SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pam_apparmor-3.1.6-490.1.x86_64.rpm :

* Tue Jul 25 2023 David Disseldorp - Add pam_apparmor README, referenced from online cha-apparmor-pam.html documentation (bsc#1213472)
* Thu Jun 22 2023 Christian Boltz - update to AppArmor 3.1.6 (jsc#PED-5600) - fix regression in mount rules (boo#1211989) - some additions to the base and authentification abstractions - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.6 for the full upstream changelog
* Sun Jun 11 2023 Christian Boltz - update to AppArmor 3.1.5 - fix handling of mount rules in apparmor_parser - minor additions to abstractions/base and snap_browsers - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.5 for the full upstream changelog- remove upstreamed aa-status-fix-json-mr1046.patch- split off apparmor-enable-precompiled-cache.diff from apparmor-enable-profile-cache.diff so that the precompiled cache path doesn\'t get added in parser.conf for Tumbleweed builds. This prevents a warning about the non-existing directory when loading profiles.
* Tue Jun 06 2023 Christian Boltz - fix aa-status --json output (aa-status-fix-json-mr1046.patch, boo#1211980#c12)
* Mon May 29 2023 Christian Boltz - update to AppArmor 3.1.4 - parser: fix mount rules encoding (CVE-2016-1585) - aa-logprof: fix error when choosing named exec with plain profile names - aa-status: fix json output - several fixes for profiles and abstractions - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.4 for the full upstream changelog
* Thu May 04 2023 Frederic Crozat - Add _multibuild to define additional spec files as additional flavors. Eliminates the need for source package links in OBS.
* Tue Feb 28 2023 Christian Boltz - update to AppArmor 3.1.3 - add support for more audit.log formats in libapparmor - add abstractions/groff (boo#1065388) - various additions in abstractions and profiles - several bug fixes in parser and utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.3 for the detailed upstream changelog- drop upstreamed patches: - abstractions-openssl-1_1.diff - dnsmasq-cpu-possible.diff - nscd-systemd-userdb.diff
* Mon Feb 06 2023 Christian Boltz - add abstractions-openssl-1_1.diff: allow to read /etc/ssl/openssl-1_1.cnf in abstractions/openssl (boo#1207911)
* Mon Jan 30 2023 Christian Boltz - add nscd-systemd-userdb.diff: allow nscd to read systemd-userdb (boo#1207698)
* Tue Dec 27 2022 Ludwig Nussel - Replace transitional %usrmerged macro with regular version check (boo#1206798)
* Tue Nov 22 2022 Christian Boltz - update to AppArmor 3.1.2 - lots of cleanups, improvements and bugfixes in all areas - rework internal profile storage and handling in the aa-
* tools - support boolean variable definitions in the aa-
* tools - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.1 and https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.2 for the detailed upstream changelog- remove upstream(ed) patches: - apparmor-3.0.7-egrep.patch - dnsmasq.diff - profiles-permit-php-fpm-pid-files-directly-under-run.patch - zgrep-profile-mr870.diff- no longer ship precompiled profile cache for Tumbleweed (boo#1205659)- BuildRequire iproute2 (needed for aa-unconfined tests)
* Sun Sep 04 2022 Andreas Stieger - aa-decode: use grep -E instead of deprecated egrep (boo#1203092) add apparmor-3.0.7-egrep.patch
* Sun Aug 28 2022 Christian Boltz - update to AppArmor 3.0.7 - fix setuptools version detection in buildpath.py - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.7 for the detailed upstream changelog- add dnsmasq-cpu-possible.diff: allow reading /sys/devices/system/cpu/possible in dnsmasc//libvirt-leaseshelper profile (boo#1202849)
* Fri Aug 26 2022 David Disseldorp - add profiles-permit-php-fpm-pid-files-directly-under-run.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/914 (bsc#1202344)
* Fri Aug 19 2022 Ben Greiner - skip code linting for packaging
* removes pyflakes from the build requirements and thus Ring1
* see also https://gitlab.com/apparmor/apparmor/-/issues/121
* Mon Aug 08 2022 Christian Boltz - add dnsmasq.diff: missing r permissions for dnsmasq//libvirt-leaseshelper (boo#1202161)
