AppArmor update proposal
Rodrigo Figueiredo Zaiden
rodrigo.zaiden at canonical.com
Wed Sep 4 10:57:06 UTC 2024
Hi,
The Ubuntu Security team has a proposed update for the AppArmor
userspace utilities in focal and jammy ready to move forward that we
would like the help of the SRU or archive admin teams.
The updates are in the proposed pocket as of now [1][2], but given the
sensitivity of the issue [3], we would like to propose it to be rolled
out to the updates pocket in stages. We would like the new version
(currently in proposed) promoted to the updates pocket by the SRU team.
Additionally, we performed a no-change rebuild of the prior version in
the updates pocket for both releases into the corresponding security
pocket [4][5] to ensure that it is possible for users to relatively easily
rollback to the prior version without regressing the prior fixes that
had landed in those releases.
We have already communicated the update through the bug itself [3]
and also via a discourse post [6], and we have had a few comments (in
the bug) that no issues were found in addition to our own testing,
which is making us confident to move forward with the update using
a safe strategy.
Is that something we can have help with?
[1] https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.4
[2] https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.4
[3] https://bugs.launchpad.net/apparmor/+bug/1597017
[4] https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.3build2
[5] https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.3build2
[6]
https://discourse.ubuntu.com/t/upcoming-apparmor-security-update-for-cve-2016-1585/44268
Thanks!
Rodrigo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-release/attachments/20240904/a1b259e3/attachment.sig>
More information about the Ubuntu-release
mailing list