Ubuntu Security Notice 3784-1 - As a security improvement, this update adjusts the private-files abstraction to disallow writing to thumbnailer configuration files. Additionally adjust the private-files, private-files-strict and user-files abstractions to disallow writes on parent directories of sensitive files.
42e7701d35e91ccf63b09f590147af231dc2559f0d994898106784abe916ba39
==========================================================================
Ubuntu Security Notice USN-3784-1
October 04, 2018
AppArmor update
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Use a more restrictive blacklist in several policy abstractions.
Software Description:
- apparmor: Linux security system
Details:
As a security improvement, this update adjusts the private-files abstraction to
disallow writing to thumbnailer configuration files. Additionally adjust the
private-files, private-files-strict and user-files abstractions to disallow
writes on parent directories of sensitive files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
apparmor 2.12-4ubuntu5.1
Ubuntu 16.04 LTS:
apparmor 2.10.95-0ubuntu2.10
Ubuntu 14.04 LTS:
apparmor 2.10.95-0ubuntu2.6~14.04.4
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3784-1
https://launchpad.net/bugs/1788929, https://launchpad.net/bugs/1794848
Package Information:
https://launchpad.net/ubuntu/+source/apparmor/2.12-4ubuntu5.1
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.10
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.6~14.04.4