apparmor 2.13.3-5ubuntu1 source package in Ubuntu
Changelog
apparmor (2.13.3-5ubuntu1) eoan; urgency=medium
* Merge new upstream release from Debian. Remaining changes:
- Ubuntu-specific patches:
+ ubuntu/add-chromium-browser.patch
+ ubuntu/communitheme-snap-support.patch
+ ubuntu/mimeinfo-snap-support.patch
+ ubuntu/parser-conf-no-expr-simplify.patch
+ ubuntu/profiles-grant-access-to-systemd-resolved.patch
- debian/apparmor.{install,maintscript}: feature pinning is not used in
Ubuntu
- debian/apparmor.preinst: remove cache files on upgrade to 2.13
- debian/apparmor-profiles.install: install Ubuntu chromium-browser
profile and abstraction
- debian/apparmor-profiles.lintian-overrides: update for chromium-browser
profile having read access to dpkg database for lsb-release
- debian/apparmor-profiles.postinst: ubuntu-browsers.d/chromium-browser
abstraction if it doesn't exist
- debian/control: adjust the Vcs-{Browser,Git} control fields to reflect
the branch where the Ubuntu packaging is maintained.
- debian/gbp.conf: use ubuntu/master as the debian-branch
- debian/patches/series: comment out debian-only patches
- debian/tests/control and debian/tests/compile-policy: don't test
thunderbird since the Ubuntu packaging doesn't ship a profile
* Drop the following patches, no longer needed:
- ubuntu/dont-include-site-local-with-dovecot.patch
- lp1820068.patch
- upstream-commit-fix-segfault-in-overlaydirat_for_each.patch
- upstream-commit-add-option-to-dump-policy-cache-with-libapparmor.patch
- upstream-commit-teach-aa_policy_cache_sh-about-the-new-cache.patch
- upstream-commit-fix-segfault-when-loading-policy-cache-files.patch
- upstream-commit-fix-variable-name-overlap-in-merge-macro.patch
* upstream-dont-allow-fontconfig-cache-write.patch: don't allow write of
fontconfig cache files
* upstream-tests-mult-mount-bump-size-of-created-disk.patch: regression
tests/mult_mount: bump size of created disk image
apparmor (2.13.3-5) unstable; urgency=medium
* upstream-mr-419-Xwayland-vs-recent-mutter.patch: new patch (Closes: #935058)
apparmor (2.13.3-4) unstable; urgency=medium
* New patch, cherry-picked and adapted from Ubuntu: don't include local/
snippets in the Dovecot profiles. These inclusions of non-existing files
break aa-genprof (Closes: #928160).
* Merge ubuntu/2.13.2-9ubuntu7, which turns out to be a no-op, because
we essentially revert all changes brought by this merge:
- Drop lp1820068.patch, introduced in 2.13.2-9ubuntu7: it's included
in the 2.13.3 upstream release already.
- Don't enable ubuntu/parser-conf-no-expr-simplify.patch, that Ubuntu just
re-enabled: in Debian we don't disable expression tree simplification,
because we've cherry-picked an upstream patch that improves its
performance sufficiently.
apparmor (2.13.3-3) unstable; urgency=medium
[ Michael Biebl ]
* Move libraries back to /usr/lib
[ intrigeri ]
* Remove Lintian override made obsolete by the move to /usr/lib/apparmor/
* Avoid-blhc-CPPFLAGS-missing-false-positive.patch: new patch.
* Revert "debian/control: Breaks on snapd < 2.38~"
Jamie Strandboge explained in details on #932815 the rationale behind this
Breaks relationship. The user impact seems non-critical and the risk of the
problem happening in practice is very low, so for now let's remove this
Breaks, that prevents apparmor from migrating to testing (we don't have
snapd 2.38+ in Debian yet).
apparmor (2.13.3-2) unstable; urgency=medium
* Install the lsb_release profile.
apparmor (2.13.3-1) unstable; urgency=medium
* Import new 2.13.3 upstream release and accordingly:
- Update dev-pkg-without-shlib-symlink Lintian override: soname
was bumped to 1.6.1.
- Drop patches that were applied upstream.
* Merge ubuntu/2.13.2-9ubuntu6, dropping the Ubuntu delta (Closes: #926015):
- lp1824812.patch: set SFS_MOUNTPOINT in is_container_with_internal_policy()
since it is sometimes called independently of is_apparmor_loaded()
(LP: #1824812)
- debian/apparmor.postrm: remove parser-created subdirs
- debian/tests/control: try Ubuntu kernel but mark skip-not-installable
- regression testsuite fixes:
upstream-commit-add-option-to-dump-policy-cache-with-libapparmor.patch,
upstream-commit-teach-aa_policy_cache_sh-about-the-new-cache.patch,
upstream-commit-fix-variable-name-overlap-in-merge-macro.patch
- debian/debhelper/postrm-apparmor: also remove cache files
- debian/control: Breaks on snapd < 2.38~ (the cache forest breaks snap
remove)
* Declare compatibility with Debian Policy 4.4.0.
