[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted apparmor 2.8.0-1 (source amd64 all)

Hash: SHA512

Format: 1.8
Date: Mon, 08 Jul 2013 17:51:40 -0700
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor dh-apparmor apparmor-easyprof
Architecture: source amd64 all
Version: 2.8.0-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook <kees@debian.org>
Changed-By: Kees Cook <kees@debian.org>
 apparmor   - User-space parser utility for AppArmor
 apparmor-docs - Documentation for AppArmor
 apparmor-easyprof - AppArmor easyprof profiling tool
 apparmor-notify - AppArmor notification system
 apparmor-profiles - Profiles for AppArmor Security policies
 apparmor-utils - Utilities for controlling AppArmor
 dh-apparmor - AppArmor debhelper routines
 libapache2-mod-apparmor - changehat AppArmor library as an Apache module
 libapparmor-dev - AppArmor development libraries and header files
 libapparmor-perl - AppArmor library Perl bindings
 libapparmor1 - changehat AppArmor library
 libpam-apparmor - changehat AppArmor library as a PAM module
 python-libapparmor - AppArmor library Python bindings
 python3-libapparmor - AppArmor library Python3 bindings
Closes: 666808 699774 711398 712370 714843
 apparmor (2.8.0-1) unstable; urgency=low
   * Merge with Ubuntu changes.
     - update to 2.8.0 release (Closes: 712370).
     - handle Apache 2.4 transition (Closes: 666808).
     - drop debian/patches/abstractions-X.patch (taken upstream)
     - drop debian/patches/fix-network-rule-support.patch (taken upstream)
     - updated debian/patches/pass-compiler-flags.patch (partially upstream)
   * debian/control:
     - fix typo in long description (Closes: 711398).
     - removed duplicated Section entry for apparmor-easyprof.
     - add missing python Depends.
   * debian/rules:
     - dh_apache2 must execute before dh_strip and dh_fixperms.
     - improved repeat-build cleanup logic.
     - dh_python needs to be called on all packages installing scripts.
     - do not force python version 3.
   * Add debian/patches/fix-font-abstractions.patch (Closes: 714843).
   * Add debian/patches/raise-time-timeout.patch (Closes: 699774).
   * Drop debian/libapache2-mod-apparmor.lintian-overrides (not needed).
   * debian/*.manpages: move aa-exec.8 to apparmor from apparmor-utils.
   * debian/apparmor-utils.dirs: drop unused directories from aa-easyprof.
 apparmor (2.8.0-0ubuntu22) saucy; urgency=low
   * Refresh easyprof
     - drop 0034-easyprof-dont-add-vendor-dir.patch
     - drop 0035-easyprof-update-manpage-for-sdk-base.patch
   * debian/patches/0037-easyprof-sdk-pt2.patch: update easyprof for the
     - don't add vendor directory to self.templates and self.policy_groups
     - utils/aa-easyprof: adjust error message for manifest read failure
     - utils/aa-easyprof: adjust to use EnvironmentError on failed read of the
     - utils/apparmor/easyprof.py: clean up set_template()
     - utils/apparmor/easyprof.py: read_paths should use 'rk'
     - utils/test/test-aa-easyprof.py: adjust tests for above
     - utils/apparmor/easyprof.py
       + valid_path should verify os.path.normpath(path) == (path)
       + adjust valid_profile_name() to start with alpha-numeric and allow
         Debian source package names and version, plus '_'
       + adjust tests for above
     - update valid_variable() to check for valid_path if '/' is in the value
     - adjust valid_path() to have a relative_ok flag (default to False)
     - adjust valid_path() to verify path is same as normalized path
     - add some valid_path() test cases
     - adjust to always quote template vars in policy output
     - add a couple tests that have spaces in the binary and template var
     - update manifest JSON structure to use
       m['security']['profiles']['profile_name'] instead of
 apparmor (2.8.0-0ubuntu21) saucy; urgency=low
   * Apache 2.4 transition (LP: #1197617, Closes: 666808). Based on patch from
     - debian/control:
