[ubuntu/saucy-proposed] apparmor 2.8.0-0ubuntu30 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Tue Oct 8 18:52:45 UTC 2013
apparmor (2.8.0-0ubuntu30) saucy; urgency=low
[ Tyler Hicks ]
* debian/patches/0059-dbus-rules-for-dbus-abstractions.patch: Add an
abstraction for the accessibility bus. It is currently very permissive,
like the dbus and dbus-session abstractions, and grants all permissions on
the accessibility bus. (LP: #1226141)
* debian/patches/0071-lp1226356.patch: Fix issues in parsing D-Bus and mount
rules. Both rule classes suffered from unexpected auditing behavior when
using the 'deny' and 'audit deny' rule modifiers. The 'deny' modifier
resulting in accesses being audited and the 'audit deny' modifier
resulting in accesses not being audited. (LP: #1226356)
* debian/patches/0072-lp1229393.patch: Fix cache location for .features
file, which was not being written to the proper location if the parameter
--cache-loc= is passed to apparmor_parser. This bug resulted in using the
.features file from /etc/apparmor.d/cache or always recompiling policy.
Patch thanks to John Johansen. (LP: #1229393)
* debian/patches/0073-lp1208988.patch: Update AppArmor file rules of UNIX
domain sockets to include read and write permissions. Both permissions are
required when a process connects to a UNIX domain socket. Also include new
tests for mediation of UNIX domain sockets. Thanks to Jamie Strandboge for
helping with the policy updates and testing. (LP: #1208988)
* debian/patches/0075-lp1211380.patch: Adjust the audio abstraction to only
grant access to specific pulseaudio files in the pulse runtime directory
to remove access to potentially dangerous files (LP: #1211380)
[ Jamie Strandboge ]
* debian/patches/0074-lp1228882.patch: typo in ubuntu-browsers.d/multimedia
(LP: #1228882)
* 0076_sanitized_helper_dbus_access.patch: allow applications run under
sanitized_helper to connect to DBus
Date: Fri, 04 Oct 2013 17:29:52 -0700
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/apparmor/2.8.0-0ubuntu30
-------------- next part --------------
Format: 1.8
Date: Fri, 04 Oct 2013 17:29:52 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor dh-apparmor apparmor-easyprof
Architecture: source
Version: 2.8.0-0ubuntu30
Distribution: saucy
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
python3-libapparmor - AppArmor library Python3 bindings
Launchpad-Bugs-Fixed: 1208988 1211380 1226141 1226356 1228882 1229393
Changes:
apparmor (2.8.0-0ubuntu30) saucy; urgency=low
.
[ Tyler Hicks ]
* debian/patches/0059-dbus-rules-for-dbus-abstractions.patch: Add an
abstraction for the accessibility bus. It is currently very permissive,
like the dbus and dbus-session abstractions, and grants all permissions on
the accessibility bus. (LP: #1226141)
* debian/patches/0071-lp1226356.patch: Fix issues in parsing D-Bus and mount
rules. Both rule classes suffered from unexpected auditing behavior when
using the 'deny' and 'audit deny' rule modifiers. The 'deny' modifier
resulting in accesses being audited and the 'audit deny' modifier
resulting in accesses not being audited. (LP: #1226356)
* debian/patches/0072-lp1229393.patch: Fix cache location for .features
file, which was not being written to the proper location if the parameter
--cache-loc= is passed to apparmor_parser. This bug resulted in using the
.features file from /etc/apparmor.d/cache or always recompiling policy.
Patch thanks to John Johansen. (LP: #1229393)
* debian/patches/0073-lp1208988.patch: Update AppArmor file rules of UNIX
domain sockets to include read and write permissions. Both permissions are
required when a process connects to a UNIX domain socket. Also include new
tests for mediation of UNIX domain sockets. Thanks to Jamie Strandboge for
helping with the policy updates and testing. (LP: #1208988)
* debian/patches/0075-lp1211380.patch: Adjust the audio abstraction to only
grant access to specific pulseaudio files in the pulse runtime directory
to remove access to potentially dangerous files (LP: #1211380)
.
[ Jamie Strandboge ]
* debian/patches/0074-lp1228882.patch: typo in ubuntu-browsers.d/multimedia
(LP: #1228882)
* 0076_sanitized_helper_dbus_access.patch: allow applications run under
sanitized_helper to connect to DBus
Checksums-Sha1:
44c8c6ade52c7d3d36d0c4c8d654efbd7ae36aa4 2835 apparmor_2.8.0-0ubuntu30.dsc
75ad7a2d4ed0d130ea9aff095ffe8b608aef6d73 169756 apparmor_2.8.0-0ubuntu30.debian.tar.gz
Checksums-Sha256:
2acdf8fd81bababdfbd72b1e74553eddfb9fd80c4050f65034aa07125d899a12 2835 apparmor_2.8.0-0ubuntu30.dsc
b26d7d6a5fd397b3cc58abd62682d3719685f49f6e3412c6b5694d8e54c057ec 169756 apparmor_2.8.0-0ubuntu30.debian.tar.gz
Files:
58294d7b49d7f6c177ceb6b2c90b091a 2835 admin extra apparmor_2.8.0-0ubuntu30.dsc
b5daa8aa85e9fad85e77561185356bd0 169756 admin extra apparmor_2.8.0-0ubuntu30.debian.tar.gz
Original-Maintainer: Kees Cook <kees at debian.org>
More information about the Saucy-changes
mailing list