lp:ubuntu/precise-security/apparmor
- Get this branch:
- bzr branch lp:ubuntu/precise-security/apparmor
Branch merges
Related bugs
Bug #1045986: Ubuntu AppArmor policy is too lenient with shell scripts | Undecided | Confirmed |
Related blueprints
Branch information
Recent revisions
- 32. By Marc Deslauriers
-
No change rebuild in the security pocket to ensure compatibility
with the linux-lts-trusty kernel. - 31. By Jamie Strandboge
-
* debian/
patches/ 0001-add- chromium- browser. patch:
- add access for newer versions of chromium (LP: #1091862)
- add a child profile for xdgsettings (LP: #1045986)
* debian/patches/ 0021-fix- racy-onexec- test.patch: fix race in onexec.sh
kernel regression test - 30. By Marc Deslauriers
-
debian/
debhelper/ postrm. apparmor: do not delete local files if main
conffile still exists since it probably means it is owned by a
new/different package. (LP: #986892) - 29. By Micah Gersten
-
* fix LP: #990931 - Thunderbird is being blocked by apparmor from Firefox;
This was a regression from the Thunderbird path changing to a non-versioned
path in the Thunderbird 12 packaging
- add debian/patches/ 0015-lp990931. patch
- update debian/patches/ series - 28. By Steve Beattie
-
[ Jamie Strandboge ]
* debian/patches/ 0007-ubuntu- manpage- updates. patch: update apparmor(5)
to describe Ubuntu's two-stage policy load and how to add utilize it
when developing policy (LP: #974089)[ Serge Hallyn ]
* debian/apparmor. init: do nothing in a container. This can be
removed once stacked profiles are supported and used by lxc.
(LP: #978297)[ Steve Beattie ]
* debian/patches/ 0008-apparmor- lp963756. patch: Fix permission mapping
for change_profile onexec (LP: #963756)
* debian/patches/ 0009-apparmor- lp959560- part1.patch,
debian/patches/ 0010-apparmor- lp959560- part2.patch: Update the parser
to support the 'in' keyword for value lists, and make mount
operations aware of 'in' keyword so they can affect the flags build
list (LP: #959560)
* debian/patches/ 0011-apparmor- lp872446. patch: fix logprof missing
exec events in complain mode (LP: #872446)
* debian/patches/ 0012-apparmor- lp978584. patch: allow inet6 access in
dovecot imap-login profile (LP: #978584)
* debian/patches/ 0013-apparmor- lp800826. patch: fix libapparmor
log parsing library from dropping apparmor network events that
contain ip addresses or ports in them (LP: #800826)
* debian/patches/ 0014-apparmor- lp979095. patch: document new mount rule
syntax and usage in apparmor.d(5) manpage (LP: #979095)
* debian/patches/ 0015-apparmor- lp963756. patch: Fix change_onexec
for profiles without attachment specification (LP: #963756,
LP: #978038)
* debian/patches/ 0016-apparmor- lp968956. patch: Fix protocol error when
loading policy to kernels without compat patches (LP: #968956)
* debian/patches/ 0017-apparmor- lp979135. patch: Fix change_profile to
grant access to /proc/attr api (LP: #979135) - 27. By Colin Watson
-
debian/control: Make dh-apparmor Multi-Arch: foreign, so that it can
satisfy cross-build-dependencies. - 26. By Jamie Strandboge
-
* New upstream release. Fixes the following issues in support of LXC
AppArmor support for beta-2:
- Fix the return size of aa_getprocattr (LP: #962521)
- Fix mnt_flags passed for remount
- Fix dfa minimization around the nonmatching state
- Factor all the permissions dump code into a single perms method
* debian/apparmor- utils.install:
- AppArmor now installs apparmor.vim. Move it into place
- install aa-exec
* debian/apparmor- utils.manpages: install aa-exec man page
* debian/patches/ 0003-add- aa-easyprof. patch: refresh for Makefile changes
* debian/patches/ 0005-clean- common- from-vim. patch: clean up 'common'
symlink
* 0006-use-linux-capabilit y-h.patch: Use linux/capability.h instead of
sys/capability.h - 25. By Jamie Strandboge
-
* New upstream release. Fixes: LP: #948147
* debian/lib/apparmor/ functions: Update to support the feature directory so
that caching will work on kernels that support the feature dir. Patch
based on work from John Johansen. LP: #954469 - 24. By Jamie Strandboge
-
* New upstream bug fix release which fixes (in addition to other bugs):
- LP: #940362
- LP: #947617
- LP: #949891
* Drop the following patches, included upstream:
- 0004-lp918879.patch
- 0007-lp941506.patch
- 0008-lp941503.patch
- 0009-lp943161.patch
* Drop the following patch, no longer required:
- 0005-disable-minimization. patch
* Rename 0006-lp941808.patch 0004-lp941808.patch
* debian/patches/ 0001-add- chromium- browser. patch: update for additional
denials with newer chromium-browser. (LP: #937723)
* debian/put-all- profiles- in-complain- mode.sh: deal with existing flags - 23. By Colin Watson
-
Restore dpkg-maintscrip
t-helper changes from 2.7.0-0ubuntu6, lost in
2.7.99-0ubuntu1.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/apparmor