This bug was fixed in the package apparmor - 2.11.0-2ubuntu3
---------------
apparmor (2.11.0-2ubuntu3) zesty; urgency=medium
* SECURITY UPDATE: Don't unload unknown profiles during package
configuration or when restarting the apparmor init script, upstart job, or
systemd unit as this could leave processes unconfined (LP: #1668892)
- debian/apparmor.postinst, debian/apparmor.init, debian/apparmor.upstart:
Remove calls to unload_obsolete_profiles()
- debian/patches/utils-add-aa-remove-unknown.patch,
debian/apparmor.install debian/apparmor.manpages: Include a new utility,
aa-remove-unknown, which can be used to unload unknown profiles. Based
on an upstream patch but adjusted to source the /lib/apparmor/functions
shipped in Debian/Ubuntu.
- CVE-2017-6507
* debian/patches/r3645-profiles-update-nvidia-abstraction.patch: Update
nvidia abstraction for newer nvidia drivers (LP: #1590561)
-- Tyler Hicks <[email protected]> Fri, 24 Mar 2017 05:26:28 +0000
** Changed in: apparmor (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1668892
Title:
CVE-2017-6507: apparmor service restarts and package upgrades unload
privately managed profiles
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1668892/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
