- add apparmor-changes-since-2.9.1.diff with upstream fixes since the
2.9.1 release
- update logparser.py to support changed syslog format (lp#1399027)
- update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles
(lp#1296667)
- update the mysqld profile
- fix network rule description in apparmor.d(5) manpage
- drop upstreamed dnsmasq-profile-fixes.patch
- update expired GPG key
Also add a missing bnc number in the Jan 1 2015 changelog entry.
OBS-URL: https://build.opensuse.org/request/show/282163
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=80
- pull in upstream fixes since the 2.9.1 release
- update logparser.py to support changed syslog format (lp#1399027)
- update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667)
- update the mysqld profile
- fix network rule description in apparmor.d(5) manpage
- drop upstreamed dnsmasq-profile-fixes.patch
- update expired GPG key
Also add a missing bnc number in the Jan 1 2015 changelog entry.
OBS-URL: https://build.opensuse.org/request/show/282158
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=118
- update to AppArmor 2.9.0 (r2759)
- change aa-mergeprof to the final commandline syntax
- lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several
bugs without a formal bugreport)
- small additions to gnome, freedesktop.org, ubuntu-browsers.d/java
and user-mail abstractions
- fix mod_apparmor to not break basic auth
- update perl modules to support signal, unix and ptrace rules (bnc#900013)
- don't warn about rules not supported by the kernel
- fix logging of "audit capability" (lp#1378091)
- add support for the "hat" keyword in apparmor.vim
- build html version of apparmor.vim manpage again (lp#1366572)
- see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0
- update apparmor-abstractions-no-multiline.diff
- remove upstreamed apparmor-profiles-ntpd-pid-location.diff
- add apparmor-abstractions-no-multiline.diff: change all multiline
rules into one line. Needed for yast2-apparmor (bnc#900013) (forwarded request 257520 from cboltz)
OBS-URL: https://build.opensuse.org/request/show/257521
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=75
- update to AppArmor 2.9.0 (r2759)
- change aa-mergeprof to the final commandline syntax
- lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several
bugs without a formal bugreport)
- small additions to gnome, freedesktop.org, ubuntu-browsers.d/java
and user-mail abstractions
- fix mod_apparmor to not break basic auth
- update perl modules to support signal, unix and ptrace rules (bnc#900013)
- don't warn about rules not supported by the kernel
- fix logging of "audit capability" (lp#1378091)
- add support for the "hat" keyword in apparmor.vim
- build html version of apparmor.vim manpage again (lp#1366572)
- see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0
- update apparmor-abstractions-no-multiline.diff
- remove upstreamed apparmor-profiles-ntpd-pid-location.diff
- add apparmor-abstractions-no-multiline.diff: change all multiline
rules into one line. Needed for yast2-apparmor (bnc#900013)
OBS-URL: https://build.opensuse.org/request/show/257520
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=104
- update to AppArmor 2.8.97 (aka 2.9 beta3 aka r2721)
- several bugfixes in python and C tools
- rename "__unused" to "unused" in apparmor_parser to fix compilation
on openSUSE <= 13.1 x86_64 (bnc#895495)
- usr.lib.dovecot.auth profile: allow access to auth-token-secret.dat
- various small profile improvements
- update and add several testcases
- drop upstreamed patch apparmor-profiles-dnsmasq-iface-mtu.patch
- re-number remaining patches
- split apparmor-profiles package into -profiles and -abstractions
Please also forward this SR to 13.2
OBS-URL: https://build.opensuse.org/request/show/254060
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=73
- update to AppArmor 2.8.97 (aka 2.9 beta3 aka r2721)
- several bugfixes in python and C tools
- rename "__unused" to "unused" in apparmor_parser to fix compilation
on openSUSE <= 13.1 x86_64 (bnc#895495)
- usr.lib.dovecot.auth profile: allow access to auth-token-secret.dat
- various small profile improvements
- update and add several testcases
- drop upstreamed patch apparmor-profiles-dnsmasq-iface-mtu.patch
- re-number remaining patches
OBS-URL: https://build.opensuse.org/request/show/254059
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=100
- update to AppArmor 2.8.96 (aka 2.9 beta2 aka r2652)
- add unix abstract sockets, ptrace, and signal policy generation