       + Build-Depends on apache2-dev and dh-apache2 instead of
       + adjust libapache2-mod-apparmor to not Depends on apache2.2-common
       + adjust libapache2-mod-apparmor to Pre-Depends: ${misc:Pre-Depends}
     - create debian/libapache2-mod-apparmor.apache2
     - debian/rules: adjust to use dh_apache2 --noenable
     - debian/libapache2-mod-apparmor.maintscript: remove old prefork profile
     - debian/libapache2-mod-apparmor.install: install new usr.sbin.apache2
     - debian/libapache2-mod-apparmor.{preinst,postinst,postrm}: update to use
     - debian/libapache2-mod-apparmor.postinst: remove the disable symlink for
       old prefork profile
     - debian/patches/0036-libapache2-mod-apparmor-profile-2.4.patch: update
       mod_apparmor man page to mention loading mpm_prefork, add new
       usr.sbin.apache2 profile and remove old prefork profile
   * debian/rules: honor DEB_BUILD_OPTIONS=nocheck
 apparmor (2.8.0-0ubuntu20) saucy; urgency=low
   * remove debian/patches/0033-add-ubuntu-sdk-abstractions.patch. We will
     for now ship policy groups instead of abstractions like this
   * debian/apparmor.maintscript: rm_conffile on ubuntu-sdk-base
   * debian/patches/0035-easyprof-update-manpage-for-sdk-base.patch: add
     sdk-base as a typical policy group
 apparmor (2.8.0-0ubuntu19) saucy; urgency=low
   * debian/patches/0034-easyprof-dont-add-vendor-dir.patch: don't add vendor
     directory to self.templates and self.policy_groups
   * debian/patches/0030-easyprof-sdk.patch: mentioned patch has been forwarded
 apparmor (2.8.0-0ubuntu18) saucy; urgency=low
   * debian/patches/0030-easyprof-sdk.patch: refreshed for the following:
     - man page updates
     - add --output-format=json option
     - add --verify-manifest
     - add --policy-version and --policy-vendor which to better work with
       vendor templates (ie, with apparmor-easyprof-ubuntu)
     - restructed JSON format (should be final version now). This converts
       abstractions and policy_groups to proper JSON lists and allows for
       multiple profiles in the JSON file, keyed off of the profile name
     - add --output-directory option as an alternative to stdout (particularly
       useful when using multiple profiles in a JSON file)
     - also remove ubuntu-sdk-base abstraction. This may move out but for now
       put it in a different patch
     - add verify_options() and some utility functions for input validation
     - unconditionally quote profile name and binary
     - remove Ubuntu-specific checks in verify_manifest and check profile_name
       with binary harder
   * debian/patches/0033-add-ubuntu-sdk-abstractions.patch: add ubuntu-sdk-base
 apparmor (2.8.0-0ubuntu17) saucy; urgency=low
   * debian/patches/0032-lp1195362.patch: don't pull in unused perl modules
     (LP: #1195362)
   * debian/rules: use dh_perl -d with libapparmor-perl to Depends on perl-base
     instead of perl
   * debian/patches/0030-easyprof-sdk.patch: update to remove the ubuntu
     specific templates and policy groups. These will be shipped in
   * debian/control: have apparmor-easyprof Depends on apparmor-easyprof-ubuntu
 apparmor (2.8.0-0ubuntu16) saucy; urgency=low
   * debian/patches/0030-easyprof-sdk.patch: update to have
     - /usr/share/icons/gnome/index.theme should have 'rk' added to qmlscene
       policy group
     - add ubuntu-sdk-html5 template
     - add qmlscene-webview policygroup
   * debian/patches/0031-move-poppler-cmap-to-fonts.patch: more than just
     gnome applications access /usr/share/poppler/cMap/**
 apparmor (2.8.0-0ubuntu15) saucy; urgency=low
   * move aa-exec out of apparmor-utils into apparmor, since we want it in the
     default install
     - debian/control: adjust Breaks/Replaces to use apparmor-utils
       <<2.8.0-0ubuntu15) and have apparmor Depends on libapparmor-perl
     - debian/apparmor.install: install aa-exec
     - debian/apparmor-utils.install: don't install aa-exec
 apparmor (2.8.0-0ubuntu14) saucy-proposed; urgency=low
