Ubuntu
apparmor package

apparmor 2.13.3-7ubuntu5.2 source package in Ubuntu

Changelog

apparmor (2.13.3-7ubuntu5.2) focal; urgency=medium

  * Add capability upstream patches to fix LP: #1964636
    - u/cap1-Generate-CAPABILITIES-in-a-script-due-to-make-4.3.patch: move
    code that generates a list of capabilities to a script in common/
    - u/cap2-parser-Move-to-a-pre-generated-cap_names.h.patch: use a
    pre-generated list of capabilities so that all capabilities are
    supported even when building against older kernels.
    - u/cap3-parser-cleanup-capability_table-generation-by-droppi.patch: drop
    sys_log static declaration because it's already in the generated list.
    - u/cap4-parser-unify-capability-name-handling.patch: drop internal
    hardcoded capability table.
    - u/cap5-parser-Makefile-use-LC_ALL-C-when-invoking-sed.patch: use
    LC_ALL=C when invoking sed.
    - u/cap6-parser-Add-warning-to-capability_table-about-the-nee.patch: add
    warning to capability_table about the need to update the Makefile.
    - u/cap7-Add-CAP_BPF-and-CAP_PERFMON-to-severity.db.patch: add
    support for cap_bpf and cap_perfmon
    - u/cap8-parser-Makefile-fix-generated-cap-comparison-against.patch: fix
    generated cap comparison against known list
  * Add upstream patches for abi support. LP: #1728130
    - u/abi1-parser-feature-abi-setup-parser-to-intersect-policy-.patch: add
    the ability to intersect parser and kernel features in the parser.
    - u/abi2-parser-add-basic-support-for-feature-abis.patch: add support
    to specify a feature abi.
    - u/abi3-pin-abi-2.13.patch: add and pin a policy abi for 2.13
    - u/abi4-parser-fix-abi-rule-and-pinned-feature-file-interact.patch: fix
    abi rule and pinned feature file interaction
    - apparmor.install: add 2.13 abi file to be installed in /etc/apparmor.d/abi/
  * Add mqueue patches. LP: #1993353
    - u/mqueue1-parser-add-parser-support-for-message-queue-mediatio.patch:
    add parser support for mqueue mediation
    - u/mqueue2-tests-add-posix-message-queue-regression-tests.patch: add
    posix mqueue regression tests
    - u/mqueue3-utils-add-message-queue-rules-parsing-in-python-tool.patch:
    add support in python tools to parse mqueue rules
    - u/mqueue4-parser-add-parser-simple-tests-for-mqueue-rules.patch: add
    parser simple tests for mqueue
    - u/mqueue5-parser-place-perm-on-name-as-well-as-name-label-comb.patch:
    add permissions on name and also on name + label
    - u/mqueue6-libapparmor-add-support-for-requested-and-denied-on-.patch:
    add parsing support for "denied" and "requested" from audit logs
    - u/mqueue7-libapparmor-add-support-for-class-in-logparsing.patch: add
    parsing support for "class" from audit logs
    - u/mqueue8-utils-add-logparser-support-for-mqueue.patch: add logparser
    support for mqueue rules
    - u/mqueue9-tests-add-sysv-message-queue-regression-tests.patch: add
    sysv mqueue regression tests
    - u/mqueue10-parser-enable-mqueue-rules-when-abi-is-not-set.patch:
    override pinned features for mqueue rules when abi is not set in policy.
    - debian/rules: create mqueue testcase empty files for libapparmor tests.
  * Closes LP: #1994146

 -- Georgia Garcia <email address hidden>  Mon, 10 Oct 2022 17:52:45 -0300

Upload details

Uploaded by:
Georgia Garcia
Sponsored by:
Alex Murray
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
apparmor_2.13.3.orig.tar.gz 7.0 MiB 267053234c68cdb122c5294d7c276b6e2f5fa7e75c6c2d23e3ce69f95d9a7639
apparmor_2.13.3-7ubuntu5.2.debian.tar.xz 144.9 KiB ce4a5d3b2795295a95d377e4b93485095a8c0a93bf6a23082916565cd471fea7
apparmor_2.13.3-7ubuntu5.2.dsc 2.9 KiB 10745d9b100494c4be2f60c3499f7faabfbb7b6b54fb5d841eeced717b27e902