- several bugfixes in the python tools and elsewhere
- move program-chunks/postfix-common to abstractions/
- drop upstreamed patches:
- apparmor-profiles-clustered-samba.diff
- perl-apparmor-fix-bare-network-keyword-handling.diff
- perl-apparmor-handle-bare-capability-keyword.diff
- perl-apparmor-properly-handle-bare-file-keyword.diff
- re-enable installation of perl modules
- move python modules to python3-apparmor package
- create symlinks without aa- prefix only for tools existing in 2.8.x,
but not for new tools added in 2.9
- make utils filelist explicit to ensure we have the right set of files
without aa- prefix in sbindir
- switch easyprof python module location to python3
- drop unused defines APPARMOR_DOC_DIR and JNI_SO
- refresh patches:
- apparmor-utils-string-split (file moved)
- apparmor-profiles-dnsmasq-iface-mtu.patch
- apparmor-2.5.1-edirectory-profile
(prepared Thu Mar 20 23:35:03 UTC 2014 in home project)
- update to AppArmor 2.8.95 (aka 2.9 beta1)
- complete rewrite of the aa-* tools in python
- new tools: aa-cleanprof, aa-mergeprof
- extra profiles moved to /usr/share/apparmor/extra-profiles/ (bnc#713647)
- and much more, but there's no upstream changelog yet
- drop upstreamed patches and files:
- usr.sbin.winbindd
- usr.lib.dovecot.*, tunables-dovecot, apparmor-profiles-dovecot-bnc851984.diff
- apparmor-init.py-gsoc.diff
- apparmor-2.8.2-nm-dnsmasq-config.patch
- add %bcond_with perl and disable the perl subpackage temporarily (the perl
modules will be back in beta2)
- drop the apparmorapplet-gnome, apparmor-dbus and profile-editor subpackages
(they were disabled since a long time, and upstream no longer ships their code)
and the apparmor-profile-editor.desktop and apparmor-profile-editor.png files
- drop apparmor-utils-subdomain-compat patch (was only included for <= 12.1)
- remove libimmunix Provides/Obsoletes (libimmunix was a compat wrapper
and got finally dropped)
- refresh apparmor-samba-include-permissions-for-shares.diff and
apparmor-2.5.1-edirectory-profile (forwarded request 247917 from cboltz)
OBS-URL: https://build.opensuse.org/request/show/247918
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=72
- update to AppArmor 2.8.96 (aka 2.9 beta2 aka r2652)
- add unix abstract sockets, ptrace, and signal policy generation
- several bugfixes in the python tools and elsewhere
- move program-chunks/postfix-common to abstractions/
- drop upstreamed patches:
- apparmor-profiles-clustered-samba.diff
- perl-apparmor-fix-bare-network-keyword-handling.diff
- perl-apparmor-handle-bare-capability-keyword.diff
- perl-apparmor-properly-handle-bare-file-keyword.diff
- re-enable installation of perl modules
- move python modules to python3-apparmor package
- create symlinks without aa- prefix only for tools existing in 2.8.x,
but not for new tools added in 2.9
- make utils filelist explicit to ensure we have the right set of files
without aa- prefix in sbindir
- switch easyprof python module location to python3
- drop unused defines APPARMOR_DOC_DIR and JNI_SO
- refresh patches:
- apparmor-utils-string-split (file moved)
- apparmor-profiles-dnsmasq-iface-mtu.patch
- apparmor-2.5.1-edirectory-profile
(prepared Thu Mar 20 23:35:03 UTC 2014 in home project)
- update to AppArmor 2.8.95 (aka 2.9 beta1)
- complete rewrite of the aa-* tools in python
- new tools: aa-cleanprof, aa-mergeprof
- extra profiles moved to /usr/share/apparmor/extra-profiles/ (bnc#713647)
- and much more, but there's no upstream changelog yet
- drop upstreamed patches and files:
- usr.sbin.winbindd
- usr.lib.dovecot.*, tunables-dovecot, apparmor-profiles-dovecot-bnc851984.diff
- apparmor-init.py-gsoc.diff
- apparmor-2.8.2-nm-dnsmasq-config.patch
- add %bcond_with perl and disable the perl subpackage temporarily (the perl
modules will be back in beta2)
- drop the apparmorapplet-gnome, apparmor-dbus and profile-editor subpackages
(they were disabled since a long time, and upstream no longer ships their code)
and the apparmor-profile-editor.desktop and apparmor-profile-editor.png files
- drop apparmor-utils-subdomain-compat patch (was only included for <= 12.1)
- remove libimmunix Provides/Obsoletes (libimmunix was a compat wrapper
and got finally dropped)
- refresh apparmor-samba-include-permissions-for-shares.diff and
apparmor-2.5.1-edirectory-profile
OBS-URL: https://build.opensuse.org/request/show/247917
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=97
V2 (supersedes 247613)
This patch fixes bnc#892374, which I'd like to fix for SLE12, but
needs submitted here first.
