https://gitlab.com/apparmor/apparmor/-/merge_requests/589

commit ae012502095596df4675555da635c868e3b3c04a
Author: Christian Boltz <apparmor@cboltz.de>
Date:   Fri Aug 7 22:37:19 2020 +0200

    Add CAP_BPF and CAP_PERFMON to severity.db
    
    These capabilities were introduced in Linux 5.8
    
    References: https://bugs.launchpad.net/bugs/1890547

diff --git a/utils/severity.db b/utils/severity.db
index 3c028400..3e07d44e 100644
--- a/utils/severity.db
+++ b/utils/severity.db
@@ -2,6 +2,7 @@
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
 #    Copyright (C) 2014 Canonical Ltd.
+#    Copyright (C) 2020 Christian Boltz
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -28,6 +29,7 @@
        CAP_SETGID 9
        CAP_SETUID 9
        CAP_FOWNER 9
+       CAP_BPF 9
 # Denial of service, bypass audit controls, information leak
        CAP_SYS_TIME 8
        CAP_NET_ADMIN 8
@@ -49,6 +51,7 @@
        CAP_BLOCK_SUSPEND 8
        CAP_DAC_READ_SEARCH 7
        CAP_AUDIT_READ 7
+       CAP_PERFMON 7
 # unused
        CAP_NET_BROADCAST 0