This bug was fixed in the package dbus - 1.8.12-1ubuntu2
---------------
dbus (1.8.12-1ubuntu2) vivid; urgency=medium
* Refresh the patches related to AppArmor D-Bus mediation to reflect what
landed upstream in 1.9.12.
- 0001-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
0002-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch,
0003-Add-regression-test-for-LinuxSecurityLabel-credentia.patch,
0004-Add-LinuxSecurityLabel-to-specification.patch: Add patches that
report the AppArmor confinement context in the bus driver's
GetConnectionCredentials method. A "LinuxSecurityLabel" key will be
present in the dictionary returned by the GetConnectionCredentials
method. The corresponding value will be the AppArmor confinement context
of the connection.
- 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
0003-Update-autoconf-file-to-build-against-libapparmor.patch,
0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
0005-Initialize-AppArmor-mediation.patch,
0006-Store-AppArmor-label-of-bus-during-initialization.patch,
0007-Store-AppArmor-label-of-connecting-processes.patch,
0008-Mediation-of-processes-that-acquire-well-known-names.patch,
0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
0010-Mediation-of-processes-sending-and-receiving-message.patch,
0011-Mediation-of-processes-eavesdropping.patch: Replace the patches
with the version that were merged upstream. The upstream review process
revealed a number of bugs and useful cleanups that are addressed in the
new patches.
+ No longer audit denials of unrequested reply messages (LP: #1362469)
- aa-get-connection-apparmor-security-context.patch: Update patch to
include a bug fix, from Simon McVittie, for AppArmor labels that contain
non UTF-8 characters.
- 0012-apparmor-tighten-up-terminology-for-context-vs.-labe.patch,
0013-apparmor-Fix-build-failure-with-disable-apparmor.patch: New patches
that were merged upstream to clean up the AA mediation code and fix a
build failure
- 0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch: Drop
this patch. It became part of the "LinuxSecurityLabel" patch set and is
added back with a new file name.
0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Drop this
patch in favor of the "LinuxSecurityLabel" patch set. This means that
the AppArmorContext and AppArmorMode keys will not be present in the
dictionary returned by GetConnectionCredentials. Ubuntu shipped this
patch in 14.10 but, as far as I know, those keys were not used by any
applications in 14.10. Since this patch was not accepted upstream,
Ubuntu should drop it and new applications should begin using
"LinuxSecurityLabel".
-- Tyler Hicks <[email protected]> Thu, 19 Feb 2015 11:06:14 -0600
** Changed in: dbus (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1362469
Title:
AppArmor unrequested reply protection generates unallowable denials
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1362469/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
