mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
Update Release_Notes_4.1 beta3
John Johansen
parent
7fae5100a0
commit
86116b7f7c
1 changed files with 33 additions and 13 deletions
|
|
@ -22,7 +22,12 @@ This Release contains bug fixes to AppArmor 4.1 beta1 and beta2.
|
|||
|
||||
## Misc
|
||||
|
||||
- apparmor.vim: add missing units for rlimit cpu and rttime ([MR:1336](https://gitlab.com/apparmor/apparmor/-/merge_requests/1336))
|
||||
- apparmor.vim
|
||||
- add missing units for rlimit cpu and rttime ([MR:1336](https://gitlab.com/apparmor/apparmor/-/merge_requests/1336))
|
||||
- aa-remove-unknown
|
||||
- fix readability check ([MR:1438](https://gitlab.com/apparmor/apparmor/-/merge_requests/1438), [HUBMR:285915](https://github.com/NixOS/nixpkgs/pull/285915), [HUB:273164](https://github.com/NixOS/nixpkgs/issues/273164))
|
||||
|
||||
|
||||
|
||||
# Bug Fixes
|
||||
|
||||
|
|
@ -42,6 +47,8 @@ This Release contains bug fixes to AppArmor 4.1 beta1 and beta2.
|
|||
- fix do not change auditing information when applying deny ([MR:1408](https://gitlab.com/apparmor/apparmor/-/merge_requests/1408), [AABUG:461](https://gitlab.com/apparmor/apparmor/-/issues/461))
|
||||
- fix mapping of AA_CONT_MATCH for policydb compat entries ([MR:1409](https://gitlab.com/apparmor/apparmor/-/merge_requests/1409), [AABUG:462](https://gitlab.com/apparmor/apparmor/-/issues/462))
|
||||
- bug fix do not change auditing information when applying deny ([MR:1408](https://gitlab.com/apparmor/apparmor/-/merge_requests/1408), [AABUG:461](https://gitlab.com/apparmor/apparmor/-/issues/461))
|
||||
- fix equality tests for priority ([MR:1455](https://gitlab.com/apparmor/apparmor/-/merge_requests/1455
|
||||
))
|
||||
|
||||
|
||||
## Libraries
|
||||
|
|
@ -61,6 +68,8 @@ This Release contains bug fixes to AppArmor 4.1 beta1 and beta2.
|
|||
- improve UX when allowing rules in aa-notify and update the man page ([MR:1313](https://gitlab.com/apparmor/apparmor/-/merge_requests/1313))
|
||||
- store the child profile/hat name if we are in a child profile or hat instead of the main profile ([MR:1359](https://gitlab.com/apparmor/apparmor/-/merge_requests/1359))
|
||||
- aa-mergeprof: prevent backtrace if file not found ([MR:1403](https://gitlab.com/apparmor/apparmor/-/merge_requests/1403))
|
||||
- Remove match statements in utils for older Python compatibility ([MR:1440](https://gitlab.com/apparmor/apparmor/-/merge_requests/1440))
|
||||
- fixes/workarounds for python 3.13 missing cgitb ([MR:1439](https://gitlab.com/apparmor/apparmor/-/merge_requests/1439), [AABUG:447](https://gitlab.com/apparmor/apparmor/-/issues/447))
|
||||
|
||||
## Policy
|
||||
|
||||
|
|
@ -81,17 +90,13 @@ This Release contains bug fixes to AppArmor 4.1 beta1 and beta2.