The patch adds a (IMO) necessary rule to the dnsmasq profile,
question is whether I got the syntax right. If so, please accept
this request and forward the patch upstream. Thanks!
- add apparmor-profiles-dnsmasq-iface-mtu.patch to allow dnsmasq
read access to interface mtu in
/proc/sys/net/ipv6/conf/<ifacename>/mtu
(bnc#892374)
OBS-URL: https://build.opensuse.org/request/show/247625
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=95
- update to AppArmor 2.8.3 (r2122) bugfix release
- fix some cache clearing bugs in apparmor_parser
- various fixes in mod_apparmor
- several profile updates, most of them were already included as patches
(except abstractions/winbind (bnc#863226), abstractions/fonts and
abstractions/p11-kit)
- see http://wiki.apparmor.net/index.php/ReleaseNotes_2_8_3 for all details
- update partially upstreamed apparmor-2.8.2-nm-dnsmasq-config.patch
- remove upstream(ed) patches
- apparmor-2.8.2-fix-ntpd-profile.diff
- apparmor-abstractions-r2089-r2090.diff
- apparmor-abstractions-ssl_certs.diff
- apparmor-fix-url-in-manpages-r2093.diff
- apparmor-no-perl-smartmatch-r2088.diff
- apparmor-profiles-dnsmasq.diff
- apparmor-profiles-ntpd-r2103.diff
- apparmor-profiles-samba-create-dirs.diff
- apparmor-profiles-samba4.diff
- apparmor-unconfined-lang-r2094.diff
- apparmor-utils-po-de-r2091.diff
OBS-URL: https://build.opensuse.org/request/show/222647
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=65
- update to AppArmor 2.8.3 (r2122) bugfix release
- fix some cache clearing bugs in apparmor_parser
- various fixes in mod_apparmor
- several profile updates, most of them were already included as patches
(except abstractions/winbind (bnc#863226), abstractions/fonts and
abstractions/p11-kit)
- see http://wiki.apparmor.net/index.php/ReleaseNotes_2_8_3 for all details
- update partially upstreamed apparmor-2.8.2-nm-dnsmasq-config.patch
- remove upstream(ed) patches
- apparmor-2.8.2-fix-ntpd-profile.diff
- apparmor-abstractions-r2089-r2090.diff
- apparmor-abstractions-ssl_certs.diff
- apparmor-fix-url-in-manpages-r2093.diff
- apparmor-no-perl-smartmatch-r2088.diff
- apparmor-profiles-dnsmasq.diff
- apparmor-profiles-ntpd-r2103.diff
- apparmor-profiles-samba-create-dirs.diff
- apparmor-profiles-samba4.diff
- apparmor-unconfined-lang-r2094.diff
- apparmor-utils-po-de-r2091.diff
OBS-URL: https://build.opensuse.org/request/show/222637
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=80