* Mon Aug 01 2022 Christian Boltz - update to AppArmor 3.0.6 - fix LTO build in the parser - remove dbus deny rule in abstractions/exo-open - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.6 for the detailed upstream changelog- drop upstream patch dirtest-sort-mr900.diff
* Mon Jul 25 2022 Christian Boltz - update to AppArmor 3.0.5 - several additions to profiles and abstractions - bugfixes in parser and utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.5 for the detailed upstream changelog- remove upstream(ed) patchs: - apparmor-setuptools61-mr897.patch - dovecot-profiles-boo1199535-mr881.diff - php8-fpm-mr876.patch - python310-help-mr848.patch - samba-new-dcerpcd.patch - samba_deny_net_admin.patch - update-samba-bgqd.diff - update-usr-sbin-smbd.diff- apparmor-samba-include-permissions-for-shares.diff: remove upstreamed part- add dirtest-sort-mr900.diff to fix random test failures- change apache-extra-profile-include-if-exists.diff to the post-mv path (new quilt executes mv)- stop disabling lto (fixed upstream) (boo#1133091)- package profile-load script in -parser
* Fri Jul 15 2022 Ben Greiner - Add apparmor-setuptools61-mr897.patch https://gitlab.com/apparmor/apparmor/-/merge_requests/897- Add buildtime dependencies on python-rpm-macros and setuptools
* Tue Jun 28 2022 Christian Boltz - update zgrep-profile-mr870.diff: allow zgrep to execute egrep and fgrep (poo#113108)
* Sun May 15 2022 Christian Boltz - add dovecot-profiles-boo1199535-mr881.diff: update dovecot profiles for latest dovecot (boo#1199535)
* Wed May 11 2022 Noel Power - Update samba-new-dcerpcd.patch for aarch64 which needs some additional rules; (bnc#1198309).
* Sun May 08 2022 Ben Greiner - Add python310-help-mr848.patch so that Tumbleweed can switch python3 to Python 3.10 (https://gitlab.com/apparmor/apparmor/-/merge_requests/848)
* Fri Apr 29 2022 Christian Boltz - add php8-fpm-mr876.patch so that php8 php-fpm can read its config (boo#1186267#c11)- parser: add conflict with apparmor-utils < 3.0 to avoid aa-status file conflict on upgrade (boo#1198958)- utils: add missing dependency on apparmor-parser (boo#1198958#c4)
* Wed Apr 27 2022 Dominique Leuenberger - Enhance zgrep-profile-mr870.diff to also allow/support zstd (boo#1198922).
* Sat Apr 16 2022 Christian Boltz - update zgrep-profile-mr870.diff to allow executing \'expr\' (boo#1198531)
* Wed Apr 13 2022 Noel Power - Add samba-new-dcerpcd.patch, samba-4.16 has a new dcerpcd daemon which now will spawn new additional services on demand. We need to modify the existing smbd/winbind profiles and additionally add a new set of profiles to cater for the new functionality; (bnc#1198309);
* Mon Apr 11 2022 Noel Power - Add samba_deny_net_admin.patch to add new rule to deny noisy setsockopt calls from systemd; (bnc#1196850).
* Sun Apr 10 2022 Christian Boltz - add profile for zgrep and xzgrep to prevent CVE-2022-1271 (zgrep-profile-mr870.diff)
* Tue Mar 29 2022 Christian Boltz - ensure precompiled cache files are newer than (text) profiles- reload profiles in %posttrans instead of %post to ensure both - profiles and -abstractons package are updated before the cache in /var/cache/apparmor/ gets built (boo#1195463 #c20)
* Thu Mar 24 2022 Noel Power - Add update-samba-bgqd.diff to add new rule to fix \'DENIED\' open on /proc/{pid}/fd for samba-bgqd (bnc#1196850).- Add update-usr-sbin-smbd.diff to add new rule to allow reading of openssl.cnf (bnc#1195463).
* Thu Feb 10 2022 Christian Boltz - update to AppArmor 3.0.4 - various fixes in profiles, abstractions, apparmor_parser and utils (some of them were already included as patches) - add support for mctp address family - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.4 for the full upstream changelog- remove upstream(ed) patches: - aa-notify-more-arch-mr809.diff - ruby-3.1-build-fix.diff - add-samba-bgqd.diff - openssl-engdef-mr818.diff - profiles-python-3.10-mr783.diff - update-samba-abstractions-ldb2.diff- refresh patches: - apparmor-samba-include-permissions-for-shares.diff - ruby-2_0-mkmf-destdir.patch
* Wed Jan 26 2022 Christian Boltz - add ruby-3.1-build-fix.diff: fix build with ruby 3.1 (boo#1194221, MR 827)
* Mon Jan 17 2022 Samuel Cabrero - add update-samba-abstractions-ldb2.diff: Cater for changes to ldb packaging to allow parallel installation with libldb (bsc#1192684).
* Mon Dec 20 2021 Noel Power - Modify add-samba-bgqd.diff: Add new rule to fix new \"DENIED operation=\"file_mmap\" violation in SLE15-SP4; (bsc#1192336).
* Sun Dec 19 2021 Christian Boltz - add openssl-engdef-mr818.diff: Allow reading /etc/ssl/engdef.d/ and /etc/ssl/engines.d/ in abstractions/openssl which were introduced with the latest openssl update
* Tue Nov 09 2021 Christian Boltz - add aa-notify-more-arch-mr809.diff: Add support for reading s390x and aarch64 wtmp files (boo#1181155)
* Fri Oct 15 2021 Christian Boltz - add add-samba-bgqd.diff: add profile for samba-bgqd (boo#1191532)
* Sat Sep 18 2021 Christian Boltz - lessopen.sh profile: allow reading files that live on NFS over UDP (added to apparmor-lessopen-nfs-workaround.diff) (boo#1190552)
* Wed Aug 11 2021 Christian Boltz - add profiles-python-3.10-mr783.diff: update abstractions/python and profiles for python 3.10
* Sat Aug 07 2021 Christian Boltz - update to AppArmor 3.0.3 - fix a failure in the parser tests - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.3 for the detailed upstream changelog
* Fri Aug 06 2021 Christian Boltz - update to AppArmor 3.0.2 - add missing permissions to several profiles and abstractions (including boo#1188296) - bugfixes in utils and parser (including boo#1180766 and boo#1184779) - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.2 for the detailed upstream changelog- remove upstreamed patches: - apparmor-dovecot-stats-metrics.diff - abstractions-php8.diff - crypto-policies-mr720.diff
* Thu Jul 15 2021 Michael Ströder - added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point
* Mon Jun 07 2021 Christian Boltz - move Requires: python3 back to the python3-apparmor subpackage - readline usage is in the python modules, not in apparmor-utils
* Tue May 25 2021 Matej Cepl - Remove python symbols (python means currently python2), work only with python3 ones (fallout from bsc#1185588).
* Fri May 21 2021 Christian Boltz - add abstractions-php8.diff to support PHP8 in abstractions/php (boo#1186267)
* Tue Apr 27 2021 Christian Boltz - add crypto-policies-mr720.diff to allow reading crypto policies in abstractions/ssl_certs (boo#1183597)
* Sat Mar 27 2021 Christian Boltz - replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in systemd into containers just because apparmor-parser ships a
*.service file
* Thu Feb 11 2021 Christian Boltz - merge libapparmor.changes into apparmor.changes
* Mon Feb 08 2021 Ludwig Nussel - avoid file listed twice error
* Tue Feb 02 2021 Christian Boltz - define %_pamdir for <= 15.x to fix the build on those releases
* Fri Jan 22 2021 Christian Boltz - add apache-extra-profile-include-if-exists.diff: make include in apache extra profile optional to avoid problems with empty profile directory (boo#1178527)
* Wed Jan 13 2021 Ludwig Nussel - prepare usrmerge (boo#1029961)
* use %_pamdir
* Wed Dec 02 2020 Christian Boltz - update to AppArmor 3.0.1 - minor additions to profiles and abstractions - some bugfixes in libapparmor, apparmor_parser and the aa-
* utils - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1 for the detailed upstream changelog- removed upstream(ed) patches: - changes-since-3.0.0.diff - extra-profiles-fix-Pux.diff - utils-fix-hotkey-conflict.diff
* Wed Dec 02 2020 Dominique Leuenberger - Use apache provided variables for the module_directry: + Use %apache_libexecdir + Add apache-rpm-macros BuildRequires
* Sat Oct 31 2020 Christian Boltz - add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in de, id and sv translations (and fix the test) (MR 675)- add extra-profiles-fix-Pux.diff to fix an inactive profile - prevents a crash in aa-logprof and aa-genprof when creating a new profile (MR 676)
* Sun Oct 25 2020 Christian Boltz - update to AppArmor 3.0.0 - introduce feature abi declaration in profiles to enable use of new rule types (for openSUSE: dbus and unix rules) - support xattr attachment conditionals - experimental support for kill and unconfined profile modes - rewritten aa-status (in C), including support for new profile modes - rewritten aa-notify (in python), finally dropping the perl requirement at runtime - new tool aa-features-abi for extracting feature abis from the kernel - update profiles to have profile names and to use 3.0 feature abi - introduce AATT{etc_ro} and AATT{etc_rw} profile variables - new profile for php-fpm - several updates to profiles and abstractions (including boo#1166007) - fully support \'include if exists\' in the aa-
* tools - rewrite handling of alias, include, link and variable rules in the aa-
* tools - rewrite and simplify log handling in the aa-logprof and aa-genprof - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 for the detailed upstream changelog- patches: - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0 release up to 3e18c0785abc03ee42a022a67a27a085516a7921 - drop upstreamed usr-etc-abstractions-base-nameservice.diff - drop 2.13-only libapparmor-so-number.diff - refresh apparmor-enable-profile-cache.diff - partially upstreamed - update apparmor-samba-include-permissions-for-shares.diff and apparmor-lessopen-profile.patch - switch to \"include if exists\" - apparmor-lessopen-profile.patch: add abi rule to lessopen profile - refresh apparmor-lessopen-nfs-workaround.diff- move away very loose apache profile that doesn\'t even match the apache2 binary path in openSUSE to avoid confusion (boo#872984)- move rewritten aa-status from utils to parser subpackage- add aa-features-abi to parser subpackage- replace perl and libnotify-tools requires with requiring python3-notify2 and python3-psutil (needed by the rewritten aa-notify)- drop ancient cleanup for /etc/init.d/subdomain from parser %pre- drop (never enabled) conditionals to build with python2 and to build the python-apparmor subpackage (upstream dropped python2 support)- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed- set PYFLAKES path for utils check- add precompiled_cache build conditional to allow faster local builds without using kvm- remove duplicated BuildRequires: swig
* Sat Oct 17 2020 Christian Boltz - update to AppArmor 2.13.5 - add missing permissions to several profiles and abstractions - bugfixes in parser and tools - fix two potential build failures in libapparmor - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5 for the detailed upstream changelog- remove upstream(ed) patches - changes-since-2.13.4.diff - abstractions-X-xauth-mr582.diff - sevdb-caps-mr589.diff - libvirt-leaseshelper.patch - cap_checkpoint_restore.diff- add libapparmor-so-number.diff to fix libapparmor so version (!658)
* Wed Oct 14 2020 Christian Boltz - add CAP_CHECKPOINT_RESTORE to severity.db (MR 656, cap_checkpoint_restore.diff)
* Thu Oct 08 2020 Christian Boltz - %service_del_postun_without_restart only works for Tumbleweed, keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x
* Fri Sep 11 2020 Franck Bui - Make use of %service_del_postun_without_restart And stop using DISABLE_RESTART_ON_UPDATE as this interface is obsolete.
* Thu Sep 03 2020 James Fehlig - libvirt-leaseshelper.patch: add /usr/libexec as a path to the libvirt leaseshelper script (jsc#SLE-14253)
* Fri Aug 07 2020 Christian Boltz - sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON to severity.db (lp#1890547)
* Mon Jul 20 2020 Christian Boltz - add abstractions-X-xauth-mr582.diff to allow reading the xauth file from its new sddm location (boo#1174290, boo#1174293)
* Thu May 21 2020 Christian Boltz - add changes-since-2.13.4.diff with upstream changes and fixes since 2.13.4 up to 5f61bd4c: - add several abstractions related to xdg-open: dbus-network-manager-strict, exo-open, gio-open, gvfs-open, kde-open5, xdg-open - introduce AATT{run} variable - update dnsmasq and winbindd profile - update mdns, mesa and nameservice abstraction - some bugfixes in the aa-
* tools, including a remote bugfix in the YaST AppArmor module (boo#1171315)- drop upstream(ed) patches (now part of changes-since-2.13.4.diff): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-fix-utils-network-test.diff - make-4.3-network.diff - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch- apply usr-etc-abstractions-base-nameservice.diff only for Tumbleweed, but not for Leap 15.x where it\'s not needed- refresh usr-etc-abstractions-base-nameservice.diff
* Thu Apr 09 2020 Goldwyn Rodrigues - Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)
* Sat Mar 28 2020 Christian Boltz - fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff
* Thu Mar 12 2020 Christian Boltz - update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-
* tools - fix log parsing for logs with an embedded newline - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog- drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff- refresh usr-etc-abstractions-base-nameservice.diff
* Sat Jan 25 2020 Christian Boltz - add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)
  
ICM