Ubuntu
apparmor package

apparmor_parser is missing fix for rule down grades

  1. Xenial (16.04)
  2. Bug #1728120
Bug #1728120 reported by John Johansen
52
This bug affects 25 people
Affects Status Importance Assigned to Milestone
apparmor (Debian)
Fix Released
Unknown
apparmor (Ubuntu)
Fix Released
Undecided
Unassigned
Xenial
Confirmed
Undecided
Unassigned
Zesty
Confirmed
Undecided
Unassigned
Artful
Confirmed
Undecided
Unassigned

Bug Description

The Ubuntu version of apparmor is missing the fix for rule down grades that exist in the current upstream maintenance releases.

This fix is needed to properly handle policy for different kernel abis.

The fix can be obtained either through SRUing the appropriate maintenance release, or by cherry-picking r3700.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apparmor (Ubuntu Artful):
status: New → Confirmed
Changed in apparmor (Ubuntu Xenial):
status: New → Confirmed
Changed in apparmor (Ubuntu Zesty):
status: New → Confirmed
Changed in apparmor (Ubuntu):
status: New → Confirmed
Bug Watch Updater (bug-watch-updater)
Changed in apparmor (Debian):
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in apparmor (Debian):
status: New → Fix Committed
Bug Watch Updater (bug-watch-updater)
Changed in apparmor (Debian):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.12-4ubuntu1

---------------
apparmor (2.12-4ubuntu1) bionic; urgency=medium

  [ Tyler Hicks ]
  * Merge from Debian to get gbp-pq related packaging improvements. Thanks to
    intrigeri for making those improvements! Remaining Ubuntu changes:
    - debian/gbp.conf: Use ubuntu/master as the debian-branch
    - Update package maintainer to be Ubuntu Developers in the control file
    - Call handle_system_policy_package_updates in apparmor.init.
      This is needed for snappy and system-images. Note that this prevents
      using a remove /var.
    - Apply Ubuntu-specific patches
      + parser-include-usr-share-apparmor.patch
      + profiles-grant-access-to-systemd-resolved.patch
      + add-chromium-browser.patch
    - Install Ubuntu chromium-browser profile and abstraction
    - Feature pinning is not used in Ubuntu

  [ intrigeri ]
  * Adjust the Vcs-{Browser,Git} control fields to reflect the branch where
    the Ubuntu packaging is maintained.

apparmor (2.12-4) unstable; urgency=medium

  * Migrate patch handling to gbp-pq (Closes: #888244).
  * Merge 2.12-3ubuntu1 (dropping the Ubuntu delta):
    - upstream-commit-46f88f5-properly-identify-empty-ouid-fsuid-fields.patch:
      new patch, properly identify empty ouid/fsuid fields in logs.
    - upstream-commit-130958a-allow-shell-helper-read-locale.patch:
      new patch, allow the shell helper regression test program read
      the locale.

 -- Tyler Hicks <email address hidden> Mon, 19 Mar 2018 16:24:57 +0000

Changed in apparmor (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.