View changes file

Binary packages built by this source

apparmor: user-space parser utility for AppArmor

 apparmor provides the system initialization scripts needed to use the
 AppArmor Mandatory Access Control system, including the AppArmor Parser
 which is required to convert AppArmor text profiles into machine-readable
 policies that are loaded into the kernel for use with the AppArmor Linux
 Security Module.

apparmor-dbgsym: debug symbols for apparmor
apparmor-easyprof: AppArmor easyprof profiling tool

 apparmor-easyprof provides the aa-easyprof utility which is an easy to
 use interface for AppArmor policy generation. aa-easyprof supports the
 use of templates and policy groups to quickly profile an application.

apparmor-notify: AppArmor notification system

 apparmor-notify provides a utility to display AppArmor denial
 messages via desktop notifications. The utility can also be used to
 generate summary reports.

apparmor-profiles: experimental profiles for AppArmor security policies

 apparmor-profiles provides various experimental AppArmor profiles.
 Do not expect these profiles to work out-of-the-box.
 .
 These profiles are not mature enough to be shipped in enforce mode by
 default on Debian. They are shipped in complain mode so that users
 can test them, choose which are desired, and help improve them
 upstream if needed.
 .
 Some even more experimental profiles are included in
 /usr/share/doc/apparmor-profiles/extras/.

apparmor-utils: utilities for controlling AppArmor

 apparmor-utilities provides utilities that operate on AppArmor
 profiles. Profiles can be created, updated, enforced, set to complain
 mode, and disabled with tools such as aa-genprof, aa-enforce,
 aa-complain and aa-disabled.

dh-apparmor: AppArmor debhelper routines

 dh-apparmor provides the debhelper tools used to install and migrate
 AppArmor profiles. This is normally used from package maintainer scripts
 during install and removal.

libapache2-mod-apparmor: changehat AppArmor library as an Apache module

 libapache2-mod-apparmor provides the Apache module needed to declare
 various differing confinement policies when running virtual hosts in the
 webserver by using the changehat abilities exposed through libapparmor.

libapache2-mod-apparmor-dbgsym: debug symbols for libapache2-mod-apparmor
libapparmor-dev: AppArmor development libraries and header files

 libapparmor-dev provides the development libraries and header
 files needed to link against the AppArmor changehat and log parsing
 functions. Also includes the manpages for library functions.

libapparmor-perl: AppArmor library Perl bindings

 libapparmor-perl provides the Perl module that contains the language
 bindings for the AppArmor library, libapparmor, which were autogenerated
 via SWIG.

libapparmor-perl-dbgsym: debug symbols for libapparmor-perl
libapparmor1: changehat AppArmor library

 libapparmor1 provides the shared library used for making use
 of the AppArmor profile and changehat functionality, as well as common
 log parsing routines.

libapparmor1-dbgsym: debug symbols for libapparmor1
libpam-apparmor: changehat AppArmor library as a PAM module

 libpam-apparmor provides the PAM module needed to declare various
 differing confinement policies when starting PAM sessions by using the
 changehat abilities exposed through libapparmor.

libpam-apparmor-dbgsym: debug symbols for libpam-apparmor
python3-apparmor: AppArmor Python3 utility library

 python3-apparmor provides the Python3 modules that implement the
 higher-level AppArmor applications.

python3-libapparmor: AppArmor library Python3 bindings

 python3-libapparmor provides the Python3 module that contains the language
 bindings for the AppArmor library, libapparmor, which were autogenerated
 via SWIG.

python3-libapparmor-dbgsym: debug symbols for python3-libapparmor