Ubuntu Security Notice USN-3247-1
28th March, 2017
apparmor vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
AppArmor could remove the confinement from some programs.
Software description
Stéphane Graber discovered that AppArmor incorrectly unloaded some profiles
when restarted or upgraded, contrary to expected behavior.
Update instructions
The problem can be corrected by updating your system to the following package version:
Ubuntu 16.10:
apparmor 2.10.95-4ubuntu5.3
Ubuntu 16.04 LTS:
apparmor 2.10.95-0ubuntu2.6
Ubuntu 14.04 LTS:
apparmor 2.10.95-0ubuntu2.6~14.04.1
Ubuntu 12.04 LTS:
apparmor 2.7.102-0ubuntu3.11
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
A new utility, called aa-remove-unknown, was added to assist with profiles that
would have been previously unloaded when AppArmor was restarted or upgraded.
References
CVE-2017-6507
Continue reading...
28th March, 2017
apparmor vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
AppArmor could remove the confinement from some programs.
Software description
- apparmor - Linux security system
Stéphane Graber discovered that AppArmor incorrectly unloaded some profiles
when restarted or upgraded, contrary to expected behavior.
Update instructions
The problem can be corrected by updating your system to the following package version:
Ubuntu 16.10:
apparmor 2.10.95-4ubuntu5.3
Ubuntu 16.04 LTS:
apparmor 2.10.95-0ubuntu2.6
Ubuntu 14.04 LTS:
apparmor 2.10.95-0ubuntu2.6~14.04.1
Ubuntu 12.04 LTS:
apparmor 2.7.102-0ubuntu3.11
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.
A new utility, called aa-remove-unknown, was added to assist with profiles that
would have been previously unloaded when AppArmor was restarted or upgraded.
References
CVE-2017-6507
Continue reading...