* Bump debhelper compatibility level to 12. Accordingly:
- dh_installinit: replace --no-restart-on-upgrade with its new
--no-stop-on-upgrade name
- Add override_dh_installsystemd that mimics our override_dh_installinit
* tests/compile-policy: check syntax of kopano profiles (implements
#923313 except kopano-search, until giraffe-team/kopanocore!4 is merged
and uploaded)
-- Jamie Strandboge <email address hidden> Mon, 09 Sep 2019 19:13:22 +0000
Upload details
- Uploaded by:
- Jamie Strandboge on 2019-09-09
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Eoan | release | on 2019-09-10 | main | admin |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apparmor_2.13.3.orig.tar.gz | 7.0 MiB | 267053234c68cdb122c5294d7c276b6e2f5fa7e75c6c2d23e3ce69f95d9a7639 |
| apparmor_2.13.3.orig.tar.gz.asc | 870 bytes | 5f280617cca0c5f83ac113166eafcb3ca58be75fdbc4444141282724fb8ad7d7 |
| apparmor_2.13.3-5ubuntu1.debian.tar.xz | 101.1 KiB | 92d1005314f4a2b603c7091de76b923fabffdf2734a58100d004ff5a32d9af8f |
| apparmor_2.13.3-5ubuntu1.dsc | 3.5 KiB | efd3e276b1d7109358454deba8f9a7c66ba6aba80a5170bfee0ec375739da0aa |
Available diffs
- diff from 2.13.2-9ubuntu7 to 2.13.3-5ubuntu1 (158.7 KiB)
Binary packages built by this source
- apparmor: user-space parser utility for AppArmor
apparmor provides the system initialization scripts needed to use the
AppArmor Mandatory Access Control system, including the AppArmor Parser
which is required to convert AppArmor text profiles into machine-readable
policies that are loaded into the kernel for use with the AppArmor Linux
Security Module.
- apparmor-dbgsym: debug symbols for apparmor
- apparmor-easyprof: AppArmor easyprof profiling tool
apparmor-easyprof provides the aa-easyprof utility which is an easy to
use interface for AppArmor policy generation. aa-easyprof supports the
use of templates and policy groups to quickly profile an application.
- apparmor-notify: AppArmor notification system
apparmor-notify provides a utility to display AppArmor denial
messages via desktop notifications. The utility can also be used to
generate summary reports.
- apparmor-profiles: experimental profiles for AppArmor security policies
apparmor-profiles provides various experimental AppArmor profiles.
Do not expect these profiles to work out-of-the-box.
.
These profiles are not mature enough to be shipped in enforce mode by
default on Debian. They are shipped in complain mode so that users
can test them, choose which are desired, and help improve them
upstream if needed.
.
Some even more experimental profiles are included in
/usr/share/doc/apparmor- profiles/ extras/ .
- apparmor-utils: utilities for controlling AppArmor
apparmor-utilities provides utilities that operate on AppArmor
profiles. Profiles can be created, updated, enforced, set to complain
mode, and disabled with tools such as aa-genprof, aa-enforce,
aa-complain and aa-disabled.
- dh-apparmor: AppArmor debhelper routines
dh-apparmor provides the debhelper tools used to install and migrate
AppArmor profiles. This is normally used from package maintainer scripts
during install and removal.
- libapache2-mod-apparmor: changehat AppArmor library as an Apache module
libapache2-
mod-apparmor provides the Apache module needed to declare
various differing confinement policies when running virtual hosts in the
webserver by using the changehat abilities exposed through libapparmor.
- libapache2-mod-apparmor-dbgsym: debug symbols for libapache2-mod-apparmor
- libapparmor-dev: AppArmor development libraries and header files
libapparmor-dev provides the development libraries and header
files needed to link against the AppArmor changehat and log parsing
functions. Also includes the manpages for library functions.
- libapparmor-perl: AppArmor library Perl bindings
libapparmor-perl provides the Perl module that contains the language
bindings for the AppArmor library, libapparmor, which were autogenerated
via SWIG.
- libapparmor-perl-dbgsym: debug symbols for libapparmor-perl
- libapparmor1: changehat AppArmor library
libapparmor1 provides the shared library used for making use
of the AppArmor profile and changehat functionality, as well as common
log parsing routines.
- libapparmor1-dbgsym: debug symbols for libapparmor1
- libpam-apparmor: changehat AppArmor library as a PAM module
libpam-apparmor provides the PAM module needed to declare various
differing confinement policies when starting PAM sessions by using the
changehat abilities exposed through libapparmor.
- libpam-apparmor-dbgsym: debug symbols for libpam-apparmor
- python3-apparmor: AppArmor Python3 utility library
python3-apparmor provides the Python3 modules that implement the
higher-level AppArmor applications.
- python3-libapparmor: AppArmor library Python3 bindings
python3-
libapparmor provides the Python3 module that contains the language
bindings for the AppArmor library, libapparmor, which were autogenerated
via SWIG.
- python3-libapparmor-dbgsym: debug symbols for python3-libapparmor
