[ubuntu/zesty-proposed] apparmor 2.11.0-2ubuntu1 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Thu Feb 9 08:27:15 UTC 2017
apparmor (2.11.0-2ubuntu1) zesty; urgency=medium
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/apparmor.init: Call handle_system_policy_package_updates as we
need it for Click, snappy, and system-images. Note that this prevents
using a remote /var.
- debian/patches/series: Apply
profiles-grant-access-to-systemd-resolved.patch
- debian/patches/series: Apply add-chromium-browser.patch
- debian/apparmor-profiles.install, debian/apparmor-profiles.postinst:
Install chromium-browser profile and abstraction
* Drop the following change:
- debian/rules: Create a new empty file, needed for the test added by this
patch, since quilt is unable to do so.
+ This is no longer required since the empty file is now distributed as
part of the upstream tar.
* debian/patches/r3615-profiles-sshd-drop-local-include.patch: Drop the
local includes in the sshd profile since it causes a parser error due to
the missing includes file
* debian/patches/utils-fix-failing-tests-in-aa-py.patch: Adjust expected
output to account for the base abstraction changes to accommodate the /usr
merge
* debian/patches/utils-allow-unordered-dbus-attribs.patch: Don't
unnecessarily enforce attribute ordering in D-Bus rules (LP: #1628286)
apparmor (2.11.0-2) unstable; urgency=medium
* Drop the apparmor-docs package (Closes: #851118).
apparmor (2.11.0-1) unstable; urgency=medium
* Import upstream 2.11.0 release (Closes: #809649).
* Don't try to install non-existing file
to /etc/apparmor.d/abstractions/ubuntu-browsers.d/chromium-browser.
* Drop all backported patches, that are now obsolete.
* Drop aa-utils_are_bilingual.patch, that is obsolete since upstream
switched to Python 3.
* Refresh all remaining quilt patches.
* debian/apparmor.manpages: follow upstream wrt. moving the manpages
for aa-enabled and aa-exec to section 1.
* Reintroduce building parser/techdoc.pdf from source while building
the binary package.
* Build PDFs from documentation/*, and include them in the apparmor-docs
package. Accordingly add build-dependency on libreoffice-writer and unoconv.
* README.source: document how to import a new upstream release from
the tarball.
apparmor (2.10.95-8) unstable; urgency=medium
* Stop applying add-chromium-browser.patch: it's been broken for years
on Debian, and nobody ever bothered to upstream this profile in a way
that makes it work cross-distro (Closes: #742829).
* r3441-sshd-blacklist.patch: new patch, cherry-picked from upstream
(Closes: #821881).
* r3497-add-ld.so.preload-to-abstractions-base.patch: new patch,
cherry-picked from upstream.
* r3600-usrmerge.patch: new patch, cherry-picked from upstream
(resolves the parts of #843461 that can be handled in this package).
apparmor (2.10.95-7) unstable; urgency=medium
* r3582-build-with-recent-swig.patch: new patch, cherry-picked
from upstream (Closes: #844929).
* r3588-update-gnome-abstraction-with-versioned-gtk-paths.patch:
new patch, cherry-picked from upstream (Closes: #845005).
* r3590-add-more-wayland-paths.patch: new patch, cherry-picked from upstream.
* r3591-yet-another-location-for-Xauthority.patch: new patch, cherry-picked
from upstream (Closes: #845250).
* Merge from Ubuntu citrain up to revision 1604.
* Disable profiles-grant-access-to-systemd-resolved.patch: it's dangerous
without fine-grained AppArmor mediation of D-Bus traffic.
apparmor (2.10.95-6) unstable; urgency=medium
* New patches, cherry-picked from upstream:
- debian/patches/r3577-gnome-abstraction-gtk3-config.patch:
gnome abstraction: grant read access to ~/.config/gtk-3.0/*.
- debian/patches/r3578-dnsmasq-libvirt_leaseshelper.patch:
dnsmasq: allow libvirt_leaseshelper "m" permission on itself.
apparmor (2.10.95-5) unstable; urgency=medium
* Merge from ubuntu-citrain up to revision 1600. Remaining Debian changes:
- debian/apparmor.init: don't call handle_system_policy_package_updates.
* r3566-wayland.patch: new patch, to support Wayland in at least Evince
(Closes: #827335).
* r3487-add-firefox-esr-to-ubuntu-browsers.patch: new patch, to support
firefox-esr in abstractions/ubuntu-browsers (Closes: #821945).
* Drop "Replaces: apparmor-parser": that package has never been part of
Debian, and if has ever been included in Ubuntu, that must have been
ages ago.
* Drop Breaks: lxc (<< 1.1.0~alpha1-0ubuntu5~).
- Wrt. Ubuntu: Xenial ships a newer lxc.
- Wrt. Debian: this Breaks was added in Ubuntu in order to "restrict
signal, ptrace and unix mediation to the container" (LP: #1373555).
These features require third-party Linux kernel patches, that we
haven't in Debian, so even though Jessie has lxc 1.0, we don't need
this Breaks relationship.
* Drop Breaks: lightdm (<< 1.11.8-0ubuntu2~).
- Wrt. Debian: it was added in Ubuntu because lightdm 1.11.8-0ubuntu2
brings "updates for unix socket mediation". But Unix socket mediation
requires third-party Linux kernel patches, that we haven't in Debian.
- Wrt. Ubuntu: even Vivid includes a newer lightdm.
* Drop Breaks+Replaces on a version of debhelper older than the one included
in Precise and Wheezy.
* Drop Breaks+Replaces on versions of our own binary packages that are older
than the ones included in Jessie and Xenial.
* Drop Breaks: rsyslog (<< 7.4.4-1ubuntu9~). Bot Jessie and Xenial ship
a newer one.
* Drop Breaks: apparmor-easyprof-ubuntu (<< 1.2.22). Xenial ships
a newer one.
* Drop Breaks: libvirt-bin (<< 1.2.6-0ubuntu6~). Jessie and Xenial
have a newer one.
* Drop Breaks+Replaces: apparmor-utils << 2.8.0: Jessie and Trusty ship
a newer one.
* Drop Breaks+Replaces: libapache2-mod-apparmor (<< 2.5.1-0ubuntu3):
Precise and Wheezy shipped with something newer.
* Version dependency on lsb-base to >= 3.0-6, as advised by Lintian's
init.d-script-needs-depends-on-lsb-base tag.
apparmor (2.10.95-4ubuntu6) UNRELEASED; urgency=medium
* debian/patches/r3556-drop-CMD_CONTINUE.patch: Fix test failure in utils/
that is caught by newer versions pyflakes. The test failure was caused by
CMD_CONTINUE being defined twice.
Date: Thu, 09 Feb 2017 06:57:45 +0000
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apparmor/2.11.0-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 09 Feb 2017 06:57:45 +0000
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor python-apparmor python3-apparmor dh-apparmor apparmor-easyprof
Architecture: source
Version: 2.11.0-2ubuntu1
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description:
apparmor - user-space parser utility for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - profiles for AppArmor Security policies
apparmor-utils - utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-apparmor - AppArmor Python utility library
python-libapparmor - AppArmor library Python bindings
python3-apparmor - AppArmor Python3 utility library
python3-libapparmor - AppArmor library Python3 bindings
Closes: 742829 809649 821881 821945 827335 844929 845005 845250 851118
Launchpad-Bugs-Fixed: 1373555 1628286
Changes:
apparmor (2.11.0-2ubuntu1) zesty; urgency=medium
.
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/apparmor.init: Call handle_system_policy_package_updates as we
need it for Click, snappy, and system-images. Note that this prevents
using a remote /var.
- debian/patches/series: Apply
profiles-grant-access-to-systemd-resolved.patch
- debian/patches/series: Apply add-chromium-browser.patch
- debian/apparmor-profiles.install, debian/apparmor-profiles.postinst:
Install chromium-browser profile and abstraction
* Drop the following change:
- debian/rules: Create a new empty file, needed for the test added by this
patch, since quilt is unable to do so.
+ This is no longer required since the empty file is now distributed as
part of the upstream tar.
* debian/patches/r3615-profiles-sshd-drop-local-include.patch: Drop the
local includes in the sshd profile since it causes a parser error due to
the missing includes file
* debian/patches/utils-fix-failing-tests-in-aa-py.patch: Adjust expected
output to account for the base abstraction changes to accommodate the /usr
merge
* debian/patches/utils-allow-unordered-dbus-attribs.patch: Don't
unnecessarily enforce attribute ordering in D-Bus rules (LP: #1628286)
.
apparmor (2.11.0-2) unstable; urgency=medium
.
* Drop the apparmor-docs package (Closes: #851118).
.
apparmor (2.11.0-1) unstable; urgency=medium
.
* Import upstream 2.11.0 release (Closes: #809649).
* Don't try to install non-existing file
to /etc/apparmor.d/abstractions/ubuntu-browsers.d/chromium-browser.
* Drop all backported patches, that are now obsolete.
* Drop aa-utils_are_bilingual.patch, that is obsolete since upstream
switched to Python 3.
* Refresh all remaining quilt patches.
* debian/apparmor.manpages: follow upstream wrt. moving the manpages
for aa-enabled and aa-exec to section 1.
* Reintroduce building parser/techdoc.pdf from source while building
the binary package.
* Build PDFs from documentation/*, and include them in the apparmor-docs
package. Accordingly add build-dependency on libreoffice-writer and unoconv.
* README.source: document how to import a new upstream release from
the tarball.
.
apparmor (2.10.95-8) unstable; urgency=medium
.
* Stop applying add-chromium-browser.patch: it's been broken for years
on Debian, and nobody ever bothered to upstream this profile in a way
that makes it work cross-distro (Closes: #742829).
* r3441-sshd-blacklist.patch: new patch, cherry-picked from upstream
(Closes: #821881).
* r3497-add-ld.so.preload-to-abstractions-base.patch: new patch,
cherry-picked from upstream.
* r3600-usrmerge.patch: new patch, cherry-picked from upstream
(resolves the parts of #843461 that can be handled in this package).
.
apparmor (2.10.95-7) unstable; urgency=medium
.
* r3582-build-with-recent-swig.patch: new patch, cherry-picked
from upstream (Closes: #844929).
* r3588-update-gnome-abstraction-with-versioned-gtk-paths.patch:
new patch, cherry-picked from upstream (Closes: #845005).
* r3590-add-more-wayland-paths.patch: new patch, cherry-picked from upstream.
* r3591-yet-another-location-for-Xauthority.patch: new patch, cherry-picked
from upstream (Closes: #845250).
* Merge from Ubuntu citrain up to revision 1604.
* Disable profiles-grant-access-to-systemd-resolved.patch: it's dangerous
without fine-grained AppArmor mediation of D-Bus traffic.
.
apparmor (2.10.95-6) unstable; urgency=medium
.
* New patches, cherry-picked from upstream:
- debian/patches/r3577-gnome-abstraction-gtk3-config.patch:
gnome abstraction: grant read access to ~/.config/gtk-3.0/*.
- debian/patches/r3578-dnsmasq-libvirt_leaseshelper.patch:
dnsmasq: allow libvirt_leaseshelper "m" permission on itself.
.
apparmor (2.10.95-5) unstable; urgency=medium
.
* Merge from ubuntu-citrain up to revision 1600. Remaining Debian changes:
- debian/apparmor.init: don't call handle_system_policy_package_updates.
* r3566-wayland.patch: new patch, to support Wayland in at least Evince
(Closes: #827335).
* r3487-add-firefox-esr-to-ubuntu-browsers.patch: new patch, to support
firefox-esr in abstractions/ubuntu-browsers (Closes: #821945).
* Drop "Replaces: apparmor-parser": that package has never been part of
Debian, and if has ever been included in Ubuntu, that must have been
ages ago.
* Drop Breaks: lxc (<< 1.1.0~alpha1-0ubuntu5~).
- Wrt. Ubuntu: Xenial ships a newer lxc.
- Wrt. Debian: this Breaks was added in Ubuntu in order to "restrict
signal, ptrace and unix mediation to the container" (LP: #1373555).
These features require third-party Linux kernel patches, that we
haven't in Debian, so even though Jessie has lxc 1.0, we don't need
this Breaks relationship.
* Drop Breaks: lightdm (<< 1.11.8-0ubuntu2~).
- Wrt. Debian: it was added in Ubuntu because lightdm 1.11.8-0ubuntu2
brings "updates for unix socket mediation". But Unix socket mediation
requires third-party Linux kernel patches, that we haven't in Debian.
- Wrt. Ubuntu: even Vivid includes a newer lightdm.
* Drop Breaks+Replaces on a version of debhelper older than the one included
in Precise and Wheezy.
* Drop Breaks+Replaces on versions of our own binary packages that are older
than the ones included in Jessie and Xenial.
* Drop Breaks: rsyslog (<< 7.4.4-1ubuntu9~). Bot Jessie and Xenial ship
a newer one.
* Drop Breaks: apparmor-easyprof-ubuntu (<< 1.2.22). Xenial ships
a newer one.
* Drop Breaks: libvirt-bin (<< 1.2.6-0ubuntu6~). Jessie and Xenial
have a newer one.
* Drop Breaks+Replaces: apparmor-utils << 2.8.0: Jessie and Trusty ship
a newer one.
* Drop Breaks+Replaces: libapache2-mod-apparmor (<< 2.5.1-0ubuntu3):
Precise and Wheezy shipped with something newer.
* Version dependency on lsb-base to >= 3.0-6, as advised by Lintian's
init.d-script-needs-depends-on-lsb-base tag.
.
apparmor (2.10.95-4ubuntu6) UNRELEASED; urgency=medium
.
* debian/patches/r3556-drop-CMD_CONTINUE.patch: Fix test failure in utils/
that is caught by newer versions pyflakes. The test failure was caused by
CMD_CONTINUE being defined twice.
Checksums-Sha1:
8db2a0ecbccdf6ff3289ce07da4c52af9b914a99 3191 apparmor_2.11.0-2ubuntu1.dsc
66240d3aa91f552d936d13b3f8c4fcdb9a8a919c 5013297 apparmor_2.11.0.orig.tar.gz
78a8d6ccfcbd7dca76a4da71435fb3f51afcf48f 83336 apparmor_2.11.0-2ubuntu1.debian.tar.xz
Checksums-Sha256:
f8580d2deefb42e9988d85d6356e3e305027a9111d96fbe5dd73a70072c42424 3191 apparmor_2.11.0-2ubuntu1.dsc
b1c489ea11e7771b8e6b181532cafbf9ebe6603e3cb00e2558f21b7a5bdd739a 5013297 apparmor_2.11.0.orig.tar.gz
2fa40498fc2fe0df54a2953c8185ab529d02f86cb8418b5f089b06d38864b9f7 83336 apparmor_2.11.0-2ubuntu1.debian.tar.xz
Files:
6f3b4e90d355b72c80299125db12800c 3191 admin extra apparmor_2.11.0-2ubuntu1.dsc
899fd834dc5c8ebf2d52b97e4a174af7 5013297 admin extra apparmor_2.11.0.orig.tar.gz
21aadbe585570575417eb79f1aa37ddd 83336 admin extra apparmor_2.11.0-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian AppArmor Team <pkg-apparmor-team at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYnCYoAAoJENaSAD2qAscKXdUP/2k3x00+hhWYISBgM/wSxApg
gCX58eAsFMmlY4Qq7U/XPJ0I6rnzRUxsKnd1VmKEsOp8pTkcJNngFtN/yTWoHY+u
fYdiL7eEe/XlLMyV7qfUh+JCHJlipw+DBWs+Bqwou1jkwx6KAa+PppWomRlxTFYX
IrrWB2+gfijpJYVPdteBekfGkSP0VO69UY6hEZQjJDETjLifu5EGmpsX5phqLG/F
TOQYFmgrgnOPYtgvLKy4F4bTqivuM6k4qOSxroZaQS5pZQCvgoZjnhHaMjbYF86b
7tOSgw0TOBuvdcc3K4lWjxFIUcTdHbPGSnyRPVYgT/h1ABfKwo3jMmIkh7EFaP2x
as2soPywiENdSNcD40tLhFf9hCnNFCSY+2L2DcxPu8uqsXdHcjoNfA5fg7zkM0AF
Yl5dm4XfyYVwbS4rf8426ztdVvl0uyIqWHgqk6UUiZdn/66sdeQyy5vwtysGM24G
/nOcb+t2T9xAr3LGkGMS362hQCOsMPSxdMK7UNJO6+2b83cX5NGw6eEOE6UUnWz4
QsFsmNDK2m3pLNBzAvMTLFtnVzNmzIW7o9LeBpkCCl2OQnlXCXIVa+XAtJgXVmDd
IqQY23ATboXH0ccEfuWxVtEESfzwd84+emBqph0ZEzvNfUbw4FaxYCP9AQVsbWqh
6cibPeeFIFFaOcBw9fIx
=NNL1
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list