Last commit made on 2019-06-05
Get this branch:
git clone -b applied/ubuntu/xenial-updates https://git.launchpad.net/ubuntu/+source/apparmor
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

b7f8eae... by Tyler Hicks on 2019-05-28

Import patches-applied version 2.10.95-0ubuntu2.11 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: fff646c8e7efd98680ea829fb739c8493a2ef5db
Unapplied parent: e05c7cc97d7d860de66f03be91492c6a91ef6c19

New changelog entries:
  * Make dnsmasq profile and Python utility changes necessary to continue
    working correctly after the Linux kernel change to address CVE-2019-11190.
    Without these changes, some profile transitions may be unintentionally
    denied. (LP: #1830802)
    - 0001-dnsmasq-allow-libvirt_leaseshelper-m-permission-on-i.patch
    - 0001-handle_children-automatically-add-m-permissions-on-i.patch

e05c7cc... by Tyler Hicks on 2019-05-28

various hardening for thumbnailer and when blacklisting:

Gbp-Pq: lp1788929+1794848.patch.

26cbce3... by Tyler Hicks on 2019-05-28

update base abstraction for additional journald sockets

Gbp-Pq: base-journald-updates.patch.

66e53d2... by Tyler Hicks on 2019-05-28

Allow seven digit pid

Gbp-Pq: 0001-Allow-seven-digit-pid.patch.

da8fe34... by Tyler Hicks on 2019-05-28

[PATCH] utils: Add aa-remove-unknown utility to unload unknown profiles

Gbp-Pq: utils-add-aa-remove-unknown.patch.

3047246... by Tyler Hicks on 2019-05-28

[PATCH] handle_children(): automatically add m permissions on ix

Gbp-Pq: 0001-handle_children-automatically-add-m-permissions-on-i.patch.

3812e10... by Tyler Hicks on 2019-05-28

[PATCH] dnsmasq: allow libvirt_leaseshelper "m" permission on itself.

Gbp-Pq: 0001-dnsmasq-allow-libvirt_leaseshelper-m-permission-on-i.patch.

b1f4bdb... by Tyler Hicks on 2019-05-28

test for 4.8 semantic change due to binfmt_elf changing when it does mmap

Gbp-Pq: r3558-tests-fix-exec_stack-errors-2.patch.

9a15b1a... by Tyler Hicks on 2019-05-28

tests: Fix exec_stack.sh errors under 4.8 and newer kernels

Gbp-Pq: r3509-tests-fix-exec_stack-errors-1.patch.

52ddf9d... by Tyler Hicks on 2019-05-28

Previously a stack with unconfined would cause the mode to be reported as mixed

Gbp-Pq: r3505-tests-fix-stacking-mode-checks.patch.