p/CVE-2016-1585/Merge-Fix-mount-rules-encoding.patch: fix mount
      rules encoding in parser/mount.cc, parser/mount.h, parser/parser.h
      and fix multiple test cases in parser/tst/simple_tests/mount/*.
    - d/p/CVE-2016-1585/Support-rule-qualifiers-in-regression-tests.patch:
      update rule qualifiers in regression tests in
      tests/regression/apparmor/mkprofile.pl and
      tests/regression/apparmor/capabilities.sh.
    - d/p/CVE-2016-1585/Merge-expand-mount-tests.patch: expand mount
      regression tests in tests/regression/apparmor/mount.c,
      tests/regression/apparmor/mount.sh and
      tests/regression/apparmor/mkprofile.pl.
    - d/p/CVE-2016-1585/Check-for-newer-mount-options-in-regression-test.patch:
      add check for newer mount options in regression tests in
      tests/regression/apparmor/Makefile, tests/regression/apparmor/mount.c
      and tests/regression/apparmor/mount.sh.
    - d/p/CVE-2016-1585/Merge-Issue-312-added-missing-kernel-mount-options.patch:
      add missing kernel mount options flag in parser/apparmor.d.pod,
      parser/mount.cc, parser/mount.h, tests/regression/apparmor/mount.sh
      and parser/tst/simple_tests/mount/*.
    - d/p/CVE-2016-1585/Merge-extend-test-profiles-for-mount.patch: update
      test profiles in parser/tst/simple_tests/mount/*.
    - d/p/CVE-2016-1585/Merge-parser-fix-parsing-of-source-as-mount-point-fo.patch:
      update gen_policy_change_mount_type() in parser/mount.cc and also
      updated tests on parser/tst/simple_tests/mount/* and
      tests/regression/apparmor/mount.sh.
    - d/p/CVE-2016-1585/parser-Deprecation-warning-should-not-have-been-back.patch:
      remove deprecation warning message in parser/mount.cc.
    - d/p/CVE-2016-1585/parser-fix-rule-flag-generation-change_mount-type-ru.patch:
      add device checks in gen_flag_rules() in parser/mount.cc and tests
      in parser/tst/simple_tests/mount/*, parser/tst/equality.sh,
      tests/regression/apparmor/mount.sh and
      utils/test/test-parser-simple-tests.py.
    - CVE-2016-1585

 -- Rodrigo Figueiredo Zaiden <email address hidden> Tue, 06 Mar 2024 15:35:00 -0300
1597017 mount rules grant excessive permissions
CVE-2016-1585 In all versions of AppArmor mount rules are accidentally widened when compiled.

Version: *DELETED* 2023-11-23 16:07:05 UTC
No changelog for deleted or moved packages.

Version: 3.0.4-2ubuntu2.3 2023-06-16 23:06:54 UTC

  apparmor (3.0.4-2ubuntu2.3) jammy; urgency=medium

  * Add support for applications like evince opening browsers
    distributed as snaps (LP: #1794064)
    - d/p/u/add-snap-browsers-profile-lp1794064.patch: add
      a snap-browsers abstraction profile to let applications like
      evince spawn browsers distributed as snaps
    - d/p/u/update-snap-browsers-permissions-lp1794064.patch: update
      snap-browsers abstraction with missing permissions

 -- Georgia Garcia <email address hidden> Mon, 05 Jun 2023 15:58:43 -0300
1794064 Clicking a hyperlink in a PDF fails to open it if the default browser is a snap

Version: *DELETED* 2023-03-14 07:06:56 UTC
No changelog for deleted or moved packages.

Version: 3.0.4-2ubuntu2.2 2022-12-06 12:06:26 UTC

  apparmor (3.0.4-2ubuntu2.2) jammy; urgency=medium

  * Add mqueue patches. LP: #1993353
    - u/mqueue1-parser-add-parser-support-for-message-queue-mediatio.patch:
    add parser support for mqueue mediation
    - u/mqueue2-tests-add-posix-message-queue-regression-tests.patch: add
    posix mqueue regression tests
    - u/mqueue3-utils-add-message-queue-rules-parsing-in-python-tool.patch:
    add support in python tools to parse mqueue rules
    - u/mqueue4-parser-add-parser-simple-tests-for-mqueue-rules.patch: add
    parser simple tests for mqueue
    - u/mqueue5-parser-Add-a-set-of-debug-flags-that-can-be-passed-t.patch:
    add debug flags that can be passed to the kernel
    - u/mqueue6-parser-Set-the-DEBUG1-flag-on-profiles-that-use-mque.patch:
    set DEBUG1 on mqueue rules
    - u/mqueue7-parser-place-perm-on-name-as-well-as-name-label-comb.patch:
    add permissions on name and also on name + label
    - u/mqueue8-libapparmor-add-support-for-requested-and-denied-on-.patch:
    add parsing support for "denied" and "requested" from audit logs
    - u/mqueue9-libapparmor-add-support-for-class-in-logparsing.patch: add
    parsing support for "class" from audit logs
    - u/mqueue10-utils-add-logparser-support-for-mqueue.patch: add logparser
    support for mqueue rules
    - u/mqueue11-tests-add-sysv-message-queue-regression-tests.patch: add
    sysv mqueue regression tests
    - debian/rules: create mqueue testcase empty files for libapparmor tests.
  * Closes LP: #1994146

 -- Georgia Garcia <email address hidden> Wed, 19 Oct 2022 11:52:00 -0300
1993353 Add posix message queue IPC mediation
1994146 [SRU] apparmor - Focal, Jammy


About   -   Send Feedback to @ubuntu_updates