USN-3784-1: AppArmor update

4 October 2018

AppArmor update

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Use a more restrictive blacklist in several policy abstractions.

Software Description

  • apparmor - Linux security system

Details

As a security improvement, this update adjusts the private-files abstraction to disallow writing to thumbnailer configuration files. Additionally adjust the private-files, private-files-strict and user-files abstractions to disallow writes on parent directories of sensitive files.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
apparmor - 2.12-4ubuntu5.1
Ubuntu 16.04 LTS
apparmor - 2.10.95-0ubuntu2.10
Ubuntu 14.04 LTS
apparmor - 2.10.95-0ubuntu2.6~14.04.4

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References