Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Ubuntu 18.04 LTS USN-3784-1 Moderate: AppArmor Policy Improvements

ubuntu
Calendar Grey October 4, 2018
Dist Ubuntu Esm H88
The Ubuntu Security Notice USN-3784-1 outlines a significant AppArmor enhancement aimed at bolstering security in various Ubuntu LTS distributions.
Use a more restrictive blacklist in several policy abstractions.

Summary

Use a more restrictive blacklist in several policy abstractions.

Software Description:

- apparmor: Linux security system

Details:

As a security improvement, this update adjusts the private-files abstraction to

disallow writing to thumbnailer configuration files. Additionally adjust the

private-files, private-files-strict and user-files abstractions to disallow

writes on parent directories of sensitive files.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  apparmor                        2.12-4ubuntu5.1

Ubuntu 16.04 LTS:
  apparmor                        2.10.95-0ubuntu2.10

Ubuntu 14.04 LTS:
  apparmor                        2.10.95-0ubuntu2.6~14.04.4

In general, a standard system update will make all the necessary changes.

References

https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1788929, https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1794848

Severity
important
Lowest
Low
Medium
High
Critical

October 04, 2018

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.