AppArmor update proposal
Rodrigo Figueiredo Zaiden
rodrigo.zaiden at canonical.com
Thu Sep 5 17:15:32 UTC 2024
On 04/09/2024 19:32, Michael Hudson-Doyle wrote:
>
>
> On Thu, 5 Sept 2024 at 03:31, Rodrigo Figueiredo Zaiden
> <rodrigo.zaiden at canonical.com <mailto:rodrigo.zaiden at canonical.com>> wrote:
>
> Hi,
>
> The Ubuntu Security team has a proposed update for the AppArmor
> userspace utilities in focal and jammy ready to move forward that we
> would like the help of the SRU or archive admin teams.
>
> The updates are in the proposed pocket as of now [1][2], but given the
> sensitivity of the issue [3], we would like to propose it to be rolled
> out to the updates pocket in stages.
>
>
> This is the default way updates are released: https://canonical-sru-
> docs.readthedocs-hosted.com/en/latest/explanation/standard-processes/
> #phasing <https://canonical-sru-docs.readthedocs-hosted.com/en/latest/
> explanation/standard-processes/#phasing> -- are you asking for this to
> happen in a more gradual way for these packages?
>
The default phasing is good enough.
No need to happen in a more gradual way.
Thanks,
Rodrigo
> Cheers,
> mwh
>
> We would like the new version
> (currently in proposed) promoted to the updates pocket by the SRU team.
>
> Additionally, we performed a no-change rebuild of the prior version in
> the updates pocket for both releases into the corresponding security
> pocket [4][5] to ensure that it is possible for users to relatively easily
> rollback to the prior version without regressing the prior fixes that
> had landed in those releases.
>
> We have already communicated the update through the bug itself [3]
> and also via a discourse post [6], and we have had a few comments (in
> the bug) that no issues were found in addition to our own testing,
> which is making us confident to move forward with the update using
> a safe strategy.
>
> Is that something we can have help with?
>
> [1] https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.4
> <https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.4>
> [2] https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.4
> <https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.4>
> [3] https://bugs.launchpad.net/apparmor/+bug/1597017 <https://
> bugs.launchpad.net/apparmor/+bug/1597017>
> [4] https://launchpad.net/ubuntu/+source/
> apparmor/3.0.4-2ubuntu2.3build2 <https://launchpad.net/ubuntu/+source/
> apparmor/3.0.4-2ubuntu2.3build2>
> [5] https://launchpad.net/ubuntu/+source/
> apparmor/2.13.3-7ubuntu5.3build2 <https://launchpad.net/ubuntu/+source/
> apparmor/2.13.3-7ubuntu5.3build2>
> [6]
> https://discourse.ubuntu.com/t/upcoming-apparmor-security-update-for-
> cve-2016-1585/44268 <https://discourse.ubuntu.com/t/upcoming-apparmor-
> security-update-for-cve-2016-1585/44268>
>
> Thanks!
> Rodrigo
>
>
>
> --
> Ubuntu-release mailing list
> Ubuntu-release at lists.ubuntu.com <mailto:Ubuntu-release at lists.ubuntu.com>
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/
> listinfo/ubuntu-release <https://lists.ubuntu.com/mailman/listinfo/
> ubuntu-release>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-release/attachments/20240905/140e2a4c/attachment.sig>
More information about the Ubuntu-release
mailing list