|
|||
|
||||
|
||||
#### profiles
|
||||
|
||||
- slirp4netns: allow pivot_root ([MR:1298](https://gitlab.com/apparmor/apparmor/-/merge_requests/1298), [HUB:348](https://github.com/rootless-containers/slirp4netns/issues/348))
|
||||
- php-fpm:
|
||||
* confine php-fpm in both /usr/bin and /usr/sbin ([MR:1301](https://gitlab.com/apparmor/apparmor/-/merge_requests/1301), [AABUG:421](https://gitlab.com/apparmor/apparmor/-/issues/421))
|
||||
- add support for ArchLinux php-legacy package to php-fpm ([MR:1401](https://gitlab.com/apparmor/apparmor/-/merge_requests/1401), [AABUG:454](https://gitlab.com/apparmor/apparmor/-/issues/454))
|
||||
- widen allowed socket paths ([MR:1406](https://gitlab.com/apparmor/apparmor/-/merge_requests/1406), [LP:2061113](https://bugs.launchpad.net/bugs/2061113))
|
||||
* add support for ArchLinux php-legacy package ( [MR:1401](https://gitlab.com/apparmor/apparmor/-/merge_requests/1401), [AABUG:454](https://gitlab.com/apparmor/apparmor/-/issues/454), [LP:2061113](https://bugs.launchpad.net/bugs/2061113))
|
||||
* widen allowed socket paths ([MR:1406](https://gitlab.com/apparmor/apparmor/-/merge_requests/1406), [LP:2061113](https://bugs.launchpad.net/bugs/2061113))
|
||||
- ping: allow reading /proc/sys/net/ipv6/conf/all/disable_ipv6 ([MR:1340](https://gitlab.com/apparmor/apparmor/-/merge_requests/1340), [debug1082190](https://bugs.debian.org/1082190))
|
||||
- transmission: add attach_disconnected flag ([MR:1355](https://gitlab.com/apparmor/apparmor/-/merge_requests/1355), [LP:2083548](https://bugs.launchpad.net/bugs/2083548))
|
||||
- zgrep: deny reading /etc/nsswitch.conf and /etc/passwd ([MR:1361](https://gitlab.com/apparmor/apparmor/-/merge_requests/1361))
|
||||
|
||||
|
||||
- ping
|
||||
- allow reading /proc/sys/net/ipv6/conf/all/disable_ipv6 ([MR:1340](https://gitlab.com/apparmor/apparmor/-/merge_requests/1340), [debug1082190](https://bugs.debian.org/1082190))
|
||||
- Postfix
|
||||
- Support /usr/libexec/postfix/ path ([MR:1330](https://gitlab.com/apparmor/apparmor/-/merge_requests/1330))
|
||||
* postfix-anvil
|
||||
|
|
@ -124,21 +129,36 @@ This Release contains bug fixes to AppArmor 4.1 beta1 and beta2.
|
|||
* usr.sbin.postqueue
|
||||
* usr.sbin.sendmail
|
||||
* usr.sbin.sendmail.postfix
|
||||
|
||||
- postfix-master
|
||||
- add exec perm for postfix-tlsproxy and postscreen ([MR:1330](https://gitlab.com/apparmor/apparmor/-/merge_requests/1330))
|
||||
- postfix-postscreen
|
||||
- add abstractions/{nameservice,postfix-common} and cache map ([MR:1330](https://gitlab.com/apparmor/apparmor/-/merge_requests/1330))
|
||||
- postfix-showq
|
||||
- Allow reading queue ID files from /var/spool/postfix/hold/ ([MR:1454](https://gitlab.com/apparmor/apparmor/-/merge_requests/1454))
|
||||
- postfix-smtpd
|
||||
- add permissions to rwk /{var/spool/postfix/,}pid/pass.smtpd ([MR:1330](https://gitlab.com/apparmor/apparmor/-/merge_requests/1330))
|
||||
- postfix-tlsproxy
|
||||
- add new profile ([MR:1330](https://gitlab.com/apparmor/apparmor/-/merge_requests/1330))
|
||||
|
||||
- slirp4netns: allow pivot_root ([MR:1298](https://gitlab.com/apparmor/apparmor/-/merge_requests/1298), [HUB:348](https://github.com/rootless-containers/slirp4netns/issues/348))
|
||||
- transmission
|
||||
- add attach_disconnected flag ([MR:1355](https://gitlab.com/apparmor/apparmor/-/merge_requests/1355), [LP:2083548](https://bugs.launchpad.net/bugs/2083548))
|
||||
- smbd:
|
||||
- allow capability chown ([MR:1456](https://gitlab.com/apparmor/apparmor/-/merge_requests/1456), [BOS:1234327](https://bugzilla.suse.com/show_bug.cgi?id=1234327))
|
||||
- zgrep
|
||||
- deny reading /etc/nsswitch.conf and /etc/passwd ([MR:1361](https://gitlab.com/apparmor/apparmor/-/merge_requests/1361))
|
||||
|
||||
|
||||
|
||||
|
||||
## Tests
|
||||
|
||||
### Regression
|
||||
- resolve some compiler warnings ([MR:1407](https://gitlab.com/apparmor/apparmor/-/merge_requests/1407))
|
||||
- Regression:
|
||||
- resolve some compiler warnings ([MR:1407](https://gitlab.com/apparmor/apparmor/-/merge_requests/1407))
|
||||
- test-logprof
|
||||
- Increase test timeout ([MR:1417](https://gitlab.com/apparmor/apparmor/-/merge_requests/1417), [AABUG:463](https://gitlab.com/apparmor/apparmor/-/issues/463))
|
||||
- spread
|
||||
- add support for spread tests ([MR:1432](https://gitlab.com/apparmor/apparmor/-/merge_requests/1432))
|
||||
- add support for local kernel ([MR:1452](https://gitlab.com/apparmor/apparmor/-/merge_requests/1452))
|
||||
-equality
|
||||
- fix equality tests for priority ([MR:1455](https://gitlab.com/apparmor/apparmor/-/merge_requests/1455
|
||||
))
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue