This bug was fixed in the package firefox - 28.0+build1-0ubuntu1 --------------- firefox (28.0+build1-0ubuntu1) trusty; urgency=medium
* New upstream stable release (FIREFOX_28_0_BUILD1) [ Jamie Strandboge <[email protected]> ] * usr.bin.firefox.apparmor*: updates for new firefox releases (LP: #1288260) - allow read of /sys/devices/pci[0-9]*/**/uevent - allow read of /etc/udev/udev.conf - explicityly deny /run/udev/data/**, like we do with evince [ Chris Coulson <[email protected]> ] * Make geolocation work * Backport changeset from mozilla-central for aarch64 support - add debian/patches/aarch64-support.patch - update debian/patches/series * Use --enable-system-libffi on arm64, as the bundled libffi doesn't support this yet * Switch to the release channel -- Chris Coulson <[email protected]> Wed, 05 Mar 2014 08:11:10 -0600 ** Changed in: firefox (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1288260 Title: firefox apparmor updates for trusty Status in “firefox” package in Ubuntu: Fix Released Bug description: Attached is a patch to fix the apparmor syslog noise I see after upgrading to trusty. It follows the chromium apparmor profile in terms of what to allow and deny. --- ./usr.bin.firefox 2014-03-05 13:52:13.470886569 +0000 +++ /etc/apparmor.d/usr.bin.firefox 2014-03-05 13:56:42.640802391 +0000 @@ -38,7 +38,9 @@ /etc/ r, /etc/mime.types r, /etc/mailcap r, + /etc/udev/udev.conf r, /etc/xdg/*buntu/applications/defaults.list r, # for all derivatives + /sys/devices/pci[0-9]*/**/uevent r, /usr/share/xubuntu/applications/defaults.list r, owner @{HOME}/.local/share/applications/defaults.list r, owner @{HOME}/.local/share/applications/mimeapps.list r, @@ -73,6 +75,9 @@ # TODO: investigate deny /usr/bin/gconftool-2 x, + # This is requested, but doesn't seem to actually be needed so deny for now + deny /run/udev/data/** r, + # These are needed when a new user starts firefox and firefox.sh is used @{MOZ_LIBDIR}/** ixr, /usr/bin/basename ixr, To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1288260/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
