<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 5 Sept 2024 at 03:31, Rodrigo Figueiredo Zaiden <<a href="mailto:rodrigo.zaiden@canonical.com">rodrigo.zaiden@canonical.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi,<br>
<br>
The Ubuntu Security team has a proposed update for the AppArmor<br>
userspace utilities in focal and jammy ready to move forward that we<br>
would like the help of the SRU or archive admin teams.<br>
<br>
The updates are in the proposed pocket as of now [1][2], but given the<br>
sensitivity of the issue [3], we would like to propose it to be rolled<br>
out to the updates pocket in stages. </blockquote><div><br></div><div>This is the default way updates are released: <a href="https://canonical-sru-docs.readthedocs-hosted.com/en/latest/explanation/standard-processes/#phasing">https://canonical-sru-docs.readthedocs-hosted.com/en/latest/explanation/standard-processes/#phasing</a> -- are you asking for this to happen in a more gradual way for these packages?</div><div><br></div><div>Cheers,</div><div>mwh</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">We would like the new version<br>
(currently in proposed) promoted to the updates pocket by the SRU team.<br>
<br>
Additionally, we performed a no-change rebuild of the prior version in<br>
the updates pocket for both releases into the corresponding security<br>
pocket [4][5] to ensure that it is possible for users to relatively easily<br>
rollback to the prior version without regressing the prior fixes that<br>
had landed in those releases.<br>
<br>
We have already communicated the update through the bug itself [3]<br>
and also via a discourse post [6], and we have had a few comments (in<br>
the bug) that no issues were found in addition to our own testing,<br>
which is making us confident to move forward with the update using<br>
a safe strategy.<br>
<br>
Is that something we can have help with?<br>
<br>
[1] <a href="https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.4" rel="noreferrer" target="_blank">https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.4</a><br>
[2] <a href="https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.4" rel="noreferrer" target="_blank">https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.4</a><br>
[3] <a href="https://bugs.launchpad.net/apparmor/+bug/1597017" rel="noreferrer" target="_blank">https://bugs.launchpad.net/apparmor/+bug/1597017</a><br>
[4] <a href="https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.3build2" rel="noreferrer" target="_blank">https://launchpad.net/ubuntu/+source/apparmor/3.0.4-2ubuntu2.3build2</a><br>
[5] <a href="https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.3build2" rel="noreferrer" target="_blank">https://launchpad.net/ubuntu/+source/apparmor/2.13.3-7ubuntu5.3build2</a><br>
[6] <br>
<a href="https://discourse.ubuntu.com/t/upcoming-apparmor-security-update-for-cve-2016-1585/44268" rel="noreferrer" target="_blank">https://discourse.ubuntu.com/t/upcoming-apparmor-security-update-for-cve-2016-1585/44268</a><br>
<br>
Thanks!<br>
Rodrigo<br>
<br>
<br>
<br>
-- <br>
Ubuntu-release mailing list<br>
<a href="mailto:Ubuntu-release@lists.ubuntu.com" target="_blank">Ubuntu-release@lists.ubuntu.com</a><br>
Modify settings or unsubscribe at: <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-release" rel="noreferrer" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-release</a><br>
</blockquote></div></div>