   * debian/patches/0029-easyprof-update-for-aa-sandbox.patch: add aa-sandbox
     utility to source, but don't install yet. This includes code refactoring
     for easyprof, which is required for the next patch
   * debian/patches/0030-easyprof-sdk.patch: add SDK support to easyprof (don't
     include DBus includes yet)
   * create apparmor-easyprof package
     - adjust debian/control for new packages and Breaks/Replaces on
       apparmor-utils 2.8.0-0ubuntu14
     - create debian/apparmor-easyprof.install
     - debian/apparmor-utils.install: don't install easyprof. python libraries
       moved to easyprof for now since it is the only consumer
     - debian/apparmor-utils.manpages: move easyprof manpage to
     - debian/rules: dh_python3 should also run on apparmor-easyprof
   * debian/control: dh-apparmor should Depends on apparmor-easyprof
   * debian/debhelper/dh_apparmor: update to support --manifest argument
 apparmor (2.8.0-0ubuntu13) saucy-proposed; urgency=low
   * 0021-webapps_abstraction.patch: update to allow 'w' access to
     ~/.local/share/unity-webapps/availableapps*.db and 'rk' access to
     ~/.config/libaccounts-glib/accounts.db (LP: #1169633)
 apparmor (2.8.0-0ubuntu12) saucy; urgency=low
   * 0027-add-gnome-keyring-to-strict.patch: add @{HOME}/.gnome2/keyrings/** to
   * 0028-add-upstart-to-private.patch: deny writes to upstart user sessions
     jobs in abstractions/private-files
 apparmor (2.8.0-0ubuntu11) raring; urgency=low
   * 0025-update-pulseaudio-paths.patch: update path for pulseaudio directory
     and cookie files
   * 0026-add-vm_overcommit_memory.patch: add read access to
   * update 0001-add-chromium-browser.patch:
     - additional accesses required by newer chromium-browser. Patch based on
       work by Simon Deziel (LP: #1154164)
     - don't include abstractions already included via gnome abstraction
     - allow access to dconf/gsettings, required now
 apparmor (2.8.0-0ubuntu10) raring; urgency=low
   * debian/patches/0001-add-chromium-browser.patch: add accesses for chromium
     23 (LP: #1091862)
 apparmor (2.8.0-0ubuntu9) raring; urgency=low
   * debian/control: make libnotify-bin a Suggests rather than a Recommends
     since it is assumed to already be installed on the desktop and so server
     environments don't have to pull in a lot of X dependencies (LP: #1061879)
 apparmor (2.8.0-0ubuntu8) raring; urgency=low
   [ Steve Beattie ]
   * 0024-lp1091642-parser-reset_matchflags.patch: prevent reuse of
     matchflags in parser dfa backend and add testcase demonstrating the
     problem (LP: #1091642)
   [ Jamie Strandboge ]
   * debian/debhelper/postinst-apparmor: quote all occurences of #PROFILE#.
 apparmor (2.8.0-0ubuntu7) raring; urgency=low
   * Rebuild to drop python3.2 extension.
 apparmor (2.8.0-0ubuntu6) raring-proposed; urgency=low
   * Build python swig modules for all supported pythons.
   * Use dh_python2 instead of obsolete dh_python.
   * Remove duplicate chrpath from control.
   * Remove unneeded quilt dependency.
   * Bump standards version to 3.9.4, no changes needed.
 apparmor (2.8.0-0ubuntu5) quantal; urgency=low
   [ Micah Gersten ]
   * Allow /etc/vdpau_wrapper.cfg r and /var/lib/xine/gxine.desktop r
     in the multimedia browser abstraction (LP: #1057642)
     - update profiles/apparmor.d/abstractions/ubuntu-browsers.d/multimedia
   [ Steve Beattie ]
   * debian/control: make libnotify-bin a Recommends rather than a
     Depends for use in server environments (LP: #1061879)
   * debian/patches/0020-coredump_tests.patch: fix coredump regression
     tests (LP: #1050430)
   * debian/patches/0021-webapps_abstraction.patch: add a few items
     triggered by using and installing webapps in firefox (LP: #1056418)
   * debian/patches/0022-aa-decode-stdin.patch: fix aa-decode to process
     stdin correctly and decode encoded profiles names
 apparmor (2.8.0-0ubuntu4) quantal; urgency=low
   * Allow /var/lib/sss/mc/{group|passwd} for systems using sssd.
