apparmor (2.8.0-0ubuntu30) saucy; urgency=low
[ Tyler Hicks ]
* debian/patches/0059-dbus-rules-for-dbus-abstractions.patch: Add an
abstraction for the accessibility bus. It is currently very permissive,
like the dbus and dbus-session abstractions, and grants all permissions on
the accessibility bus. (LP: #1226141)
* debian/patches/0071-lp1226356.patch: Fix issues in parsing D-Bus and mount
rules. Both rule classes suffered from unexpected auditing behavior when
using the 'deny' and 'audit deny' rule modifiers. The 'deny' modifier
resulting in accesses being audited and the 'audit deny' modifier
resulting in accesses not being audited. (LP: #1226356)
* debian/patches/0072-lp1229393.patch: Fix cache location for .features
file, which was not being written to the proper location if the parameter
--cache-loc= is passed to apparmor_parser. This bug resulted in using the
.features file from /etc/apparmor.d/cache or always recompiling policy.
Patch thanks to John Johansen. (LP: #1229393)
* debian/patches/0073-lp1208988.patch: Update AppArmor file rules of UNIX
domain sockets to include read and write permissions. Both permissions are
required when a process connects to a UNIX domain socket. Also include new
tests for mediation of UNIX domain sockets. Thanks to Jamie Strandboge for
helping with the policy updates and testing. (LP: #1208988)
* debian/patches/0075-lp1211380.patch: Adjust the audio abstraction to only
grant access to specific pulseaudio files in the pulse runtime directory
to remove access to potentially dangerous files (LP: #1211380)
[ Jamie Strandboge ]
* debian/patches/0074-lp1228882.patch: typo in ubuntu-browsers.d/multimedia
(LP: #1228882)
* 0076_sanitized_helper_dbus_access.patch: allow applications run under
sanitized_helper to connect to DBus
Date: Fri, 04 Oct 2013 17:29:52 -0700
Changed-By: Tyler Hicks <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
Signed-By: Jamie Strandboge <[email protected]>
https://launchpad.net/ubuntu/saucy/+source/apparmor/2.8.0-0ubuntu30
Format: 1.8
Date: Fri, 04 Oct 2013 17:29:52 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev
libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor
apparmor-notify python-libapparmor python3-libapparmor dh-apparmor
apparmor-easyprof
Architecture: source
Version: 2.8.0-0ubuntu30
Distribution: saucy
Urgency: low
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Tyler Hicks <[email protected]>
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - Profiles for AppArmor Security policies
apparmor-utils - Utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-libapparmor - AppArmor library Python bindings
python3-libapparmor - AppArmor library Python3 bindings
Launchpad-Bugs-Fixed: 1208988 1211380 1226141 1226356 1228882 1229393
Changes:
apparmor (2.8.0-0ubuntu30) saucy; urgency=low
.
[ Tyler Hicks ]
* debian/patches/0059-dbus-rules-for-dbus-abstractions.patch: Add an
abstraction for the accessibility bus. It is currently very permissive,
like the dbus and dbus-session abstractions, and grants all permissions on
the accessibility bus. (LP: #1226141)
* debian/patches/0071-lp1226356.patch: Fix issues in parsing D-Bus and mount
rules. Both rule classes suffered from unexpected auditing behavior when
using the 'deny' and 'audit deny' rule modifiers. The 'deny' modifier
resulting in accesses being audited and the 'audit deny' modifier
resulting in accesses not being audited. (LP: #1226356)
* debian/patches/0072-lp1229393.patch: Fix cache location for .features
file, which was not being written to the proper location if the parameter
--cache-loc= is passed to apparmor_parser. This bug resulted in using the
.features file from /etc/apparmor.d/cache or always recompiling policy.
Patch thanks to John Johansen. (LP: #1229393)
* debian/patches/0073-lp1208988.patch: Update AppArmor file rules of UNIX
domain sockets to include read and write permissions. Both permissions are
required when a process connects to a UNIX domain socket. Also include new
tests for mediation of UNIX domain sockets. Thanks to Jamie Strandboge for
helping with the policy updates and testing. (LP: #1208988)
* debian/patches/0075-lp1211380.patch: Adjust the audio abstraction to only
grant access to specific pulseaudio files in the pulse runtime directory
to remove access to potentially dangerous files (LP: #1211380)
.
[ Jamie Strandboge ]
* debian/patches/0074-lp1228882.patch: typo in ubuntu-browsers.d/multimedia
(LP: #1228882)
* 0076_sanitized_helper_dbus_access.patch: allow applications run under
sanitized_helper to connect to DBus
Checksums-Sha1:
44c8c6ade52c7d3d36d0c4c8d654efbd7ae36aa4 2835 apparmor_2.8.0-0ubuntu30.dsc
75ad7a2d4ed0d130ea9aff095ffe8b608aef6d73 169756
apparmor_2.8.0-0ubuntu30.debian.tar.gz
Checksums-Sha256:
2acdf8fd81bababdfbd72b1e74553eddfb9fd80c4050f65034aa07125d899a12 2835
apparmor_2.8.0-0ubuntu30.dsc
b26d7d6a5fd397b3cc58abd62682d3719685f49f6e3412c6b5694d8e54c057ec 169756
apparmor_2.8.0-0ubuntu30.debian.tar.gz
Files:
58294d7b49d7f6c177ceb6b2c90b091a 2835 admin extra apparmor_2.8.0-0ubuntu30.dsc
b5daa8aa85e9fad85e77561185356bd0 169756 admin extra
apparmor_2.8.0-0ubuntu30.debian.tar.gz
Original-Maintainer: Kees Cook <[email protected]>
--
Saucy-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/saucy-changes
