Overview

File _patchinfo of Package patchinfo.5005

<patchinfo incident="5005">
  <issue tracker="bnc" id="1057150">dovecot apparmor profile incorrect</issue>
  <issue tracker="bnc" id="1040898">[DVD Build0292] AppArmor mkstemp: Read-only file system</issue>
  <issue tracker="bnc" id="906858">VUL-1: aaa_base: LESSOPEN=lessopen.sh uses various other binaries, creates a large attack surface</issue>
  <issue tracker="bnc" id="1047937">aa-logprof cannot scan the log file and turn it into a profile rule</issue>
  <issue tracker="bnc" id="1111344">Backport fix for dnsmasq into SLES 12 SP4  (add permission to open log files)</issue>
  <issue tracker="bnc" id="1046784">AppArmor aa-logprof add new line of capability rule each time scan for the same system log</issue>
  <category>recommended</category>
  <rating>moderate</rating>
  <packager>pvorel</packager>
  <description>
This update for apparmor provides the following fixes:

- Add permission to open dnsmasq log files. (bsc#1111344)
- Add profile for usr.bin.lessopen.sh (bsc#906858)
- Fix dovecot apparmor profile (bsc#1057150)
- Add chown operation in adding to tree (bsc#1047937)
- Strip capability variable leading and trailing spaces (bsc#1046784)
- Force apparmor to start after local-fs.target as opposed to /var/lib (bsc#1040898)
- Avoid creating duplicate capability rules when scanning the same system log multiple times (bsc#1046784)
- Fix creating profile rules from scanned logs when the chown operation is used (bsc#1047937)
</description>
  <summary>Recommended update for apparmor</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places