     (LP: #1056391)
 apparmor (2.8.0-0ubuntu3) quantal; urgency=low
   * remove 0010-lp972367.patch and 0012-lp964510.patch which should have been
     dropped in 2.8.0-0ubuntu1 since they are included upstream
   * debian/patches/0001-add-chromium-browser.patch:
     - add a couple of small accesses
     - add a child profile for xdgsettings (LP: #1045986)
 apparmor (2.8.0-0ubuntu2) quantal; urgency=low
   * 0015-fontconfig.patch: update fonts abstraction for new fontconfig paths
   * 0016-cap-block-suspend.patch: add CAP_BLOCK_SUSPEND to severity.db. In
     the next version of AppArmor, this will replace 0006-cap-epollwakeup.patch
   * 0017-gnome-poppler-data.patch: update gnome abstraction for poppler cMap
 apparmor (2.8.0-0ubuntu1) quantal; urgency=low
   * New upstream release
     - Drop the following patches, now included upstream:
   * Rename 0007-ubuntu-manpage-updates.patch to 0003
   * debian/patches/0005-lp1019274.patch: add python3 support. Patch based
     on work from Dmitrijs Ledkovs. (LP: #1019274)
   * debian/patches/0006-cap-epollwakeup.patch: adjust severity.db for
   * debian/patches/0007-setuptools-python3.patch: adjust setuptools-python3 to
     adjust scripts to use PYTHON if it is defined
   * debian/patches/0008-libapparmor-layout-deb.patch: use --install-layout=deb
     when calling setup.py
   * enable python3 in the build:
     - debian/rules:
       + use python3 as default PYTHON
       + build libapparmor with both python2 and python3
     - debian/control:
       + Build-Depends on python3-all-dev and python3
       + adjust apparmor to Depends on ${python3:Depends}
       + adjust apparmor-utils to Depends on ${python3:Depends}
       + add python3-libapparmor package
     - add debian/python3-libapparmor.install
     - debian/python-libapparmor.install: adjust to use python2 and
   * debian/patches/0009-lp1003856.patch: update ubuntu-browsers.d/java for
     IcedTea 7 (LP: #1003856)
   * debian/patches/0010-lp972367.patch: allow software center to work again
     from browsers (LP: #972367)
   * debian/patches/0011-lp1013887.patch: let sanitized helper work with
     /usr/local. Patch based on work by Reuben Thomas. (LP: #1013887)
   * debian/patches/0012-lp964510.patch: allow Google Chrome and
     chromium-browser to work under sanitized helper (LP: #964510)
   * debian/patches/0013-lp987578.patch: ubuntu-integration does not work
     properly with exo-open. Fix thanks to Mark Ramsell (LP: #987578)
   * debian/patches/0014-lp933440.patch: update skype example profile to work
     with latest skype. Based on work by Ivan Frederiks (LP: #933440)
 6623ffbb21c1483099a9aa811b122c62eaaae45f 2768 apparmor_2.8.0-1.dsc
 7a49a5fc2a46f6844bad74a83c9cfe93b8b32125 1462560 apparmor_2.8.0.orig.tar.gz
 f4832b5f1afa0a84ee812a2c9e4f905e7793c206 113922 apparmor_2.8.0-1.debian.tar.gz
 a639986429d95417ce46df12d4e535fe9b208f98 390882 apparmor_2.8.0-1_amd64.deb
 30d78155518335f8c2a4c30f2a9ee1a518e157fa 127002 apparmor-utils_2.8.0-1_amd64.deb
 ce5571e4e91769f9b98447b9439dfa8a8e31d063 52874 libapparmor-dev_2.8.0-1_amd64.deb
 d158ba4a0533b5d1119ed90bb33be68391a2c2a7 63156 libapparmor1_2.8.0-1_amd64.deb
 5d1170058c114516392489d1efad2c3eae20e423 60894 libapparmor-perl_2.8.0-1_amd64.deb
 d615262d65cddba51f6eeb0857e4ff82927f6c88 41094 libapache2-mod-apparmor_2.8.0-1_amd64.deb
 031b132cfd6a1793dff2d730dd2119b3db379f66 36634 libpam-apparmor_2.8.0-1_amd64.deb
 e3c0fbf7f0eab3f1d3bf10d8df53c2e21b69cf5c 56368 python-libapparmor_2.8.0-1_amd64.deb
 dcfddd6e428826770f467f60a581a7831f1f5964 77046 python3-libapparmor_2.8.0-1_amd64.deb
 28eeda95bfc387640ce587080eea3e1040de51d8 62514 apparmor-profiles_2.8.0-1_all.deb
