[USN-3784-1] AppArmor update

protocol=”application/pgp-signature”; boundary=”xXmbgvnjoT4axfJE”
Content-Disposition: inline

–xXmbgvnjoT4axfJE

Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-3784-1
October 04, 2018

AppArmor update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Use a more restrictive blacklist in several policy abstractions.

Software Description:
– apparmor: Linux security system

Details:

As a security improvement, this update adjusts the private-files abstraction to
disallow writing to thumbnailer configuration files. Additionally adjust the
private-files, private-files-strict and user-files abstractions to disallow
writes on parent directories of sensitive files.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
apparmor 2.12-4ubuntu5.1

Ubuntu 16.04 LTS:
apparmor 2.10.95-0ubuntu2.10

Ubuntu 14.04 LTS:
apparmor 2.10.95-0ubuntu2.6~14.04.4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3784-1
https://launchpad.net/bugs/1788929, https://launchpad.net/bugs/1794848

Package Information:
https://launchpad.net/ubuntu/+source/apparmor/2.12-4ubuntu5.1
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.10
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.6~14.04.4

–xXmbgvnjoT4axfJE

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEETCDAa12L3miIVNKKUdvcWMxVlXMFAlu2pbYACgkQUdvcWMxV
lXNLDBAAtqpgZ9nYcAsyt3UeT6HR/fD+dcdOIiDQZK5D78hLqihJjkCljIGtN+fU
rXvnzJF0CjqgXotvowrBD5EOaDgVYugDeQeIZHNJC5xWgHQ8/Nd4mZXhFOvUmjBz
AW3MnXTAVCrGAE0m7oRt8Ru6NEyWTRR4vKmmrtHk+oGc3f3PsCTwtEE98VktbkEg
wLj9xr34ZvMhX4o7HK+js6jwOyr55UvbT1yQY+I2iNgLAVwVoRER6L8qe0g2awUA
96pCSH0/jvOSBC98bGUR93uHmWoaRPsgJWskZWZwoIbNLRL0ng84jwp08bCJSa50
eWWGCEzMh/nqnF/K2nuqDH37D0v80aoyUeDA0gz8o6dL7ynAth2E73d7yp2QXMCR
64XWuOqic+me8352nQvSphoC4k1Cf7nDVrhEBZ8CvvAZJEO4gzbeV38VYXs1y+W9
WOuzCFKoc3+BadctDed6/Fpg0yyUxCJeDWeB16jy0Gi9GT8M+/aBHP/ODYWajebx
661NZvyi3IqtlQEsuLumjtZg9dxZ54j4UyQjuvo74V/K3h9845g4OM4WCOUVXGdF
0RrkXpWw+o+VvgRV3U1JEH7v41WGdzeTXNT6T6NLr/JVB4MD73eP2YAhA1C2/WFP
ELB5FIcLH+Y2T3DynDc5vFmNbo2YmveqE9nTthyGa+BuQuzEPWU=
=c0rd
—–END PGP SIGNATURE—–

–xXmbgvnjoT4axfJE–

MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK