Publishing details
Changelog
apparmor (3.0.4-2ubuntu2.4) jammy-security; urgency=medium
* SECURITY UPDATE: Excessive permissions with mount rules (LP: #1597017)
- d/p/CVE-2016-1585/Merge-Fix-mount-rules-encoding.patch: fix mount
rules encoding in parser/mount.cc, parser/mount.h, parser/parser.h
and fix multiple test cases in parser/tst/simple_tests/mount/*.
- d/p/CVE-2016-1585/Support-rule-qualifiers-in-regression-tests.patch:
update rule qualifiers in regression tests in
tests/regression/apparmor/mkprofile.pl and
tests/regression/apparmor/capabilities.sh.
- d/p/CVE-2016-1585/Merge-expand-mount-tests.patch: expand mount
regression tests in tests/regression/apparmor/mount.c,
tests/regression/apparmor/mount.sh and
tests/regression/apparmor/mkprofile.pl.
- d/p/CVE-2016-1585/Check-for-newer-mount-options-in-regression-test.patch:
add check for newer mount options in regression tests in
tests/regression/apparmor/Makefile, tests/regression/apparmor/mount.c
and tests/regression/apparmor/mount.sh.
- d/p/CVE-2016-1585/Merge-Issue-312-added-missing-kernel-mount-options.patch:
add missing kernel mount options flag in parser/apparmor.d.pod,
parser/mount.cc, parser/mount.h, tests/regression/apparmor/mount.sh
and parser/tst/simple_tests/mount/*.
- d/p/CVE-2016-1585/Merge-extend-test-profiles-for-mount.patch: update
test profiles in parser/tst/simple_tests/mount/*.
- d/p/CVE-2016-1585/Merge-parser-fix-parsing-of-source-as-mount-point-fo.patch:
update gen_policy_change_mount_type() in parser/mount.cc and also
updated tests on parser/tst/simple_tests/mount/* and
tests/regression/apparmor/mount.sh.
- d/p/CVE-2016-1585/parser-Deprecation-warning-should-not-have-been-back.patch:
remove deprecation warning message in parser/mount.cc.
- d/p/CVE-2016-1585/parser-fix-rule-flag-generation-change_mount-type-ru.patch:
add device checks in gen_flag_rules() in parser/mount.cc and tests
in parser/tst/simple_tests/mount/*, parser/tst/equality.sh,
tests/regression/apparmor/mount.sh and
utils/test/test-parser-simple-tests.py.
- CVE-2016-1585
-- Rodrigo Figueiredo Zaiden <email address hidden> Tue, 06 Mar 2024 15:35:00 -0300
Builds
Built packages
-
apparmor
user-space parser utility for AppArmor
-
apparmor-dbgsym
debug symbols for apparmor
-
apparmor-notify
AppArmor notification system
-
apparmor-profiles
experimental profiles for AppArmor security policies
-
apparmor-utils
utilities for controlling AppArmor
-
dh-apparmor
AppArmor debhelper routines
-
libapache2-mod-apparmor
changehat AppArmor library as an Apache module
-
libapache2-mod-apparmor-dbgsym
debug symbols for libapache2-mod-apparmor
-
libapparmor-dev
AppArmor development libraries and header files
-
libapparmor1
changehat AppArmor library
-
libapparmor1-dbgsym
debug symbols for libapparmor1
-
libpam-apparmor
changehat AppArmor library as a PAM module
-
libpam-apparmor-dbgsym
debug symbols for libpam-apparmor
-
python3-apparmor
AppArmor Python3 utility library
-
python3-libapparmor
AppArmor library Python3 bindings
-
python3-libapparmor-dbgsym
debug symbols for python3-libapparmor
Package files