 a13339eca981f656a148a4ba4bf5f40fb1db0d68 264220 apparmor-docs_2.8.0-1_all.deb
 2af825b33519b525ccb1709b1b5813cdade55079 40794 apparmor-notify_2.8.0-1_all.deb
 1abce6366df964655162c0db063edcbd70a936c3 35890 dh-apparmor_2.8.0-1_all.deb
 bcdb540d0b01d3540125890fdde2cb400ad126ea 48234 apparmor-easyprof_2.8.0-1_all.deb
 2c210ef9c47e9e78ea2e2b05d6975e4f2fa73fb92d24a9ddbbb43328f553c93f 2768 apparmor_2.8.0-1.dsc
 03e2e91fac17694635d25d7482e46db69320cd844590740073cf5fdfdd5379c6 1462560 apparmor_2.8.0.orig.tar.gz
 f9d60acfb74dffabe6656e2b96da12b0b2f85c3b7e0eb3d4f556d7b550948778 113922 apparmor_2.8.0-1.debian.tar.gz
 bf797b8a6a02122da79543c80a0d1669ae282bd6bfefc522b289e52f283738dc 390882 apparmor_2.8.0-1_amd64.deb
 353526f57fa37c9b9e5dd5a0cfb28fe369db2d160cb4cc44c2f474935f14a06e 127002 apparmor-utils_2.8.0-1_amd64.deb
 a7cb906520877e8aef5a9297de462c6d32d5cadc6477c84b3433941ddc49a8a5 52874 libapparmor-dev_2.8.0-1_amd64.deb
 3206c4c64a1593306e544da0b590aef12d124cc5921fc19563f31fbbfbd8b7b1 63156 libapparmor1_2.8.0-1_amd64.deb
 0a7428c9a2210989236eafb0a10a19a5c7e9dbb8124fd75518bdf8e1cb760225 60894 libapparmor-perl_2.8.0-1_amd64.deb
 b9fb8424fdaedb0dffc5d05dcf4399608a22d8c28ab443fe888d1fd6b9528397 41094 libapache2-mod-apparmor_2.8.0-1_amd64.deb
 adcca8369b5ccf98e361b4d7d5bd5b966b7bb5256f9039cf1937d3754b62cf45 36634 libpam-apparmor_2.8.0-1_amd64.deb
 ba180ddccb626eac4a75e1dc48291add59fbb1958b0812541b7a74c219c2fd3c 56368 python-libapparmor_2.8.0-1_amd64.deb
 99ef908907aa0b2668a9a46f4f2133f77625643ba6ab905f8a93bcdf03f775a7 77046 python3-libapparmor_2.8.0-1_amd64.deb
 e829ad2bb3a5f28508688425a3544a99074b4a270fc8a96d007fe1a9189dc061 62514 apparmor-profiles_2.8.0-1_all.deb
 01826750fb75e94eca06f6abe4f33816c6cbb4de28e6bac5b5d8c50967613d8d 264220 apparmor-docs_2.8.0-1_all.deb
 2c8ca068f0b118546d2041ed53097e0c3c693a7511ec1bf3b833012e8733dad4 40794 apparmor-notify_2.8.0-1_all.deb
 50c6aac8a8b22d6c4d0f6a1879c406e5f53ca2fea24cbb4c98651badc2294cf6 35890 dh-apparmor_2.8.0-1_all.deb
 e20aa8e56ac441940a4da225f5f4aff3fdfdf3e29af5716d8998b62d618ea2ef 48234 apparmor-easyprof_2.8.0-1_all.deb
 33f08db8f9cc59dea0f013dac1cdf15a 2768 admin extra apparmor_2.8.0-1.dsc
 eaf90c52992df3d205a753b2933595fe 1462560 admin extra apparmor_2.8.0.orig.tar.gz
 e3a2dfb401deb81ef45b09a0ccc1e0a0 113922 admin extra apparmor_2.8.0-1.debian.tar.gz
 7b7cd44769c3243b82f2df8a2bd99c34 390882 admin extra apparmor_2.8.0-1_amd64.deb
 355df2000cd8ded4864d979277a73af2 127002 admin extra apparmor-utils_2.8.0-1_amd64.deb
 86b4cf5f1f5463cbbaada0abd2b1b623 52874 libdevel extra libapparmor-dev_2.8.0-1_amd64.deb
 cc17354094faeda38a75fb89d62caf53 63156 libs extra libapparmor1_2.8.0-1_amd64.deb
 e25723a98a0486f0066d53e61b550af6 60894 perl extra libapparmor-perl_2.8.0-1_amd64.deb
 f1b6b6d491cac4e5f30bd4709b9fc637 41094 libs extra libapache2-mod-apparmor_2.8.0-1_amd64.deb
 efd39179759bf778947d3b6e6473b9ca 36634 libs extra libpam-apparmor_2.8.0-1_amd64.deb
 a28e38e2ccb00c131c67a28ccc8a9a32 56368 python extra python-libapparmor_2.8.0-1_amd64.deb
 8700d3b3c8d2eecefea53907b718b821 77046 python extra python3-libapparmor_2.8.0-1_amd64.deb
 4538d6d446b166e0619d207f8a0af192 62514 admin extra apparmor-profiles_2.8.0-1_all.deb
 610db9cd8088467321cf32034c8ca49b 264220 doc extra apparmor-docs_2.8.0-1_all.deb
 74beea308c9177486cbb7a2d1c696681 40794 admin extra apparmor-notify_2.8.0-1_all.deb
 8be6433fd2f834867212a29640dc83fd 35890 devel extra dh-apparmor_2.8.0-1_all.deb
 d065be3e439bacec50b8ca698a2abc08 48234 admin extra apparmor-easyprof_2.8.0-1_all.deb

Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Kees Cook <kees@outflux.net>


Reply to: