UbuntuUpdates.org

Package "apparmor-utils"

Name: apparmor-utils

Description:

utilities for controlling AppArmor

Latest version: 2.10.95-0ubuntu2.6~14.04.4
Release: trusty (14.04)
Level: security
Repository: main
Head package: apparmor
Homepage: http://apparmor.net/

Links


Download "apparmor-utils"


Other versions of "apparmor-utils" in Trusty

Repository Area Version
base main 2.8.95~2430-0ubuntu5
updates main 2.10.95-0ubuntu2.6~14.04.4

Changelog

Version: 2.10.95-0ubuntu2.6~14.04.4 2018-10-04 20:06:55 UTC

  apparmor (2.10.95-0ubuntu2.6~14.04.4) trusty-security; urgency=medium

  * {,14.04-}lp1788929+1794848.patch:
    - disallow writes to thumbnailer dir (LP: #1788929)
    - disallow access to the dirs of private files (LP: #1794848)

 -- Jamie Strandboge <email address hidden> Thu, 27 Sep 2018 18:38:50 +0000

Source diff to previous version
1794848 private-files-strict and user-files abstractions should also limit access to directories

Version: 2.10.95-0ubuntu2.6~14.04.1 2017-03-28 16:06:52 UTC

  apparmor (2.10.95-0ubuntu2.6~14.04.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Merge from xenial-security to get fix for CVE-2017-6507
  * debian/apparmor.postrm: Ensure that a purge of the apparmor package does
    not fail if the /var/lib/apparmor/profiles or /var/lib/apparmor
    directories do not exist. This purge operation should be considered
    successful in that situation. (LP: #1661406)

 -- Tyler Hicks <email address hidden> Thu, 16 Mar 2017 01:20:13 +0000

Source diff to previous version
1661406 apparmor failing to be purged when /var/lib/apparmor/profiles or /var/lib/apparmor doesn't exist
CVE-2017-6507 An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or syste

Version: 2.8.95~2430-0ubuntu5.1 2014-11-20 21:06:53 UTC

  apparmor (2.8.95~2430-0ubuntu5.1) trusty-security; urgency=medium

  * SECURITY UPDATE: An AppArmor profile compilation bug may result in
    applications being confined in a way that is inconsistent with the profile
    author's intent. The compilation bug is specific to certain combinations
    of AppArmor rule types and conditionals of those rule types.
    (LP: #1390592)
    - debian/patches/fix-esc-seq-interp.patch: Fix the profile compilation bug
      by limiting the number of bytes that are consumed when interpreting
      hexadecimal, octal, and decimal escape sequences
    - debian/patches/tests-allow-arbitrary-profile-names.patch,
      debian/patches/tests-add-ptrace-tests-for-lp1390592.patch: Add
      regression tests for the profile compilation bug
    - CVE-2014-1424
 -- Tyler Hicks <email address hidden> Fri, 14 Nov 2014 13:46:22 -0600

1390592 'ptrace peer=@{profile_name}' does not work on 14.04 (at least) with docker
CVE-2014-1424 RESERVED



About   -   Send Feedback to @ubuntu_updates