Ubuntu
apparmor package

Change logs for apparmor source package in Oracular

  1. Oracular (24.10)
  2. Change log 
  • apparmor (4.1.0~beta1-0ubuntu2) oracular; urgency=medium

  [Georgia Garcia]
  * Add patch to fix FTBFS on armhf
    - d/p/u/libapparmor-make-af_protos.h-consistent-in-different.patch

 -- Alex Murray <email address hidden>  Tue, 20 Aug 2024 08:54:20 +0930
  • apparmor (4.1.0~beta1-0ubuntu1) oracular; urgency=medium

  [John Johansen]
  * New upstream release.
  * Refresh
    - d/p/d/libapparmor-layout-deb.patch
    - d/p/d/etc-writable.patch
  * Drop patches which have now been applied upstream
    - d/p/u/parser-add-support-for-prompting.patch
    - d/p/u/profiles-add-unconfined-balena-etcher-profile.patch
    - d/p/u/mountrule-relaxing-constraints-on-fstype.patch
    - d/p/u/tests-refactor-logic-that-makes-mntpoint-private-for.patch
    - d/p/u/tests-remount-tmpdir-as-private-instead-of.patch
    - d/p/u/tests-enable-swap-test-when-tmp-is-tmpfs.patch
    - d/p/u/test-detect-if-setuid-environ-test-in-running-under-.patch
  * Add patch to fix installation of com.ubuntu.pkexec.aa-notify.policy
    - d/p/u/parser-fix-rule-priority-destroying-rule-permissions.patch
    - d/p/u/parser-fix-integer-overflow-bug-in-rule-priority-com.patch
    - d/p/u/parser-revert-removal-of-second-minimization-pass.patch
    - d/p/u/parser-update-tsts-for-explicit-deny-and-filtering-c.patch
  [Georgia Garcia]
  * Add patch to fix installation of com.ubuntu.pkexec.aa-notify.policy
    - d/p/u/utils-change-os.mkdir-to-self.mkpath-to-create-inter.patch
    - d/p/u/ubuntu/parser-fix-pam_apparmor-regression-test-failures.patch
  * d/apparmor.install
    - fix wike installation path
    - install new profile
      - Xorg
      - chromium
  * d/control:
    - add depends to apparmor-notify:
      - python3-tk
      - python3-ttkthemes
      - python3-gi
  * d/apparmor-notify.install
    - etc/apparmor/default_unconfined.template
    - usr/share/polkit-1/actions/com.ubuntu.pkexec.aa-notify.policy
  * d/libapparmor1.symbols
    - add aa_split_overlay_str

 -- John Johansen <email address hidden>  Thu, 15 Aug 2024 06:41:27 -0700
  • apparmor (4.0.1really4.0.1-0ubuntu2) oracular; urgency=medium

  * Drop patch that enables bwrap profile
  - d/p/u/enable-bwrap-profile.patch (LP: #2072811)
  * d/apparmor.install
    - remove bwrap-userns-restrict
  * d/apparmor.maintscript: rm_conffile of bwrap-userns-restrict in
    /etc/apparmor.d/ to properly revert conffiles introduced in
    4.0.1-0ubuntu1
  * d/apparmor-profiles.install
    - install new profile
      - bwrap-userns-restrict
  * Drop patch that moves wike profile from apparmor to apparmor.d so it's
  done by d/apparmor.install. The patch caused a warning from dpkg-source
  because it didn't contain a diff
  * d/apparmor.install
    - install new profile
      - wike - changed installation from apparmor to apparmor.d
  * Add patches that fix regression tests when they run on a mounted /tmp
    in tmpfs
    - d/p/u/tests-refactor-logic-that-makes-mntpoint-private-for.patch
    - d/p/u/tests-remount-tmpdir-as-private-instead-of.patch
    - d/p/u/tests-enable-swap-test-when-tmp-is-tmpfs.patch
    - d/p/u/test-detect-if-setuid-environ-test-in-running-under-.patch

 -- Georgia Garcia <email address hidden>  Tue, 16 Jul 2024 14:33:39 -0300
  • apparmor (4.0.1-0ubuntu1) oracular; urgency=medium

  [Georgia Garcia]
  * New upstream release.
  * Refresh
    - d/p/u/parser-add-support-for-prompting.patch
      - Add condition in policydb serialization to only encode xtable if
      kernel_supports_permstable32
  * Add patch to fix wike profile location (LP: #2046844)
    - d/p/u/profiles-fix-wike-profile-location-to-apparmor.d.patch
  * Add patch to add balena-etcher profile (LP: #2046844)
    - d/p/u/profiles-add-unconfined-balena-etcher-profile.patch
  * Fix d/p/u/userns-runtime-disable.patch to work when
    kernel.apparmor_restrict_unprivileged_userns does not exist by adding
    -e to sysctl.
  * d/apparmor.install
    - install new profiles
      - wike
      - foliate
      - balena-etcher
      - transmission

  [John Johansen]
  * Refresh
    - d/p/u/samba-systemd-interaction.patch
  * Drop patches which have now been applied updatea
    - d/p/u/parser-fix-issues-appointed-by-coverity.patch
    - d/p/u/profiles-add-unconfined-profile-for-tuxedo-control-c.patch
  * Add patch to enable bwrap profile
    - d/p/u/enable-bwrap-profile.patch
      (LP: #2046844)
  * d/apparmor.install
    - install new profile
      - bwrap-userns-restrict
  * d/apparmor-profiles.install
    - install new profile
      - unshare-userns-restrict

  [ Alex Murray ]
  * Add upstream patch to relax mount rules to fix use of virtiofs and
    other file-system types
    - d/p/u/mountrule-relaxing-constraints-on-fstype.patch
  * Remove patches which got dropped from quilt series earlier
    - d/p/u/parser-support-uin128_t-key-as-a-pair-of-uint64_t-nu.patch
    - d/p/u/Minor-improvements-for-MountRule.patch
  * d/control: Remove obsolete lsb-base Depends and swap pkg-config to
    pkgconf for Build-Depends

 -- Alex Murray <email address hidden>  Wed, 08 May 2024 11:37:47 +0200
  • apparmor (4.0.0-beta3-0ubuntu3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 07:27:03 +0000